$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146704.roa File: AS146704.roa (raw, json) Hash identifier: US7Yx6JnkU/Ji2lgbTHXn/DsuUBOzZGBFQrJqZawBME= Subject key identifier: 65:A6:41:E3:22:4E:7F:40:E7:89:0E:D3:0E:C9:FA:27:9C:76:68:53 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 045B9168A5D3A3D0C273D238E21331149638B852 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146704.roa Signing time: Wed 04 Mar 2026 06:39:45 +0000 ROA not before: Wed 04 Mar 2026 06:34:45 +0000 ROA not after: Wed 03 Mar 2027 06:39:45 +0000 asID: 146704 IP address blocks: 240a:afd6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:5b:91:68:a5:d3:a3:d0:c2:73:d2:38:e2:13:31:14:96:38:b8:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:45 2026 GMT Not After : Mar 3 06:39:45 2027 GMT Subject: CN=65A641E3224E7F40E7890ED30EC9FA279C766853 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c6:49:61:0a:f2:bb:be:1d:76:92:98:de:29: 5c:1e:b8:d4:53:98:6a:50:a5:ee:58:a5:0b:39:cb: b9:95:d3:cc:77:15:e9:4e:a7:47:aa:f8:46:01:9d: d1:4c:0f:22:bc:0e:b6:d8:24:16:94:11:aa:9d:22: 3a:cb:30:88:f1:9c:92:ba:73:40:61:cd:70:a1:c0: 9a:16:fd:e4:10:06:75:4b:25:9e:6c:0f:f5:7c:8e: a0:7f:2a:d9:03:ee:6f:83:9a:b0:3f:cb:4c:f3:2d: 19:41:30:08:55:df:25:9e:96:65:2e:b9:13:b5:94: e7:28:50:80:48:59:96:95:0c:2f:18:f8:b9:f1:02: 44:0b:5f:36:ca:d9:b1:e8:84:26:b8:ca:d9:5a:bb: 53:76:47:92:ad:6f:f8:fd:ec:27:f4:b2:d0:3c:94: 5b:42:2e:a4:ea:5f:85:f6:81:24:9a:c0:8e:11:12: 45:79:a9:34:a0:38:46:f0:86:33:9e:5d:e1:85:64: be:cc:e2:3e:76:39:5e:b3:50:9a:35:3b:1b:b9:8e: f0:f8:ad:72:80:e6:51:01:6e:00:99:61:06:8b:5b: 5f:e6:a2:5e:37:f6:c9:31:fc:1d:74:67:7f:73:9b: e7:78:6a:65:c3:42:cf:62:07:5f:18:ca:21:a0:10: 77:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:A6:41:E3:22:4E:7F:40:E7:89:0E:D3:0E:C9:FA:27:9C:76:68:53 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146704.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afd6::/32 Signature Algorithm: sha256WithRSAEncryption 9e:88:f7:72:13:75:1e:1c:da:0e:94:a4:a0:1e:d8:4b:a2:0f: 2b:25:ac:ab:c4:e0:1a:3b:54:38:51:76:57:45:cd:86:18:7c: 10:59:6b:b1:95:f7:97:77:1d:e2:37:3c:d3:44:9d:a5:8d:10: 5a:7c:34:fe:dd:e9:e3:45:43:0c:9b:3a:e1:58:e7:6d:f1:fa: 5d:41:9c:bd:eb:10:b4:b6:dd:80:fe:d0:8b:72:4f:b2:b7:57: f0:00:84:23:10:12:27:c5:c4:ed:fa:53:01:89:0a:62:2d:ea: 5f:e3:03:43:0c:57:c6:50:f5:0d:45:47:37:05:90:d3:74:bd: 4d:f4:56:e1:bf:89:53:bf:64:19:39:6c:b9:84:ac:1a:59:85: 31:9e:11:a7:a3:39:09:ef:81:8f:4e:27:4d:9f:cc:fa:55:a3: c1:3c:85:3d:2c:24:93:70:2e:77:fa:fa:8e:55:2e:94:2e:f7: 74:52:9e:08:fc:7c:fb:84:24:14:43:39:9f:2b:35:fc:27:a1: a7:8c:45:af:59:ac:cb:0b:b3:7e:06:a1:cb:3b:9d:95:5e:fc: ff:d2:16:e6:8c:fd:a1:55:2b:16:95:6d:94:f4:9d:90:92:e3: 08:c8:d4:0d:cb:e4:ee:2a:55:80:43:0b:e5:5d:87:40:01:16: dd:67:a4:38 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBFuRaKXTo9DCc9I44hMxFJY4uFIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0NVoX DTI3MDMwMzA2Mzk0NVowMzExMC8GA1UEAxMoNjVBNjQxRTMyMjRFN0Y0MEU3ODkw RUQzMEVDOUZBMjc5Qzc2Njg1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMjGSWEK8ru+HXaSmN4pXB641FOYalCl7lilCznLuZXTzHcV6U6nR6r4RgGd 0UwPIrwOttgkFpQRqp0iOsswiPGckrpzQGHNcKHAmhb95BAGdUslnmwP9XyOoH8q 2QPub4OasD/LTPMtGUEwCFXfJZ6WZS65E7WU5yhQgEhZlpUMLxj4ufECRAtfNsrZ seiEJrjK2Vq7U3ZHkq1v+P3sJ/Sy0DyUW0IupOpfhfaBJJrAjhESRXmpNKA4RvCG M55d4YVkvsziPnY5XrNQmjU7G7mO8PitcoDmUQFuAJlhBotbX+aiXjf2yTH8HXRn f3Ob53hqZcNCz2IHXxjKIaAQdxMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRlpkHj Ik5/QOeJDtMOyfonnHZoUzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjcwNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r9YwDQYJKoZIhvcNAQELBQADggEBAJ6I93ITdR4c2g6UpKAe2EuiDyslrKvE4Bo7 VDhRdldFzYYYfBBZa7GV95d3HeI3PNNEnaWNEFp8NP7d6eNFQwybOuFY523x+l1B nL3rELS23YD+0ItyT7K3V/AAhCMQEifFxO36UwGJCmIt6l/jA0MMV8ZQ9Q1FRzcF kNN0vU30VuG/iVO/ZBk5bLmErBpZhTGeEaejOQnvgY9OJ02fzPpVo8E8hT0sJJNw Lnf6+o5VLpQu93RSngj8fPuEJBRDOZ8rNfwnoaeMRa9ZrMsLs34Gocs7nZVe/P/S FuaM/aFVKxaVbZT0nZCS4wjI1A3L5O4qVYBDC+Vdh0ABFt1npDg= -----END CERTIFICATE-----Generated at Sat Mar 28 14:30:42 2026 by rpki-client