$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146716.roa File: AS146716.roa (raw, json) Hash identifier: PC3thw+HJdr4UT9V3M9LDeyO2mtVovTUAIQ9mEOe19E= Subject key identifier: EC:DC:DA:01:40:26:1E:D4:B5:6D:F0:8A:E0:FF:47:D7:47:EB:D6:CF Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 0592AE7A936E55843791D92A97EBFBAC3AE113B1 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146716.roa Signing time: Wed 04 Mar 2026 06:39:32 +0000 ROA not before: Wed 04 Mar 2026 06:34:32 +0000 ROA not after: Wed 03 Mar 2027 06:39:32 +0000 asID: 146716 IP address blocks: 240a:afe2::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:92:ae:7a:93:6e:55:84:37:91:d9:2a:97:eb:fb:ac:3a:e1:13:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:32 2026 GMT Not After : Mar 3 06:39:32 2027 GMT Subject: CN=ECDCDA0140261ED4B56DF08AE0FF47D747EBD6CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:0a:f5:ba:ce:4d:29:84:b4:28:9d:04:92:5d: 96:d9:f8:d2:70:3b:91:8e:dd:91:1d:8f:c4:01:44: 3b:5e:5c:05:f1:9a:9b:34:f5:ee:ff:4f:60:e7:5c: b1:c3:5f:3b:8a:da:30:43:c2:c3:f5:4e:13:0e:bc: e7:e5:c7:2e:1a:1c:a3:f8:ae:86:83:8d:78:b2:a4: 21:c1:a1:3a:f9:ad:52:c0:0b:4a:c4:64:db:24:7e: 98:69:04:ab:5d:3d:4f:10:b2:bc:5b:81:83:d9:cf: 11:48:f1:aa:73:81:2b:6d:31:4a:f8:4f:59:c5:b6: ec:c4:ef:0a:86:c2:e0:0d:06:50:93:be:ae:52:51: 76:ed:90:71:e3:d7:d9:8c:df:53:96:0d:ab:cb:4c: e5:2b:cc:9c:59:3e:53:c3:8b:bc:21:c0:a4:08:55: 69:b4:ad:18:98:51:1f:59:b4:63:ec:4a:6c:0a:39: 98:ea:7e:42:f2:0e:d6:43:fc:86:37:8f:f3:78:79: bf:bc:97:39:81:3a:37:93:80:9e:fd:af:e5:1f:a4: 23:40:d6:88:66:57:4a:cd:5f:e2:af:24:cf:31:eb: e1:33:25:6c:0a:4c:f5:82:63:d2:eb:49:7d:fa:63: e3:72:0f:3a:6f:58:43:76:6d:32:55:6d:13:d9:3e: a9:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:DC:DA:01:40:26:1E:D4:B5:6D:F0:8A:E0:FF:47:D7:47:EB:D6:CF X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146716.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afe2::/32 Signature Algorithm: sha256WithRSAEncryption 67:bd:41:11:02:95:a2:13:98:3d:90:b2:b6:d6:51:fa:a4:aa: d9:32:51:63:f0:37:71:e0:af:54:a4:58:8b:6f:ca:53:d7:9e: 25:7f:42:94:59:bc:51:67:a4:81:9f:64:47:8d:34:53:82:27: 89:0a:d0:1b:ff:c0:95:50:a5:e0:ec:60:3a:dd:38:a8:74:88: e1:1e:95:78:46:ff:6b:91:c6:30:4d:3e:ab:e4:74:1d:4d:80: 9a:6b:c3:dc:1e:53:9c:b6:ee:3f:36:b8:a5:63:ec:b7:1c:17: a2:44:47:62:1d:4b:82:39:cf:18:d1:e0:77:e3:e0:e3:a6:2b: fd:7c:00:d6:1c:c1:71:fb:b6:ad:33:e5:b4:48:d0:e1:af:6a: c1:b2:ea:63:d5:7c:a2:1f:23:cf:05:7b:80:0f:2c:38:07:ff: 96:5a:ad:e9:de:dc:9f:98:db:bb:5f:a3:0d:3d:5f:13:cd:db: 2d:5b:8b:5e:51:88:95:cd:a2:64:ad:e3:28:de:83:7a:30:dc: 0d:91:2a:66:5c:c6:4b:e7:3d:bb:4c:32:3e:02:40:cf:f5:c9: 02:66:2b:a3:83:c8:e5:a8:ac:23:20:b1:ee:72:54:7e:bf:fa: 09:e0:02:5e:69:d3:a8:27:29:06:50:3f:86:a0:72:ab:3c:a2: 66:66:e6:0e -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUBZKuepNuVYQ3kdkql+v7rDrhE7EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQzMloX DTI3MDMwMzA2MzkzMlowMzExMC8GA1UEAxMoRUNEQ0RBMDE0MDI2MUVENEI1NkRG MDhBRTBGRjQ3RDc0N0VCRDZDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0K9brOTSmEtCidBJJdltn40nA7kY7dkR2PxAFEO15cBfGamzT17v9PYOdc scNfO4raMEPCw/VOEw685+XHLhoco/iuhoONeLKkIcGhOvmtUsALSsRk2yR+mGkE q109TxCyvFuBg9nPEUjxqnOBK20xSvhPWcW27MTvCobC4A0GUJO+rlJRdu2QcePX 2YzfU5YNq8tM5SvMnFk+U8OLvCHApAhVabStGJhRH1m0Y+xKbAo5mOp+QvIO1kP8 hjeP83h5v7yXOYE6N5OAnv2v5R+kI0DWiGZXSs1f4q8kzzHr4TMlbApM9YJj0utJ ffpj43IPOm9YQ3ZtMlVtE9k+qYkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTs3NoB QCYe1LVt8Irg/0fXR+vWzzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjcxNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r+IwDQYJKoZIhvcNAQELBQADggEBAGe9QREClaITmD2QsrbWUfqkqtkyUWPwN3Hg r1SkWItvylPXniV/QpRZvFFnpIGfZEeNNFOCJ4kK0Bv/wJVQpeDsYDrdOKh0iOEe lXhG/2uRxjBNPqvkdB1NgJprw9weU5y27j82uKVj7LccF6JER2IdS4I5zxjR4Hfj 4OOmK/18ANYcwXH7tq0z5bRI0OGvasGy6mPVfKIfI88Fe4APLDgH/5Zarene3J+Y 27tfow09XxPN2y1bi15RiJXNomSt4yjeg3ow3A2RKmZcxkvnPbtMMj4CQM/1yQJm K6ODyOWorCMgse5yVH6/+gngAl5p06gnKQZQP4agcqs8omZm5g4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:43:34 2026 by rpki-client