$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146720.roa File: AS146720.roa (raw, json) Hash identifier: vhdXP2KJsBtC4zV/htm23530fbfc3ZvMrZubjACodsY= Subject key identifier: 75:26:E8:FF:CA:20:77:B9:B3:57:78:5B:0D:2C:95:62:2E:F6:40:C6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5A8B3811885AEEB0517535E88B6BEF668B165952 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146720.roa Signing time: Wed 04 Mar 2026 06:39:28 +0000 ROA not before: Wed 04 Mar 2026 06:34:28 +0000 ROA not after: Wed 03 Mar 2027 06:39:28 +0000 asID: 146720 IP address blocks: 240a:afe6::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:8b:38:11:88:5a:ee:b0:51:75:35:e8:8b:6b:ef:66:8b:16:59:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:28 2026 GMT Not After : Mar 3 06:39:28 2027 GMT Subject: CN=7526E8FFCA2077B9B357785B0D2C95622EF640C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:8f:b5:eb:27:fc:14:23:f7:48:9b:4d:88:ad: 31:dc:3e:b7:51:49:05:e1:10:16:57:a7:8f:cb:33: 7d:da:48:fe:f7:eb:b5:4c:82:59:ac:9d:59:f8:73: 6f:0d:11:89:43:4d:be:d5:cd:41:a1:c2:79:fa:7b: 4a:24:d9:8a:5b:2c:d7:05:85:85:63:17:60:2c:7a: c2:58:9f:c6:bf:83:0c:05:d3:64:fa:44:cc:6c:88: 68:5e:ec:90:b6:45:f3:0c:c3:70:69:bf:78:f2:dc: 10:ae:1e:e4:f0:0b:bd:79:aa:56:11:77:a1:6f:c9: c5:0d:dc:20:6a:3e:75:94:94:9b:7b:73:d4:7e:bb: 44:1f:23:08:f6:1b:55:10:93:10:bd:27:c2:e7:1e: 6a:0b:6e:b8:a9:47:de:78:17:57:c9:17:c1:ff:dc: 8e:04:ba:47:3f:66:1b:dc:8a:0d:2b:dc:6b:23:d4: 61:ec:0f:59:f1:92:54:a1:75:87:4a:8a:2a:d7:57: a9:d1:89:d9:10:c3:ac:3f:5f:a6:fa:d5:e4:ba:30: bd:6f:ac:4e:10:91:80:0c:e8:70:6e:31:9e:df:a4: 95:63:cd:e5:b0:c0:a5:be:61:c4:72:66:08:ed:63: d8:59:1c:9a:f2:4a:a9:36:2d:5b:44:36:08:e9:33: 13:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:26:E8:FF:CA:20:77:B9:B3:57:78:5B:0D:2C:95:62:2E:F6:40:C6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146720.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afe6::/32 Signature Algorithm: sha256WithRSAEncryption db:7b:1e:36:20:06:20:9d:ec:37:84:e9:90:ff:34:73:8c:f2: 3f:37:8b:65:e1:eb:40:1f:0b:76:20:a5:4f:7e:15:15:19:6e: 32:dc:9b:0d:38:e6:00:e6:b3:22:4f:9e:0d:60:f2:ce:db:ed: e0:15:09:92:bf:98:62:66:85:8a:d1:5a:0d:e0:68:0f:af:ab: 94:d3:c9:aa:00:9c:e6:9f:61:09:b3:5d:08:d1:7e:78:a1:9d: 2c:d7:75:74:28:04:57:f4:af:1c:d6:8b:af:fb:e5:c7:6f:81: 87:62:75:6c:30:19:29:95:35:0c:13:3f:70:71:03:6c:ec:42: 21:67:a0:d2:2e:1c:b9:f4:d5:22:66:aa:44:5d:0d:5e:f7:1e: 12:86:5e:3a:7e:42:cd:5a:7f:c6:1f:96:00:52:27:a8:39:78: 26:72:df:3e:d4:25:a1:eb:d9:01:ce:b7:c3:f4:bd:e8:d2:03: 96:ce:df:e3:48:e8:aa:da:e3:a0:2c:ab:f0:70:5f:66:af:7a: 41:07:7e:55:05:17:6d:de:f4:18:48:48:03:f5:06:67:b8:65: e8:fd:ba:26:2c:4c:75:18:84:93:c6:e3:08:e5:43:48:92:c2: 82:84:12:15:e9:2c:10:0f:4c:15:61:04:af:f0:a8:fd:1e:5c: 92:cd:04:ee -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWos4EYha7rBRdTXoi2vvZosWWVIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQyOFoX DTI3MDMwMzA2MzkyOFowMzExMC8GA1UEAxMoNzUyNkU4RkZDQTIwNzdCOUIzNTc3 ODVCMEQyQzk1NjIyRUY2NDBDNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMmPtesn/BQj90ibTYitMdw+t1FJBeEQFlenj8szfdpI/vfrtUyCWaydWfhz bw0RiUNNvtXNQaHCefp7SiTZilss1wWFhWMXYCx6wlifxr+DDAXTZPpEzGyIaF7s kLZF8wzDcGm/ePLcEK4e5PALvXmqVhF3oW/JxQ3cIGo+dZSUm3tz1H67RB8jCPYb VRCTEL0nwuceagtuuKlH3ngXV8kXwf/cjgS6Rz9mG9yKDSvcayPUYewPWfGSVKF1 h0qKKtdXqdGJ2RDDrD9fpvrV5LowvW+sThCRgAzocG4xnt+klWPN5bDApb5hxHJm CO1j2FkcmvJKqTYtW0Q2COkzExMCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR1Juj/ yiB3ubNXeFsNLJViLvZAxjAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjcyMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r+YwDQYJKoZIhvcNAQELBQADggEBANt7HjYgBiCd7DeE6ZD/NHOM8j83i2Xh60Af C3YgpU9+FRUZbjLcmw045gDmsyJPng1g8s7b7eAVCZK/mGJmhYrRWg3gaA+vq5TT yaoAnOafYQmzXQjRfnihnSzXdXQoBFf0rxzWi6/75cdvgYdidWwwGSmVNQwTP3Bx A2zsQiFnoNIuHLn01SJmqkRdDV73HhKGXjp+Qs1af8YflgBSJ6g5eCZy3z7UJaHr 2QHOt8P0vejSA5bO3+NI6Kra46Asq/BwX2avekEHflUFF23e9BhISAP1Bme4Zej9 uiYsTHUYhJPG4wjlQ0iSwoKEEhXpLBAPTBVhBK/wqP0eXJLNBO4= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:58 2026 by rpki-client