$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146724.roa File: AS146724.roa (raw, json) Hash identifier: 2h/JcL979Xlaw6SLfTfAWgkf0X99bq19sNWdZsnhBkM= Subject key identifier: 79:8D:1B:2E:5D:CB:B7:C4:3A:3C:0D:8C:5C:E8:AC:7D:A4:D9:F5:75 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 1BEA103C3316AECABCFFB07F2798A8AE9C0FA4D7 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146724.roa Signing time: Wed 04 Mar 2026 06:39:44 +0000 ROA not before: Wed 04 Mar 2026 06:34:44 +0000 ROA not after: Wed 03 Mar 2027 06:39:44 +0000 asID: 146724 IP address blocks: 240a:afea::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:ea:10:3c:33:16:ae:ca:bc:ff:b0:7f:27:98:a8:ae:9c:0f:a4:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:44 2026 GMT Not After : Mar 3 06:39:44 2027 GMT Subject: CN=798D1B2E5DCBB7C43A3C0D8C5CE8AC7DA4D9F575 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:ab:18:f8:0b:0f:a6:b5:a6:ad:f6:6a:f0:56: eb:a2:3e:c8:af:84:eb:76:73:2b:09:5e:8d:fc:45: 50:ee:82:11:f5:72:94:bf:a9:21:fd:08:cd:5f:81: e1:37:ad:10:84:34:64:af:70:ba:e8:2e:86:81:47: ed:b4:fd:40:b1:29:72:1b:05:d3:2e:01:14:8c:89: 69:22:e9:7c:8e:2f:4b:3c:e3:28:06:87:81:4d:d8: de:93:86:e2:f9:dd:5b:20:d8:ff:9d:72:67:c8:6a: a5:a3:f3:b5:97:a9:1a:37:32:fb:29:3f:76:b7:62: 90:83:34:17:96:fc:90:28:c2:98:c4:91:c4:85:7e: b5:d6:fb:eb:1a:28:60:cd:51:5b:8b:bd:b7:99:bc: 58:28:40:a8:8c:03:8b:d6:b7:8f:79:a1:b3:40:58: e1:34:0d:55:e1:0a:0a:1f:32:fa:ec:ac:ff:06:c7: e8:27:ff:8b:45:55:c7:f6:26:61:3c:dd:83:36:38: cf:03:71:d5:cc:4b:ba:f4:58:df:f7:65:2e:1d:4f: 9d:ab:ec:be:6f:6f:4f:ac:ee:93:c3:a0:3b:4f:b3: 3b:3f:86:79:08:6c:fe:9c:1e:d0:2d:76:37:16:f1: cf:44:d1:dc:d9:e7:4c:62:cf:dd:a4:23:45:81:39: 18:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:8D:1B:2E:5D:CB:B7:C4:3A:3C:0D:8C:5C:E8:AC:7D:A4:D9:F5:75 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146724.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:afea::/32 Signature Algorithm: sha256WithRSAEncryption 7f:19:c6:35:97:24:91:ff:bf:21:ae:8d:2a:19:b9:d7:14:e1: cb:3f:66:d9:bb:1d:84:10:08:5e:51:89:41:c3:9b:f2:21:5b: 0b:dd:2e:f8:43:62:d8:3a:e1:f4:6b:de:98:94:ee:03:da:37: c9:69:7d:f2:42:1c:95:a3:69:ac:6a:68:39:9b:ac:e3:46:65: dc:b7:73:98:f7:b9:fd:b3:72:32:ae:44:3d:b3:9e:34:ce:11: 4a:cd:4f:ca:b7:62:3c:d7:18:6b:8d:b6:53:8e:6b:5e:db:57: 40:0e:e4:f8:b1:b9:2e:63:28:a8:36:2f:7c:7e:52:0b:da:8b: fb:f5:36:84:f4:f9:82:29:77:8e:41:b3:a7:18:c2:49:c1:48: ac:e6:ae:6a:66:6e:30:60:85:f8:bd:1a:da:52:cc:dd:d6:c1: c7:ee:78:ee:00:8a:c8:d4:58:55:ec:57:7c:5e:72:f8:74:6f: 6b:16:b6:51:0e:70:ff:6e:ec:da:0e:6e:c6:69:88:c5:9c:a6: e9:f8:63:22:50:0d:25:f5:2f:72:ba:e1:6e:e6:23:40:8a:be: 36:cb:6c:71:2f:ed:0e:88:e5:03:e7:19:60:ad:5a:e0:cb:7b: 14:39:cb:8b:c5:cb:7f:f2:da:6a:3a:33:f6:80:c2:e9:6f:7a: 8d:e5:b1:ad -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUG+oQPDMWrsq8/7B/J5iorpwPpNcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQ0NFoX DTI3MDMwMzA2Mzk0NFowMzExMC8GA1UEAxMoNzk4RDFCMkU1RENCQjdDNDNBM0Mw RDhDNUNFOEFDN0RBNEQ5RjU3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOirGPgLD6a1pq32avBW66I+yK+E63ZzKwlejfxFUO6CEfVylL+pIf0IzV+B 4TetEIQ0ZK9wuuguhoFH7bT9QLEpchsF0y4BFIyJaSLpfI4vSzzjKAaHgU3Y3pOG 4vndWyDY/51yZ8hqpaPztZepGjcy+yk/drdikIM0F5b8kCjCmMSRxIV+tdb76xoo YM1RW4u9t5m8WChAqIwDi9a3j3mhs0BY4TQNVeEKCh8y+uys/wbH6Cf/i0VVx/Ym YTzdgzY4zwNx1cxLuvRY3/dlLh1Pnavsvm9vT6zuk8OgO0+zOz+GeQhs/pwe0C12 Nxbxz0TR3NnnTGLP3aQjRYE5GJkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR5jRsu Xcu3xDo8DYxc6Kx9pNn1dTAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjcyNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r+owDQYJKoZIhvcNAQELBQADggEBAH8ZxjWXJJH/vyGujSoZudcU4cs/Ztm7HYQQ CF5RiUHDm/IhWwvdLvhDYtg64fRr3piU7gPaN8lpffJCHJWjaaxqaDmbrONGZdy3 c5j3uf2zcjKuRD2znjTOEUrNT8q3YjzXGGuNtlOOa17bV0AO5PixuS5jKKg2L3x+ Ugvai/v1NoT0+YIpd45Bs6cYwknBSKzmrmpmbjBghfi9GtpSzN3WwcfueO4AisjU WFXsV3xecvh0b2sWtlEOcP9u7NoObsZpiMWcpun4YyJQDSX1L3K64W7mI0CKvjbL bHEv7Q6I5QPnGWCtWuDLexQ5y4vFy3/y2mo6M/aAwulveo3lsa0= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:19 2026 by rpki-client