$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146731.roa File: AS146731.roa (raw, json) Hash identifier: 69hLVj6IsRkFwHKELP6gkdujkLOWhOFON5hfmyrheec= Subject key identifier: CD:B5:14:FD:64:9A:63:3C:F3:D4:C8:E1:3E:6E:FB:5D:2A:45:C4:D6 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 2F8B8C58D2FFAD36B53DA1056904716BCD648E78 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146731.roa Signing time: Wed 04 Mar 2026 06:39:38 +0000 ROA not before: Wed 04 Mar 2026 06:34:38 +0000 ROA not after: Wed 03 Mar 2027 06:39:38 +0000 asID: 146731 IP address blocks: 240a:aff1::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:8b:8c:58:d2:ff:ad:36:b5:3d:a1:05:69:04:71:6b:cd:64:8e:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:38 2026 GMT Not After : Mar 3 06:39:38 2027 GMT Subject: CN=CDB514FD649A633CF3D4C8E13E6EFB5D2A45C4D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:36:93:cc:57:7c:bb:11:35:40:0d:47:86:b9: 72:d6:a8:61:bb:9e:4f:ca:da:41:a8:33:3a:d4:01: 5c:06:2d:84:da:55:4a:ac:4f:29:54:e1:4d:60:cc: 3f:90:7a:62:a7:73:03:2a:1d:27:34:8d:2e:c1:91: 98:e3:f9:e6:d5:c1:9a:21:e3:f1:6f:e4:0e:bc:45: 42:5a:88:71:9f:b5:6f:3d:ff:03:e2:4c:55:d0:16: ca:e7:fc:ae:bb:66:ff:87:d7:78:93:b8:cf:3a:10: 32:f3:66:40:58:15:8c:90:81:f6:79:df:f8:a3:f7: 35:be:b7:f1:ee:cb:a4:2c:00:2c:d4:91:4a:f5:bd: 2d:65:e6:1d:ea:be:cb:84:16:d1:63:0e:4b:5a:c3: 27:c9:9e:b7:81:26:67:46:3a:75:6a:96:72:5a:91: 14:96:6d:6f:da:79:81:41:6b:de:53:f4:69:94:08: f1:da:cb:f6:98:0b:9d:9f:ca:d8:a4:8b:e0:f2:b8: 4c:51:c1:1c:83:7a:63:e8:9a:4f:69:14:71:fd:e8: 5e:f9:ea:53:fe:38:2a:01:db:7f:10:e8:ec:63:04: 77:cb:f1:ee:1f:07:0a:f9:b9:28:ce:5f:a4:0d:94: 43:b7:53:01:f1:0f:97:9b:b2:e4:1d:61:ba:58:71: 51:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:B5:14:FD:64:9A:63:3C:F3:D4:C8:E1:3E:6E:FB:5D:2A:45:C4:D6 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146731.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aff1::/32 Signature Algorithm: sha256WithRSAEncryption 5a:d7:05:83:44:c9:7b:e1:c2:47:26:bb:3c:62:c8:3f:1f:b2: 4d:1f:51:86:cf:32:12:13:e5:41:b8:ee:3d:8e:1a:f0:a1:6f: b9:07:b0:4d:d1:23:02:89:b3:62:02:0c:86:6d:4e:b2:bf:00: c9:ad:3f:fc:d1:b5:25:f5:84:61:d6:19:b4:9a:35:46:9c:13: eb:16:0d:4a:01:49:bd:42:85:6b:bb:44:0c:a7:68:fd:6f:51: ba:72:de:e6:0b:01:65:02:02:3c:62:1f:76:d3:62:49:53:f2: 31:51:1c:91:66:52:eb:e5:a0:05:e7:cd:8a:76:33:6a:42:fc: 5c:e8:ce:29:20:4f:7d:d7:b9:55:4d:3f:2a:5a:18:ea:57:5f: 55:ed:cb:fd:c3:44:f7:04:f0:82:6e:1b:d3:5e:a8:46:07:7c: 43:14:d2:b6:28:e2:6a:68:26:38:c4:f2:fb:48:84:0a:04:47: 83:10:e0:7f:21:38:c7:e9:cf:93:fa:9a:30:2f:6b:eb:5d:8a: 72:09:c9:1e:36:b9:55:8f:bb:5e:68:3a:da:c7:b9:eb:5d:8d: b2:f0:0f:5c:02:46:c1:b1:c4:b2:54:3d:75:e4:c0:e4:4d:9b: e3:fb:91:35:7b:2b:d0:7d:e7:f3:63:1f:a5:46:42:c9:39:86: 82:be:03:78 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUL4uMWNL/rTa1PaEFaQRxa81kjngwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQzOFoX DTI3MDMwMzA2MzkzOFowMzExMC8GA1UEAxMoQ0RCNTE0RkQ2NDlBNjMzQ0YzRDRD OEUxM0U2RUZCNUQyQTQ1QzRENjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKQ2k8xXfLsRNUANR4a5ctaoYbueT8raQagzOtQBXAYthNpVSqxPKVThTWDM P5B6YqdzAyodJzSNLsGRmOP55tXBmiHj8W/kDrxFQlqIcZ+1bz3/A+JMVdAWyuf8 rrtm/4fXeJO4zzoQMvNmQFgVjJCB9nnf+KP3Nb638e7LpCwALNSRSvW9LWXmHeq+ y4QW0WMOS1rDJ8met4EmZ0Y6dWqWclqRFJZtb9p5gUFr3lP0aZQI8drL9pgLnZ/K 2KSL4PK4TFHBHIN6Y+iaT2kUcf3oXvnqU/44KgHbfxDo7GMEd8vx7h8HCvm5KM5f pA2UQ7dTAfEPl5uy5B1hulhxUWkCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBTNtRT9 ZJpjPPPUyOE+bvtdKkXE1jAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjczMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r/EwDQYJKoZIhvcNAQELBQADggEBAFrXBYNEyXvhwkcmuzxiyD8fsk0fUYbPMhIT 5UG47j2OGvChb7kHsE3RIwKJs2ICDIZtTrK/AMmtP/zRtSX1hGHWGbSaNUacE+sW DUoBSb1ChWu7RAynaP1vUbpy3uYLAWUCAjxiH3bTYklT8jFRHJFmUuvloAXnzYp2 M2pC/FzozikgT33XuVVNPypaGOpXX1Xty/3DRPcE8IJuG9NeqEYHfEMU0rYo4mpo JjjE8vtIhAoER4MQ4H8hOMfpz5P6mjAva+tdinIJyR42uVWPu15oOtrHuetdjbLw D1wCRsGxxLJUPXXkwORNm+P7kTV7K9B95/NjH6VGQsk5hoK+A3g= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:15 2026 by rpki-client