$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146737.roa File: AS146737.roa (raw, json) Hash identifier: RyzfpTjFz73Rb6OkfPGZk2/AlQa2CMnfcnRDj7WYtPQ= Subject key identifier: B1:3B:D6:F6:20:EA:F3:71:0D:D9:E7:54:E2:7E:84:B5:0E:25:0C:D4 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 58F994358D97A9677D4CA62AD3F5C8E684E0652A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146737.roa Signing time: Wed 04 Mar 2026 06:39:15 +0000 ROA not before: Wed 04 Mar 2026 06:34:15 +0000 ROA not after: Wed 03 Mar 2027 06:39:15 +0000 asID: 146737 IP address blocks: 240a:aff7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:f9:94:35:8d:97:a9:67:7d:4c:a6:2a:d3:f5:c8:e6:84:e0:65:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:15 2026 GMT Not After : Mar 3 06:39:15 2027 GMT Subject: CN=B13BD6F620EAF3710DD9E754E27E84B50E250CD4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:2c:05:d9:be:1d:9a:43:5c:27:50:e7:91:44: 92:e7:bc:25:f1:8b:89:a1:4c:58:ac:51:e0:06:a5: 05:51:a0:20:f2:33:89:3d:fc:9a:f8:a8:67:7e:59: 82:c7:d5:9f:f6:39:fe:ed:a3:49:29:b5:6b:ab:98: bf:a7:2e:aa:f8:3b:d1:78:49:44:c4:02:68:07:ea: 56:ef:a0:47:35:ec:f6:f4:1c:f3:bb:45:11:74:22: 91:e2:90:41:aa:f0:95:58:cf:9c:ca:12:ad:d9:a9: d5:c0:79:b5:8c:1d:60:b2:08:2f:b7:d5:0e:ed:04: b6:33:fd:2c:73:c4:1d:75:96:f5:7c:50:72:86:5b: 8c:d8:9d:91:59:00:7a:72:ff:1a:0b:9d:72:f8:5b: a9:15:fd:70:e5:6c:ba:71:56:d6:c0:88:51:45:67: 1e:da:d1:d2:3d:2e:de:35:5f:a1:1a:40:76:dc:fc: f5:76:da:5f:11:c2:46:25:fe:d4:74:e8:50:17:da: b9:cb:d0:97:87:02:7a:2d:fb:1f:8a:a1:a6:b5:8d: 76:ba:4d:10:b7:32:2e:cd:b0:e7:3d:35:5e:45:db: 8d:20:47:92:d7:9c:1b:18:b5:5e:7c:61:5e:4c:9e: 27:3f:cc:01:94:95:4e:28:c4:53:92:97:4e:6c:d5: 19:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:3B:D6:F6:20:EA:F3:71:0D:D9:E7:54:E2:7E:84:B5:0E:25:0C:D4 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146737.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:aff7::/32 Signature Algorithm: sha256WithRSAEncryption 48:b6:60:6c:c8:aa:ee:21:45:7a:c0:40:d3:c6:53:ec:3d:29: 9f:c4:f6:05:35:60:cd:42:cd:a6:ae:65:51:82:98:aa:8a:14: 6e:9f:19:08:d3:bb:15:57:13:d1:c1:bd:27:13:bc:24:7d:bd: 10:fc:d5:28:6f:d7:d4:7f:9e:5a:66:eb:44:8f:fb:12:4e:05: f4:c0:94:96:46:0b:11:30:a5:28:dc:aa:15:87:c0:f3:c8:0c: d8:36:bb:45:36:e2:db:ee:ec:a6:6d:6b:ee:e2:c9:f9:4e:95: c0:e0:4e:a3:43:96:f0:be:91:da:66:51:33:f2:b5:f2:1a:be: 46:a7:63:78:73:b1:63:1b:9b:9e:6c:19:67:c1:fb:40:b6:f6: cd:bc:1b:b4:c1:c4:10:11:f6:3e:d7:59:dd:1f:99:40:ba:a4: 4b:02:16:41:17:e9:f6:33:60:78:00:16:80:5b:17:5b:54:46: fe:54:00:5f:c2:3b:cd:cb:87:1f:e0:26:85:33:84:46:96:52: e4:3e:fe:29:fa:70:8a:1a:87:96:74:77:34:51:25:d3:f9:ba: 33:d9:86:dd:bb:62:01:3f:35:43:28:35:cb:ca:89:5d:c7:8e: 1e:8e:66:95:a8:ac:fd:94:b5:02:de:9e:ac:2e:ce:c6:92:d6: 7a:30:2f:17 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUWPmUNY2XqWd9TKYq0/XI5oTgZSowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQxNVoX DTI3MDMwMzA2MzkxNVowMzExMC8GA1UEAxMoQjEzQkQ2RjYyMEVBRjM3MTBERDlF NzU0RTI3RTg0QjUwRTI1MENENDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgsBdm+HZpDXCdQ55FEkue8JfGLiaFMWKxR4AalBVGgIPIziT38mvioZ35Z gsfVn/Y5/u2jSSm1a6uYv6cuqvg70XhJRMQCaAfqVu+gRzXs9vQc87tFEXQikeKQ QarwlVjPnMoSrdmp1cB5tYwdYLIIL7fVDu0EtjP9LHPEHXWW9XxQcoZbjNidkVkA enL/GgudcvhbqRX9cOVsunFW1sCIUUVnHtrR0j0u3jVfoRpAdtz89XbaXxHCRiX+ 1HToUBfaucvQl4cCei37H4qhprWNdrpNELcyLs2w5z01XkXbjSBHktecGxi1Xnxh XkyeJz/MAZSVTijEU5KXTmzVGcECAwEAAaOCAcUwggHBMB0GA1UdDgQWBBSxO9b2 IOrzcQ3Z51TifoS1DiUM1DAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0NjczNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r/cwDQYJKoZIhvcNAQELBQADggEBAEi2YGzIqu4hRXrAQNPGU+w9KZ/E9gU1YM1C zaauZVGCmKqKFG6fGQjTuxVXE9HBvScTvCR9vRD81Shv19R/nlpm60SP+xJOBfTA lJZGCxEwpSjcqhWHwPPIDNg2u0U24tvu7KZta+7iyflOlcDgTqNDlvC+kdpmUTPy tfIavkanY3hzsWMbm55sGWfB+0C29s28G7TBxBAR9j7XWd0fmUC6pEsCFkEX6fYz YHgAFoBbF1tURv5UAF/CO83Lhx/gJoUzhEaWUuQ+/in6cIoah5Z0dzRRJdP5ujPZ ht27YgE/NUMoNcvKiV3Hjh6OZpWorP2UtQLenqwuzsaS1nowLxc= -----END CERTIFICATE-----Generated at Sat Mar 28 11:44:52 2026 by rpki-client