$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS146740.roa File: AS146740.roa (raw, json) Hash identifier: Jb+2pjrgfmtCCQFCw4GWkZqUYIbYzQF0lbfxCIW2Eq4= Subject key identifier: 69:38:79:DC:B0:BD:2B:D5:74:42:3F:93:3B:11:B1:25:09:AD:AF:67 Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 204014D7B378E000DAAD3FF92AB1A746B36F23F6 Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS146740.roa Signing time: Wed 04 Mar 2026 06:39:33 +0000 ROA not before: Wed 04 Mar 2026 06:34:33 +0000 ROA not after: Wed 03 Mar 2027 06:39:33 +0000 asID: 146740 IP address blocks: 240a:affa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:40:14:d7:b3:78:e0:00:da:ad:3f:f9:2a:b1:a7:46:b3:6f:23:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:34:33 2026 GMT Not After : Mar 3 06:39:33 2027 GMT Subject: CN=693879DCB0BD2BD574423F933B11B12509ADAF67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:dd:3c:7e:19:6b:55:b9:dc:c9:37:a6:e2:27: ff:4b:ff:f9:a9:9e:67:1e:bb:3e:cc:37:10:0b:9c: 3b:24:fa:b2:10:1e:52:75:e0:6f:f0:4a:8d:3f:92: 32:2e:0d:64:63:b8:25:d1:e8:2c:f3:a1:35:83:b6: c8:29:74:0e:16:dc:4e:e7:c2:99:6b:c0:60:97:7b: 15:29:c9:bd:fe:0c:98:d0:bf:09:b1:fa:0e:92:77: ee:aa:07:65:e1:b4:71:c3:68:26:48:6c:c9:dd:f8: 2e:2f:0d:cf:92:c6:13:e1:3f:d9:4c:dd:5b:ba:a8: 49:da:23:ba:c8:3c:8a:5f:5f:f8:42:0d:39:49:78: ba:0c:f2:04:ea:1b:b6:63:50:af:fd:bf:70:23:06: 8e:8a:b4:82:21:48:68:7d:5d:90:0d:4d:f8:fd:52: c2:d9:c6:3e:39:ff:5b:c8:52:e2:62:1e:91:11:77: 34:d8:28:31:03:ef:3d:01:98:6c:59:65:9a:76:1b: 18:6e:a0:9a:28:35:83:21:b1:cd:a4:f1:ff:3a:c2: 90:94:1c:2f:0d:e5:62:e8:ba:e1:51:5b:0b:53:39: 7f:14:af:89:81:22:0c:a4:a6:82:c0:67:62:03:57: bc:e3:0e:c3:80:20:5e:fc:cb:f0:e5:f2:c1:7b:18: 7a:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:38:79:DC:B0:BD:2B:D5:74:42:3F:93:3B:11:B1:25:09:AD:AF:67 X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS146740.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:affa::/32 Signature Algorithm: sha256WithRSAEncryption 51:56:49:65:03:a0:af:ea:5f:b7:39:30:e1:aa:4b:2f:df:ae: 9b:4b:70:a3:05:e0:8b:88:61:fc:4c:08:59:6d:99:0c:f9:ba: 44:46:d3:c5:c9:2b:e1:3e:4a:a4:af:b5:20:bd:c7:db:b5:b1: d4:04:96:e8:c1:7a:a0:24:ad:05:86:31:a6:64:8a:13:ea:9a: 1d:7e:91:3e:24:c4:e9:8a:c4:28:c0:69:dd:05:29:e3:66:53: b1:92:91:08:82:83:be:4f:2a:32:06:ed:17:73:47:63:7d:b4: e3:4f:b5:3c:dd:ad:27:f2:5b:02:29:96:90:5a:df:0e:54:40: 75:11:7b:95:28:e9:e1:16:f0:72:03:1b:ea:7b:8c:ea:3b:1a: 42:f3:fd:43:7d:03:16:b1:ff:66:37:18:6e:87:3e:11:f2:22: ac:09:18:60:95:79:0e:ca:e0:74:d5:42:f6:9a:2e:83:de:20: 3d:c0:8b:86:9a:29:eb:d6:2b:32:e2:64:76:63:16:fd:9e:09: c7:c8:8f:0f:a3:72:e0:79:c0:50:69:11:7c:97:17:68:c0:d2: 34:81:d3:31:c5:8d:b0:45:82:17:ba:57:cf:4f:c3:04:a0:a7: 8b:0a:ce:f0:33:77:41:9f:1d:97:3b:b3:13:31:47:51:fd:09: 2b:27:21:ad -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUIEAU17N44ADarT/5KrGnRrNvI/YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MzQzM1oX DTI3MDMwMzA2MzkzM1owMzExMC8GA1UEAxMoNjkzODc5RENCMEJEMkJENTc0NDIz RjkzM0IxMUIxMjUwOUFEQUY2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOndPH4Za1W53Mk3puIn/0v/+ameZx67Psw3EAucOyT6shAeUnXgb/BKjT+S Mi4NZGO4JdHoLPOhNYO2yCl0DhbcTufCmWvAYJd7FSnJvf4MmNC/CbH6DpJ37qoH ZeG0ccNoJkhsyd34Li8Nz5LGE+E/2UzdW7qoSdojusg8il9f+EINOUl4ugzyBOob tmNQr/2/cCMGjoq0giFIaH1dkA1N+P1SwtnGPjn/W8hS4mIekRF3NNgoMQPvPQGY bFllmnYbGG6gmig1gyGxzaTx/zrCkJQcLw3lYui64VFbC1M5fxSviYEiDKSmgsBn YgNXvOMOw4AgXvzL8OXywXsYem8CAwEAAaOCAcUwggHBMB0GA1UdDgQWBBRpOHnc sL0r1XRCP5M7EbElCa2vZzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0Njc0MC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK r/owDQYJKoZIhvcNAQELBQADggEBAFFWSWUDoK/qX7c5MOGqSy/frptLcKMF4IuI YfxMCFltmQz5ukRG08XJK+E+SqSvtSC9x9u1sdQElujBeqAkrQWGMaZkihPqmh1+ kT4kxOmKxCjAad0FKeNmU7GSkQiCg75PKjIG7RdzR2N9tONPtTzdrSfyWwIplpBa 3w5UQHURe5Uo6eEW8HIDG+p7jOo7GkLz/UN9Axax/2Y3GG6HPhHyIqwJGGCVeQ7K 4HTVQvaaLoPeID3Ai4aaKevWKzLiZHZjFv2eCcfIjw+jcuB5wFBpEXyXF2jA0jSB 0zHFjbBFghe6V89PwwSgp4sKzvAzd0GfHZc7sxMxR1H9CSsnIa0= -----END CERTIFICATE-----Generated at Sat Mar 28 14:26:47 2026 by rpki-client