$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS0.roa File: AS0.roa (raw, json) Hash identifier: MGE1I5nLgi2EXKW8NuMkkJLFt6UGuB4YuKT8zQml0/c= Subject key identifier: 8E:EE:F1:2E:EF:67:5B:F3:C8:2F:1A:04:CC:E9:6A:AC:F7:A4:2E:4F Certificate issuer: /CN=1FFF263C64163BC58514B539C10375CCB553D75E Certificate serial: 026662D68FEE06E8949996842103C5162DB0630C Authority key identifier: 1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS0.roa Signing time: Thu 28 May 2026 10:01:09 +0000 ROA not before: Thu 28 May 2026 09:56:09 +0000 ROA not after: Thu 27 May 2027 10:01:09 +0000 asID: 0 IP address blocks: 45.252.132.0/22 maxlen: 24 45.252.136.0/22 maxlen: 24 59.153.168.0/22 maxlen: 22 59.153.170.0/23 maxlen: 24 59.153.172.0/22 maxlen: 24 59.153.176.0/22 maxlen: 24 59.153.180.0/22 maxlen: 24 59.153.184.0/22 maxlen: 24 59.153.188.0/22 maxlen: 24 59.153.192.0/22 maxlen: 24 150.242.236.0/22 maxlen: 22 150.242.236.0/23 maxlen: 24 202.57.216.0/22 maxlen: 24 202.58.112.0/22 maxlen: 24 202.89.97.0/24 maxlen: 24 202.89.98.0/23 maxlen: 24 202.89.108.0/22 maxlen: 24 202.136.248.0/22 maxlen: 24 202.174.124.0/22 maxlen: 24 2403:1b80::/32 maxlen: 32 2406:1e80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Jun 2026 23:56:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:66:62:d6:8f:ee:06:e8:94:99:96:84:21:03:c5:16:2d:b0:63:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FFF263C64163BC58514B539C10375CCB553D75E Validity Not Before: May 28 09:56:09 2026 GMT Not After : May 27 10:01:09 2027 GMT Subject: CN=8EEEF12EEF675BF3C82F1A04CCE96AACF7A42E4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:61:bc:01:33:5c:07:ad:9c:b8:ce:66:04:02: a0:ff:4d:2a:c4:d9:c3:52:84:90:de:2b:56:56:3b: 9a:0f:f8:68:51:a3:d2:b8:75:71:5d:8b:eb:ac:5a: b6:5d:f4:8c:4d:59:5e:bb:11:f5:29:ff:da:2f:8e: 52:54:6a:7a:e8:72:83:de:7a:ba:7c:62:8b:d7:7a: 23:10:f6:f7:96:5e:37:ac:d9:79:35:ae:77:18:04: 9a:96:f7:92:07:06:ce:9b:e9:6e:99:3a:2d:6f:6d: a1:cf:b0:f7:69:3c:66:dd:c3:b9:82:8e:c2:45:58: 94:8a:fd:9d:44:93:11:1b:14:5c:59:ad:f5:ac:0b: 94:48:ea:55:8a:79:09:ea:41:d7:04:62:0d:0b:6c: 99:a7:65:4b:a8:b8:52:a3:c4:c3:1b:1e:7e:8a:7f: ee:10:db:36:40:6d:28:d8:ac:99:bd:ae:56:b4:ba: 35:75:36:00:3c:e3:dc:b6:7c:bd:ed:2a:f1:46:63: 0b:55:45:4f:74:e6:1d:19:93:65:86:f1:65:b1:2e: b9:5f:77:2f:a0:ac:85:2b:2e:44:66:42:e2:ed:76: e1:b0:ea:aa:da:2d:1a:19:a5:fa:67:79:d4:fb:72: 68:25:c7:bb:ed:93:aa:da:cd:dc:5d:c8:b1:08:5a: 03:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:EE:F1:2E:EF:67:5B:F3:C8:2F:1A:04:CC:E9:6A:AC:F7:A4:2E:4F X509v3 Authority Key Identifier: keyid:1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.252.132.0-45.252.139.255 59.153.168.0-59.153.195.255 150.242.236.0/22 202.57.216.0/22 202.58.112.0/22 202.89.97.0-202.89.99.255 202.89.108.0/22 202.136.248.0/22 202.174.124.0/22 IPv6: 2403:1b80::/32 2406:1e80::/32 Signature Algorithm: sha256WithRSAEncryption 41:0d:1b:58:dc:ac:72:d1:24:69:3f:c9:49:b5:70:cf:c4:81: 24:db:00:2e:0c:3b:3d:11:82:bd:66:75:41:e5:6b:76:3f:7c: 09:da:04:f6:bf:fd:d2:36:69:65:a1:f5:73:e8:a5:de:da:7d: 47:0c:43:fe:05:3e:18:72:be:30:5b:fb:69:7f:09:8e:b6:9c: 72:82:e2:64:0c:c6:c4:b5:17:02:e8:e1:e3:3e:bf:3f:07:e8: 9d:fc:67:3d:c9:c9:51:0b:16:cd:a9:6e:1c:39:87:09:46:98: 0b:8c:a2:ae:c1:45:a7:c8:31:0c:41:23:5e:bc:1c:f8:6c:41: c2:4b:10:be:96:96:f6:27:d2:87:97:1a:c9:3e:44:74:78:ec: 1a:9d:b1:97:5b:7b:3d:d5:dc:ae:16:21:91:e7:1e:d0:f0:73: 32:73:f8:27:6a:e7:a5:b2:7a:13:f5:ec:9c:81:46:e9:f9:2e: a1:c9:6e:47:aa:2d:93:06:c8:60:8c:3a:e0:8c:f3:53:b9:11: 22:ca:37:06:0d:68:84:20:90:f1:9b:43:59:b4:f9:6d:dc:94: 6b:5d:1c:82:f4:39:e1:56:65:55:d2:8b:03:6c:c6:e5:d4:ec: bf:61:6a:45:36:4c:2e:7b:5a:30:7e:dc:9d:17:d2:ca:4b:dd: b5:26:68:b3 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUAmZi1o/uBuiUmZaEIQPFFi2wYwwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NC NTUzRDc1RTAeFw0yNjA1MjgwOTU2MDlaFw0yNzA1MjcxMDAxMDlaMDMxMTAvBgNV BAMTKDhFRUVGMTJFRUY2NzVCRjNDODJGMUEwNENDRTk2QUFDRjdBNDJFNEYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqYbwBM1wHrZy4zmYEAqD/TSrE 2cNShJDeK1ZWO5oP+GhRo9K4dXFdi+usWrZd9IxNWV67EfUp/9ovjlJUanrocoPe erp8YovXeiMQ9veWXjes2Xk1rncYBJqW95IHBs6b6W6ZOi1vbaHPsPdpPGbdw7mC jsJFWJSK/Z1EkxEbFFxZrfWsC5RI6lWKeQnqQdcEYg0LbJmnZUuouFKjxMMbHn6K f+4Q2zZAbSjYrJm9rla0ujV1NgA849y2fL3tKvFGYwtVRU905h0Zk2WG8WWxLrlf dy+grIUrLkRmQuLtduGw6qraLRoZpfpnedT7cmglx7vtk6razdxdyLEIWgNTAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUju7xLu9nW/PILxoEzOlqrPekLk8wHwYDVR0j BBgwFoAUH/8mPGQWO8WFFLU5wQN1zLVT114wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDMyNzA0My8wLzFGRkYyNjNDNjQxNjNCQzU4NTE0QjUzOUMxMDM3 NUNDQjU1M0Q3NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NCNTUzRDc1RS5jZXIw WQYIKwYBBQUHAQsETTBLMEkGCCsGAQUFBzALhj1yc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQzMjcwNDMvMC9BUzAucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwfQYIKwYBBQUHAQcBAf8EbjBsMFQEAgABME4w DAMEAi38hAMEAi38iDAMAwQDO5moAwQCO5nAAwQClvLsAwQCyjnYAwQCyjpwMAwD BADKWWEDBALKWWADBALKWWwDBALKiPgDBALKrnwwFAQCAAIwDgMFACQDG4ADBQAk Bh6AMA0GCSqGSIb3DQEBCwUAA4IBAQBBDRtY3Kxy0SRpP8lJtXDPxIEk2wAuDDs9 EYK9ZnVB5Wt2P3wJ2gT2v/3SNmllofVz6KXe2n1HDEP+BT4Ycr4wW/tpfwmOtpxy guJkDMbEtRcC6OHjPr8/B+id/Gc9yclRCxbNqW4cOYcJRpgLjKKuwUWnyDEMQSNe vBz4bEHCSxC+lpb2J9KHlxrJPkR0eOwanbGXW3s91dyuFiGR5x7Q8HMyc/gnauel snoT9eycgUbp+S6hyW5Hqi2TBshgjDrgjPNTuREiyjcGDWiEIJDxm0NZtPlt3JRr XRyC9DnhVmVV0osDbMbl1Oy/YWpFNkwue1owftydF9LKS921Jmiz -----END CERTIFICATE-----Generated at Sat Jun 6 16:08:49 2026 by rpki-client