$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS59083.roa File: AS59083.roa (raw, json) Hash identifier: Odg8hD9s6Y0SDTw28ODJvGME5WGr+WK8bfS+FsmxSDc= Subject key identifier: 69:54:E0:95:8F:40:CE:60:7D:B5:3C:C4:07:C4:E9:1D:15:EA:9D:20 Certificate issuer: /CN=1FFF263C64163BC58514B539C10375CCB553D75E Certificate serial: 18D790EB5B9FB3417CAE9D38BD778E9E6BE2DC21 Authority key identifier: 1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS59083.roa Signing time: Tue 21 Apr 2026 06:28:51 +0000 ROA not before: Tue 21 Apr 2026 06:23:51 +0000 ROA not after: Tue 20 Apr 2027 06:28:51 +0000 asID: 59083 IP address blocks: 43.254.152.0/22 maxlen: 24 43.254.153.0/24 maxlen: 24 43.254.154.0/23 maxlen: 24 43.254.154.0/24 maxlen: 24 43.254.155.0/24 maxlen: 24 59.153.168.0/23 maxlen: 24 103.5.192.0/22 maxlen: 24 103.10.0.0/22 maxlen: 22 103.10.0.0/23 maxlen: 24 103.10.0.0/24 maxlen: 24 103.10.1.0/24 maxlen: 24 103.10.2.0/23 maxlen: 24 103.10.2.0/24 maxlen: 24 103.10.3.0/24 maxlen: 24 103.24.116.0/22 maxlen: 24 103.24.117.0/24 maxlen: 24 202.89.108.0/22 maxlen: 24 202.89.108.0/23 maxlen: 24 202.89.110.0/23 maxlen: 24 202.136.248.0/22 maxlen: 24 202.136.248.0/23 maxlen: 24 202.136.249.0/24 maxlen: 24 202.136.250.0/23 maxlen: 24 202.136.250.0/24 maxlen: 24 202.174.124.0/22 maxlen: 24 2403:1b80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:d7:90:eb:5b:9f:b3:41:7c:ae:9d:38:bd:77:8e:9e:6b:e2:dc:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FFF263C64163BC58514B539C10375CCB553D75E Validity Not Before: Apr 21 06:23:51 2026 GMT Not After : Apr 20 06:28:51 2027 GMT Subject: CN=6954E0958F40CE607DB53CC407C4E91D15EA9D20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:c5:6b:cf:d9:12:72:47:b0:e2:87:d5:ee:b2: 65:75:71:9d:aa:97:a0:5b:c8:80:20:ec:6e:86:0f: d6:3a:52:8e:93:73:61:1d:d4:30:56:cc:3d:ea:30: f9:86:2a:db:ea:a5:64:c5:0e:54:96:ea:7a:98:96: 67:86:d0:85:42:64:d5:5d:1a:ce:61:0b:12:5b:e4: a6:7e:9b:a2:8e:4b:c9:52:67:4f:05:f9:da:e2:c5: 8d:ac:42:96:aa:a5:b1:14:ec:af:7b:45:bc:f5:ca: 20:a7:20:3c:0a:e9:65:43:b6:8f:3f:f0:4c:da:9c: 42:17:c6:de:6f:e1:9c:93:52:fe:ff:83:99:ec:af: e6:e5:e5:9b:63:26:9e:e7:c4:86:c5:4d:ee:4c:74: 50:4e:75:92:60:53:7d:9c:79:d1:6e:c4:e3:08:59: a1:39:72:d8:2b:eb:6c:ca:5d:ed:9d:fa:ea:1f:b3: 26:6a:9a:aa:94:e4:8c:34:b6:6e:83:8f:19:d4:b1: 66:2a:82:2d:2f:41:0a:56:ec:62:e3:a4:b2:4e:b8: 9f:0d:14:a4:16:6a:c5:af:ad:b9:8b:12:a0:d2:ad: ea:ac:3e:d0:6e:80:bb:fd:6a:70:76:25:06:64:f0: 02:35:8b:b7:53:9f:7b:b5:40:93:d7:7d:77:2f:79: 08:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:54:E0:95:8F:40:CE:60:7D:B5:3C:C4:07:C4:E9:1D:15:EA:9D:20 X509v3 Authority Key Identifier: keyid:1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS59083.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.254.152.0/22 59.153.168.0/23 103.5.192.0/22 103.10.0.0/22 103.24.116.0/22 202.89.108.0/22 202.136.248.0/22 202.174.124.0/22 IPv6: 2403:1b80::/48 Signature Algorithm: sha256WithRSAEncryption 75:4f:af:3a:b0:fb:74:ac:41:12:e5:09:2b:15:cd:54:67:2b: d5:7e:bf:63:a3:2f:d7:5c:05:36:3e:b7:9b:01:e5:38:6e:45: f1:92:b5:be:33:2d:f0:59:3f:5b:38:ab:73:06:c7:a0:73:e7: 2f:90:36:78:90:80:b6:22:3b:78:0e:b8:40:4e:b0:8b:e0:c1: 7d:ba:af:36:ff:3b:13:26:9f:eb:3c:24:3d:81:cb:88:ec:d1: 71:f8:6d:37:1d:b9:4f:ad:f2:2a:2c:37:05:cc:31:a4:63:ee: a6:e6:a6:36:f8:e3:67:db:bf:1d:f6:db:6d:c1:b8:35:80:6c: a9:65:a4:73:83:9b:76:67:d3:a3:bc:e0:81:95:ef:b6:ee:9c: 1e:3a:d0:a6:b9:ac:8f:5a:52:62:ca:c4:74:e8:ad:1d:a0:b7: 1d:35:c8:d3:57:c8:24:f1:31:bb:07:e6:ae:7f:a2:90:ec:1f: e2:30:09:64:32:b9:08:ca:8f:74:e9:84:e2:d4:02:fb:e8:7e: 7a:9d:a8:6c:8c:9e:79:ca:d9:16:65:f1:48:17:82:a9:b5:7a: 66:60:b0:80:b4:7a:cf:db:33:84:a3:a3:b4:76:70:87:1d:d7: 40:d2:78:92:21:cb:c6:ec:ae:d3:60:ba:71:bb:47:92:0e:22: ee:2f:72:0b -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgIUGNeQ61ufs0F8rp04vXeOnmvi3CEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NC NTUzRDc1RTAeFw0yNjA0MjEwNjIzNTFaFw0yNzA0MjAwNjI4NTFaMDMxMTAvBgNV BAMTKDY5NTRFMDk1OEY0MENFNjA3REI1M0NDNDA3QzRFOTFEMTVFQTlEMjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0xWvP2RJyR7Dih9XusmV1cZ2q l6BbyIAg7G6GD9Y6Uo6Tc2Ed1DBWzD3qMPmGKtvqpWTFDlSW6nqYlmeG0IVCZNVd Gs5hCxJb5KZ+m6KOS8lSZ08F+drixY2sQpaqpbEU7K97Rbz1yiCnIDwK6WVDto8/ 8EzanEIXxt5v4ZyTUv7/g5nsr+bl5ZtjJp7nxIbFTe5MdFBOdZJgU32cedFuxOMI WaE5ctgr62zKXe2d+uofsyZqmqqU5Iw0tm6DjxnUsWYqgi0vQQpW7GLjpLJOuJ8N FKQWasWvrbmLEqDSreqsPtBugLv9anB2JQZk8AI1i7dTn3u1QJPXfXcveQg9AgMB AAGjggIeMIICGjAdBgNVHQ4EFgQUaVTglY9AzmB9tTzEB8TpHRXqnSAwHwYDVR0j BBgwFoAUH/8mPGQWO8WFFLU5wQN1zLVT114wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDMyNzA0My8wLzFGRkYyNjNDNjQxNjNCQzU4NTE0QjUzOUMxMDM3 NUNDQjU1M0Q3NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NCNTUzRDc1RS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQzMjcwNDMvMC9BUzU5MDgzLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIA ATAwAwQCK/6YAwQBO5moAwQCZwXAAwQCZwoAAwQCZxh0AwQCyllsAwQCyoj4AwQC yq58MA8EAgACMAkDBwAkAxuAAAAwDQYJKoZIhvcNAQELBQADggEBAHVPrzqw+3Ss QRLlCSsVzVRnK9V+v2OjL9dcBTY+t5sB5ThuRfGStb4zLfBZP1s4q3MGx6Bz5y+Q NniQgLYiO3gOuEBOsIvgwX26rzb/OxMmn+s8JD2By4js0XH4bTcduU+t8iosNwXM MaRj7qbmpjb442fbvx32223BuDWAbKllpHODm3Zn06O84IGV77bunB460Ka5rI9a UmLKxHTorR2gtx01yNNXyCTxMbsH5q5/opDsH+IwCWQyuQjKj3TphOLUAvvofnqd qGyMnnnK2RZl8UgXgqm1emZgsIC0es/bM4Sjo7R2cIcd10DSeJIhy8bsrtNgunG7 R5IOIu4vcgs= -----END CERTIFICATE-----Generated at Wed Apr 22 03:06:01 2026 by rpki-client