$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS135377.roa File: AS135377.roa (raw, json) Hash identifier: LAuAieSC7oF5AfM99aSF4QX3JKROSQixCaCeJIDhUxY= Subject key identifier: 29:D3:C2:CA:66:C3:50:96:F2:96:BF:EB:B5:0E:95:88:26:01:2B:3D Certificate issuer: /CN=9BF34B3817748D3E69CC3880F13A8383A9AA3C2C Certificate serial: 554A2488EA65F10254EF280F69AC475427CD515B Authority key identifier: 9B:F3:4B:38:17:74:8D:3E:69:CC:38:80:F1:3A:83:83:A9:AA:3C:2C Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS135377.roa Signing time: Wed 13 May 2026 07:33:21 +0000 ROA not before: Wed 13 May 2026 07:28:21 +0000 ROA not after: Wed 12 May 2027 07:33:21 +0000 asID: 135377 IP address blocks: 42.240.250.0/24 maxlen: 24 42.240.251.0/24 maxlen: 24 42.240.252.0/24 maxlen: 24 42.240.253.0/24 maxlen: 24 42.240.254.0/24 maxlen: 24 42.240.255.0/24 maxlen: 24 101.237.229.0/24 maxlen: 24 101.237.230.0/24 maxlen: 24 101.237.231.0/24 maxlen: 24 101.237.232.0/24 maxlen: 24 101.237.233.0/24 maxlen: 24 101.237.234.0/24 maxlen: 24 101.237.235.0/24 maxlen: 24 101.237.236.0/24 maxlen: 24 101.237.237.0/24 maxlen: 24 101.237.238.0/24 maxlen: 24 101.237.239.0/24 maxlen: 24 101.237.240.0/24 maxlen: 24 101.237.241.0/24 maxlen: 24 101.237.242.0/24 maxlen: 24 101.237.243.0/24 maxlen: 24 101.237.244.0/24 maxlen: 24 101.237.246.0/24 maxlen: 24 101.237.247.0/24 maxlen: 24 101.237.248.0/24 maxlen: 24 101.237.249.0/24 maxlen: 24 101.237.251.0/24 maxlen: 24 101.237.252.0/24 maxlen: 24 101.237.253.0/24 maxlen: 24 101.237.254.0/24 maxlen: 24 101.237.255.0/24 maxlen: 24 106.75.192.0/24 maxlen: 24 106.75.193.0/24 maxlen: 24 106.75.194.0/24 maxlen: 24 106.75.195.0/24 maxlen: 24 106.75.196.0/24 maxlen: 24 106.75.197.0/24 maxlen: 24 106.75.198.0/24 maxlen: 24 106.75.199.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Jun 2026 21:37:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:4a:24:88:ea:65:f1:02:54:ef:28:0f:69:ac:47:54:27:cd:51:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9BF34B3817748D3E69CC3880F13A8383A9AA3C2C Validity Not Before: May 13 07:28:21 2026 GMT Not After : May 12 07:33:21 2027 GMT Subject: CN=29D3C2CA66C35096F296BFEBB50E958826012B3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:78:14:26:f6:d3:03:7f:9f:30:38:21:a7:e4: 46:22:c0:fa:55:bf:9e:14:56:ef:ff:e2:cf:74:80: 86:1b:b8:9b:61:71:c9:0a:b0:84:91:68:a6:13:47: 21:43:9c:2a:e8:ff:8a:85:4d:45:36:35:3a:7f:10: 4d:a4:86:d2:f2:45:15:aa:3a:28:a4:fa:1d:95:3e: b5:c3:6f:a6:22:42:ff:1e:e7:ee:d7:11:39:bb:e1: e1:da:07:e9:5b:86:2b:1f:6e:55:5e:c0:ca:fa:de: f5:56:69:e9:b6:63:6c:c1:2e:8a:06:bd:e4:d8:23: 8c:38:c8:77:86:85:0d:24:b3:b1:5f:a8:87:80:5a: b1:7b:05:8d:f4:dd:32:ce:0e:b3:11:7f:09:0a:0f: d5:b6:29:b6:85:e6:4c:0b:bf:41:a7:31:4b:f0:d6: fc:ec:9c:a7:12:92:fc:78:81:67:e1:41:6b:39:68: f2:aa:e2:01:3a:5e:84:d8:f0:50:51:9b:10:71:d8: d1:1e:48:d1:a7:83:e2:89:c1:bd:8f:22:0e:50:94: 8a:23:e8:c5:39:8b:a6:48:fa:71:e1:61:a4:85:21: 4d:bd:20:fd:69:ae:6a:8a:1e:f3:81:7c:3a:ea:1e: 89:ee:da:33:4b:74:3e:02:d1:37:53:f0:bf:64:36: 6e:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:D3:C2:CA:66:C3:50:96:F2:96:BF:EB:B5:0E:95:88:26:01:2B:3D X509v3 Authority Key Identifier: keyid:9B:F3:4B:38:17:74:8D:3E:69:CC:38:80:F1:3A:83:83:A9:AA:3C:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS135377.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 42.240.250.0-42.240.255.255 101.237.229.0-101.237.244.255 101.237.246.0-101.237.249.255 101.237.251.0-101.237.255.255 106.75.192.0/21 Signature Algorithm: sha256WithRSAEncryption 1b:b5:77:1a:54:6d:cf:20:c9:7d:98:02:66:4e:10:ff:86:cf: 35:51:35:d5:8d:ca:d1:9a:72:4c:70:62:e7:c9:9f:84:a2:96: 23:77:c2:13:0c:94:8a:69:f9:fd:d3:d2:cf:a3:a8:c8:6b:d4: 7e:a7:3f:96:e1:99:b4:95:2d:15:19:34:0a:0b:1c:65:e1:80: fb:46:17:9a:44:17:bd:13:bd:4d:79:36:41:ac:b9:d3:dc:d8: d4:53:95:1c:6f:6e:93:72:dd:aa:d8:02:a5:e5:50:b0:91:78: d8:1d:f5:c1:5d:d7:10:e3:bb:39:ec:1e:b2:40:c7:1f:da:0c: f6:32:af:00:ef:0c:c6:af:4a:d0:61:45:67:d9:3b:f3:ec:44: e2:b5:4c:22:a9:ef:55:89:8d:4d:83:87:60:48:13:86:9d:a2: 86:5a:f7:af:67:41:3d:d6:39:de:ef:90:f2:a5:c2:cd:a9:80: d4:b9:3e:16:b1:f5:38:ab:40:a3:29:9a:89:b7:4b:7c:68:76: ff:21:a6:22:9b:f8:bd:c7:7b:3a:3e:bb:65:17:27:eb:d4:a8: 05:35:36:9a:33:e0:ee:69:4c:c8:a5:0a:36:58:dc:d2:3e:e0: 0a:03:99:99:f4:33:72:13:56:3d:19:0a:e0:ae:46:f9:df:67: 12:1f:3d:b8 -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgIUVUokiOpl8QJU7ygPaaxHVCfNUVswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUJGMzRCMzgxNzc0OEQzRTY5Q0MzODgwRjEzQTgzODNB OUFBM0MyQzAeFw0yNjA1MTMwNzI4MjFaFw0yNzA1MTIwNzMzMjFaMDMxMTAvBgNV BAMTKDI5RDNDMkNBNjZDMzUwOTZGMjk2QkZFQkI1MEU5NTg4MjYwMTJCM0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0eBQm9tMDf58wOCGn5EYiwPpV v54UVu//4s90gIYbuJthcckKsISRaKYTRyFDnCro/4qFTUU2NTp/EE2khtLyRRWq Oiik+h2VPrXDb6YiQv8e5+7XETm74eHaB+lbhisfblVewMr63vVWaem2Y2zBLooG veTYI4w4yHeGhQ0ks7FfqIeAWrF7BY303TLODrMRfwkKD9W2KbaF5kwLv0GnMUvw 1vzsnKcSkvx4gWfhQWs5aPKq4gE6XoTY8FBRmxBx2NEeSNGng+KJwb2PIg5QlIoj 6MU5i6ZI+nHhYaSFIU29IP1prmqKHvOBfDrqHonu2jNLdD4C0TdT8L9kNm71AgMB AAGjggIaMIICFjAdBgNVHQ4EFgQUKdPCymbDUJbylr/rtQ6ViCYBKz0wHwYDVR0j BBgwFoAUm/NLOBd0jT5pzDiA8TqDg6mqPCwwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDU4OTE4Ny8wLzlCRjM0QjM4MTc3NDhEM0U2OUNDMzg4MEYxM0E4 MzgzQTlBQTNDMkMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOUJGMzRCMzgxNzc0OEQzRTY5Q0MzODgwRjEzQTgzODNBOUFBM0MyQy5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ1ODkxODcvMC9BUzEzNTM3Ny5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQC AAEwPDALAwQBKvD6AwMAKvAwDAMEAGXt5QMEAGXt9DAMAwQBZe32AwQBZe34MAsD BABl7fsDAwFl7AMEA2pLwDANBgkqhkiG9w0BAQsFAAOCAQEAG7V3GlRtzyDJfZgC Zk4Q/4bPNVE11Y3K0ZpyTHBi58mfhKKWI3fCEwyUimn5/dPSz6OoyGvUfqc/luGZ tJUtFRk0CgscZeGA+0YXmkQXvRO9TXk2Qay509zY1FOVHG9uk3LdqtgCpeVQsJF4 2B31wV3XEOO7OeweskDHH9oM9jKvAO8Mxq9K0GFFZ9k78+xE4rVMIqnvVYmNTYOH YEgThp2ihlr3r2dBPdY53u+Q8qXCzamA1Lk+FrH1OKtAoymaibdLfGh2/yGmIpv4 vcd7Oj67ZRcn69SoBTU2mjPg7mlMyKUKNljc0j7gCgOZmfQzchNWPRkK4K5G+d9n Eh89uA== -----END CERTIFICATE-----Generated at Sat Jun 6 12:03:58 2026 by rpki-client