$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065588993548615682/0/AS138968.roa File: AS138968.roa (raw, json) Hash identifier: aEcwAJBhoE1+JrPQ5A2Fe/v4fqplNpRngONsurAdV1E= Subject key identifier: 77:E0:1D:E1:7D:11:06:F7:A4:49:6F:50:FE:AC:FB:CF:63:BA:5A:BA Certificate issuer: /CN=18763247046D56AAFB3D6773D049459B01F9D976 Certificate serial: 4099AD257E42DE6FF98D59B174ACADFF9759E2A0 Authority key identifier: 18:76:32:47:04:6D:56:AA:FB:3D:67:73:D0:49:45:9B:01:F9:D9:76 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/18763247046D56AAFB3D6773D049459B01F9D976.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065588993548615682/0/AS138968.roa Signing time: Fri 29 May 2026 13:03:32 +0000 ROA not before: Fri 29 May 2026 12:58:32 +0000 ROA not after: Fri 28 May 2027 13:03:32 +0000 asID: 138968 IP address blocks: 103.112.172.0/22 maxlen: 24 103.112.184.0/22 maxlen: 24 103.115.40.0/22 maxlen: 24 103.115.44.0/22 maxlen: 24 103.115.48.0/22 maxlen: 24 103.115.56.0/22 maxlen: 24 103.115.60.0/22 maxlen: 24 103.115.64.0/22 maxlen: 24 103.118.192.0/22 maxlen: 24 103.118.196.0/22 maxlen: 24 103.118.200.0/22 maxlen: 24 103.118.204.0/22 maxlen: 24 103.118.208.0/22 maxlen: 24 103.118.212.0/22 maxlen: 24 103.118.216.0/22 maxlen: 24 103.118.220.0/22 maxlen: 24 103.118.240.0/22 maxlen: 24 103.118.244.0/22 maxlen: 24 103.118.248.0/22 maxlen: 24 103.118.252.0/22 maxlen: 24 103.119.0.0/22 maxlen: 24 103.119.12.0/22 maxlen: 24 103.119.16.0/22 maxlen: 24 103.132.160.0/22 maxlen: 24 103.132.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065588993548615682/0/18763247046D56AAFB3D6773D049459B01F9D976.crl rsync://rpki-rps.cnnic.cn/repo/A1065588993548615682/0/18763247046D56AAFB3D6773D049459B01F9D976.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/18763247046D56AAFB3D6773D049459B01F9D976.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Jun 2026 10:36:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:99:ad:25:7e:42:de:6f:f9:8d:59:b1:74:ac:ad:ff:97:59:e2:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=18763247046D56AAFB3D6773D049459B01F9D976 Validity Not Before: May 29 12:58:32 2026 GMT Not After : May 28 13:03:32 2027 GMT Subject: CN=77E01DE17D1106F7A4496F50FEACFBCF63BA5ABA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:3a:0c:89:0a:15:6f:4b:71:6e:4b:c8:0a:e4: 40:f5:83:0b:5e:0d:1c:9e:3a:b7:94:6f:d6:1d:8d: 63:c5:ec:6e:42:e5:ac:4e:78:68:a7:8b:92:75:33: db:bc:55:58:a8:9d:6c:9e:4a:fd:02:fb:0b:35:0f: f7:78:bc:41:06:d0:ec:c0:77:de:6d:f7:26:43:70: d7:09:7d:39:2c:72:f0:b8:ec:32:bb:de:76:14:b5: 6a:80:49:c7:9f:ea:02:b6:1a:39:1a:11:22:c3:03: 0b:22:47:36:87:5f:04:cb:70:ad:b6:15:d7:99:c7: 46:03:e2:9d:2f:ca:5c:08:3e:e8:df:2f:27:f3:80: c1:3c:37:a2:27:39:f7:38:c6:13:53:04:5a:5a:95: 71:46:ee:56:d1:95:70:4b:59:3a:16:51:1f:ed:42: 19:5d:7c:a1:62:bf:39:d4:14:16:d5:3d:6b:db:d9: 43:7e:4a:dc:5f:7f:a9:94:d0:3c:66:a8:44:f5:fe: f5:a8:7d:ce:39:74:5c:68:70:c3:55:f9:8b:86:b6: 63:29:90:b4:62:15:c3:a9:d0:eb:25:d6:fa:14:7b: 17:b0:7d:46:a8:c1:42:d1:60:64:c9:2e:a6:c6:a8: 6a:3d:d3:eb:b1:0f:93:7f:fb:43:e1:6c:58:f1:ed: 81:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:E0:1D:E1:7D:11:06:F7:A4:49:6F:50:FE:AC:FB:CF:63:BA:5A:BA X509v3 Authority Key Identifier: keyid:18:76:32:47:04:6D:56:AA:FB:3D:67:73:D0:49:45:9B:01:F9:D9:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065588993548615682/0/18763247046D56AAFB3D6773D049459B01F9D976.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/18763247046D56AAFB3D6773D049459B01F9D976.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065588993548615682/0/AS138968.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.112.172.0/22 103.112.184.0/22 103.115.40.0-103.115.51.255 103.115.56.0-103.115.67.255 103.118.192.0/19 103.118.240.0-103.119.3.255 103.119.12.0-103.119.19.255 103.132.160.0/21 Signature Algorithm: sha256WithRSAEncryption d7:17:7f:17:d3:6c:e9:45:5c:53:31:d6:a2:a6:d3:07:2d:46: 2b:75:60:26:8b:0e:96:03:05:a9:11:b5:14:9c:2e:f1:77:74: 1a:6d:79:20:44:e4:19:2d:df:23:28:fa:3a:2e:2d:01:0a:f1: c3:d4:9c:2d:55:a9:f3:c5:a8:20:cb:9c:3b:6b:70:92:ab:9c: af:57:92:37:cb:ca:72:45:02:0b:dd:34:aa:09:80:9d:6c:09: 03:79:e0:22:54:44:ed:4f:af:23:16:ec:ed:bb:c9:47:2f:03: 92:0f:65:1b:97:ac:d1:77:85:3d:60:2d:35:eb:0e:13:b7:8b: 2f:22:82:0c:a8:9e:4b:92:0a:8a:42:82:ad:2a:a1:5e:9e:99: 9a:95:ae:d5:e4:70:70:c5:fa:53:93:1a:2a:5e:bb:e5:a7:9a: 91:1e:29:5f:7d:ca:19:3e:8f:7a:3d:b7:c0:59:19:1d:d0:6b: cc:b3:f2:ef:88:6b:a8:07:16:82:86:58:70:c0:39:56:6a:fb: 65:7e:3a:df:74:2e:0e:46:37:26:33:f1:30:70:e7:36:34:85: e7:e1:dc:4a:d5:03:e7:4d:c7:01:7e:84:45:22:65:e2:74:1a: ae:00:d0:a7:b1:05:f9:42:a4:3d:67:19:ad:cb:cb:3a:ed:78: b1:d4:7d:ca -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgIUQJmtJX5C3m/5jVmxdKyt/5dZ4qAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTg3NjMyNDcwNDZENTZBQUZCM0Q2NzczRDA0OTQ1OUIw MUY5RDk3NjAeFw0yNjA1MjkxMjU4MzJaFw0yNzA1MjgxMzAzMzJaMDMxMTAvBgNV BAMTKDc3RTAxREUxN0QxMTA2RjdBNDQ5NkY1MEZFQUNGQkNGNjNCQTVBQkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUOgyJChVvS3FuS8gK5ED1gwte DRyeOreUb9YdjWPF7G5C5axOeGini5J1M9u8VVionWyeSv0C+ws1D/d4vEEG0OzA d95t9yZDcNcJfTkscvC47DK73nYUtWqAScef6gK2GjkaESLDAwsiRzaHXwTLcK22 FdeZx0YD4p0vylwIPujfLyfzgME8N6InOfc4xhNTBFpalXFG7lbRlXBLWToWUR/t QhldfKFivznUFBbVPWvb2UN+Stxff6mU0DxmqET1/vWofc45dFxocMNV+YuGtmMp kLRiFcOp0Osl1voUexewfUaowULRYGTJLqbGqGo90+uxD5N/+0PhbFjx7YEdAgMB AAGjggIuMIICKjAdBgNVHQ4EFgQUd+Ad4X0RBvekSW9Q/qz7z2O6WrowHwYDVR0j BBgwFoAUGHYyRwRtVqr7PWdz0ElFmwH52XYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU4ODk5MzU0ODYxNTY4Mi8wLzE4NzYzMjQ3MDQ2RDU2QUFGQjNENjc3M0QwNDk0 NTlCMDFGOUQ5NzYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMTg3NjMyNDcwNDZENTZBQUZCM0Q2NzczRDA0OTQ1OUIwMUY5RDk3Ni5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1ODg5OTM1NDg2MTU2ODIvMC9BUzEzODk2OC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQC AAEwUAMEAmdwrAMEAmdwuDAMAwQDZ3MoAwQCZ3MwMAwDBANnczgDBAJnc0ADBAVn dsAwDAMEBGd28AMEAmd3ADAMAwQCZ3cMAwQCZ3cQAwQDZ4SgMA0GCSqGSIb3DQEB CwUAA4IBAQDXF38X02zpRVxTMdaiptMHLUYrdWAmiw6WAwWpEbUUnC7xd3QabXkg ROQZLd8jKPo6Li0BCvHD1JwtVanzxaggy5w7a3CSq5yvV5I3y8pyRQIL3TSqCYCd bAkDeeAiVETtT68jFuztu8lHLwOSD2Ubl6zRd4U9YC016w4Tt4svIoIMqJ5LkgqK QoKtKqFenpmala7V5HBwxfpTkxoqXrvlp5qRHilffcoZPo96PbfAWRkd0GvMs/Lv iGuoBxaChlhwwDlWavtlfjrfdC4ORjcmM/EwcOc2NIXn4dxK1QPnTccBfoRFImXi dBquANCnsQX5QqQ9Zxmty8s67Xix1H3K -----END CERTIFICATE-----Generated at Sat Jun 6 02:27:36 2026 by rpki-client