$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS4847.roa File: AS4847.roa (raw, json) Hash identifier: e/HyE9mR06eRSlERzhT5AobH42F8reGcGXipwNmWjEo= Subject key identifier: EA:B5:74:29:33:F6:FC:90:EF:B6:29:F3:D2:55:22:5E:DC:C9:F9:60 Certificate issuer: /CN=1B27C26F8F7ECE53972D80933F503C09222E8F9F Certificate serial: 06E52F65D618F8D0E517AF716ED244126C1E2E17 Authority key identifier: 1B:27:C2:6F:8F:7E:CE:53:97:2D:80:93:3F:50:3C:09:22:2E:8F:9F Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS4847.roa Signing time: Mon 20 Apr 2026 08:58:14 +0000 ROA not before: Mon 20 Apr 2026 08:53:14 +0000 ROA not after: Mon 19 Apr 2027 08:58:14 +0000 asID: 4847 IP address blocks: 60.195.248.0/21 maxlen: 21 115.182.0.0/16 maxlen: 16 115.182.0.0/20 maxlen: 20 115.182.16.0/20 maxlen: 20 115.182.32.0/20 maxlen: 20 115.182.48.0/20 maxlen: 20 115.182.64.0/20 maxlen: 20 115.182.80.0/20 maxlen: 20 115.182.96.0/19 maxlen: 19 115.182.128.0/18 maxlen: 18 115.182.190.0/24 maxlen: 24 115.182.192.0/18 maxlen: 18 115.182.192.0/19 maxlen: 19 115.182.224.0/19 maxlen: 19 118.144.64.0/19 maxlen: 19 118.145.0.0/19 maxlen: 19 118.244.192.0/19 maxlen: 19 118.244.224.0/20 maxlen: 20 123.196.112.0/20 maxlen: 20 124.202.128.0/19 maxlen: 19 211.103.152.0/21 maxlen: 21 211.147.0.0/21 maxlen: 21 211.154.160.0/20 maxlen: 20 218.241.152.0/21 maxlen: 21 219.234.80.0/20 maxlen: 20 219.238.148.0/22 maxlen: 22 219.238.232.0/21 maxlen: 21 219.239.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.crl rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 06:07:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:e5:2f:65:d6:18:f8:d0:e5:17:af:71:6e:d2:44:12:6c:1e:2e:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1B27C26F8F7ECE53972D80933F503C09222E8F9F Validity Not Before: Apr 20 08:53:14 2026 GMT Not After : Apr 19 08:58:14 2027 GMT Subject: CN=EAB5742933F6FC90EFB629F3D255225EDCC9F960 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f6:f7:f4:fb:6e:7c:bb:61:1f:fc:58:2d:65: db:b5:49:58:fc:7a:47:c1:84:79:e0:cc:11:2c:39: 68:0d:a8:49:f8:54:f6:b6:2c:96:34:f9:f3:a2:9b: 02:1f:88:3d:02:95:3b:1a:83:13:f1:e8:f6:51:24: 0c:bc:fa:16:b3:1d:64:80:e8:1c:14:96:4b:2d:ed: 40:84:87:85:59:13:ca:5f:46:7d:0a:ac:94:10:b0: 48:44:71:c0:e5:12:65:09:58:47:79:85:bb:10:fa: ed:cf:37:21:33:c7:a2:5e:35:82:77:ba:d3:ad:d5: 02:18:4a:8a:86:4a:43:f5:e8:f9:aa:0b:e7:7c:92: cb:5d:63:af:27:c5:cd:ad:aa:2c:0d:b9:79:10:bd: bc:88:b9:3f:78:01:da:33:4e:c3:58:9d:8c:85:3a: a2:93:af:69:a9:ac:77:52:7f:52:41:13:be:97:ae: 4a:13:2c:54:0b:30:a7:78:c7:05:ee:97:9c:b8:b9: 2f:88:76:94:19:69:64:cd:f3:49:52:15:63:02:68: b1:a2:0b:08:79:06:4b:a9:07:d4:03:2a:2e:18:7c: df:65:f3:50:f8:1c:15:32:7e:90:92:16:c5:ab:84: 84:78:ee:cb:4b:20:f2:73:4e:f5:a3:c6:00:a6:90: 0a:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:B5:74:29:33:F6:FC:90:EF:B6:29:F3:D2:55:22:5E:DC:C9:F9:60 X509v3 Authority Key Identifier: keyid:1B:27:C2:6F:8F:7E:CE:53:97:2D:80:93:3F:50:3C:09:22:2E:8F:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS4847.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 60.195.248.0/21 115.182.0.0/16 118.144.64.0/19 118.145.0.0/19 118.244.192.0-118.244.239.255 123.196.112.0/20 124.202.128.0/19 211.103.152.0/21 211.147.0.0/21 211.154.160.0/20 218.241.152.0/21 219.234.80.0/20 219.238.148.0/22 219.238.232.0/21 219.239.88.0/21 Signature Algorithm: sha256WithRSAEncryption a6:43:07:d1:b3:de:44:ab:ee:19:d7:bd:a2:84:77:51:b4:ef: a7:62:61:ad:aa:df:bd:97:9f:16:ea:6b:fa:b7:74:b8:3d:fd: d1:4f:01:bd:f4:0d:43:eb:bf:22:cd:d9:40:68:9c:11:cd:94: de:04:99:95:01:3c:a3:1e:33:38:68:5d:35:c1:1d:6f:f8:eb: 8c:0e:3c:e8:9d:bf:94:47:00:16:cb:50:c9:60:54:1f:5f:91: 69:3a:38:63:ea:72:2e:90:58:84:de:26:b1:b9:59:dc:87:c1: dd:15:74:b1:c9:2b:7c:34:c9:5d:fa:81:8a:9e:9e:98:55:99: ff:b9:88:5a:68:ba:84:9b:45:8b:d6:cd:de:44:7c:76:8a:ce: 58:03:c1:7b:2c:07:6f:2f:3f:0e:2e:57:cb:bc:ff:e1:cb:b6: ed:cf:79:70:6a:77:e6:f7:30:88:6c:6a:39:ef:6e:d3:a1:29: ca:e1:22:5a:86:d4:2d:e2:7d:93:f2:7e:1c:d4:f3:4f:df:7e: c2:8f:f6:25:58:9e:fe:71:b6:82:90:6d:26:2b:6a:90:11:9a: f6:f9:a4:d9:03:0e:a2:8c:10:1a:5c:8a:e6:ea:5d:16:56:5d: 34:f0:85:a7:60:12:5f:c6:83:f1:df:05:b9:7f:f7:e1:7b:74: eb:66:38:d5 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUBuUvZdYY+NDlF69xbtJEEmweLhcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUIyN0MyNkY4RjdFQ0U1Mzk3MkQ4MDkzM0Y1MDNDMDky MjJFOEY5RjAeFw0yNjA0MjAwODUzMTRaFw0yNzA0MTkwODU4MTRaMDMxMTAvBgNV BAMTKEVBQjU3NDI5MzNGNkZDOTBFRkI2MjlGM0QyNTUyMjVFRENDOUY5NjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI9vf0+258u2Ef/FgtZdu1SVj8 ekfBhHngzBEsOWgNqEn4VPa2LJY0+fOimwIfiD0ClTsagxPx6PZRJAy8+hazHWSA 6BwUlkst7UCEh4VZE8pfRn0KrJQQsEhEccDlEmUJWEd5hbsQ+u3PNyEzx6JeNYJ3 utOt1QIYSoqGSkP16PmqC+d8kstdY68nxc2tqiwNuXkQvbyIuT94AdozTsNYnYyF OqKTr2mprHdSf1JBE76XrkoTLFQLMKd4xwXul5y4uS+IdpQZaWTN80lSFWMCaLGi Cwh5BkupB9QDKi4YfN9l81D4HBUyfpCSFsWrhIR47stLIPJzTvWjxgCmkArLAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQU6rV0KTP2/JDvtinz0lUiXtzJ+WAwHwYDVR0j BBgwFoAUGyfCb49+zlOXLYCTP1A8CSIuj58wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA3 MDk1NTkyNDA3MzU0NTczMS8wLzFCMjdDMjZGOEY3RUNFNTM5NzJEODA5MzNGNTAz QzA5MjIyRThGOUYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUIyN0MyNkY4RjdFQ0U1Mzk3MkQ4MDkzM0Y1MDNDMDkyMjJFOEY5Ri5jZXIw XAYIKwYBBQUHAQsEUDBOMEwGCCsGAQUFBzALhkByc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNzA5NTU5MjQwNzM1NDU3MzEvMC9BUzQ4NDcucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwegYIKwYBBQUHAQcBAf8EazBpMGcEAgAB MGEDBAM8w/gDAwBztgMEBXaQQAMEBXaRADAMAwQGdvTAAwQEdvTgAwQEe8RwAwQF fMqAAwQD02eYAwQD05MAAwQE05qgAwQD2vGYAwQE2+pQAwQC2+6UAwQD2+7oAwQD 2+9YMA0GCSqGSIb3DQEBCwUAA4IBAQCmQwfRs95Eq+4Z172ihHdRtO+nYmGtqt+9 l58W6mv6t3S4Pf3RTwG99A1D678izdlAaJwRzZTeBJmVATyjHjM4aF01wR1v+OuM Djzonb+URwAWy1DJYFQfX5FpOjhj6nIukFiE3iaxuVnch8HdFXSxySt8NMld+oGK np6YVZn/uYhaaLqEm0WL1s3eRHx2is5YA8F7LAdvLz8OLlfLvP/hy7btz3lwanfm 9zCIbGo5727ToSnK4SJahtQt4n2T8n4c1PNP337Cj/YlWJ7+cbaCkG0mK2qQEZr2 +aTZAw6ijBAaXIrm6l0WVl008IWnYBJfxoPx3wW5f/fhe3TrZjjV -----END CERTIFICATE-----Generated at Mon Apr 27 13:45:36 2026 by rpki-client