$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS4847.roa File: AS4847.roa (raw, json) Hash identifier: 0Ina+CzwJQwjEuUhvglREQvsgCccAVWBafW/3ynklIU= Subject key identifier: 9D:A8:FD:14:BB:60:31:C7:B3:03:BA:C2:BB:69:69:60:86:22:E0:05 Certificate issuer: /CN=1B27C26F8F7ECE53972D80933F503C09222E8F9F Certificate serial: 42596D8474C6E9E7D7008AAD945DBED280404EBC Authority key identifier: 1B:27:C2:6F:8F:7E:CE:53:97:2D:80:93:3F:50:3C:09:22:2E:8F:9F Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS4847.roa Signing time: Mon 18 May 2026 18:31:59 +0000 ROA not before: Mon 18 May 2026 18:26:59 +0000 ROA not after: Mon 17 May 2027 18:31:59 +0000 asID: 4847 IP address blocks: 60.195.248.0/21 maxlen: 21 115.182.0.0/16 maxlen: 16 115.182.0.0/20 maxlen: 20 115.182.0.0/21 maxlen: 21 115.182.16.0/20 maxlen: 20 115.182.32.0/20 maxlen: 20 115.182.48.0/20 maxlen: 20 115.182.64.0/20 maxlen: 20 115.182.80.0/20 maxlen: 20 115.182.96.0/19 maxlen: 19 115.182.128.0/18 maxlen: 18 115.182.190.0/24 maxlen: 24 115.182.192.0/18 maxlen: 18 115.182.192.0/19 maxlen: 19 115.182.216.0/21 maxlen: 21 115.182.224.0/19 maxlen: 19 118.144.64.0/19 maxlen: 19 118.145.0.0/19 maxlen: 19 118.244.192.0/19 maxlen: 19 118.244.224.0/20 maxlen: 20 123.196.112.0/20 maxlen: 20 124.202.128.0/19 maxlen: 19 211.103.152.0/21 maxlen: 21 211.147.0.0/21 maxlen: 21 211.154.160.0/20 maxlen: 20 218.241.152.0/21 maxlen: 21 219.234.80.0/20 maxlen: 20 219.238.148.0/22 maxlen: 22 219.238.232.0/21 maxlen: 21 219.239.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.crl rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Jun 2026 15:20:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:59:6d:84:74:c6:e9:e7:d7:00:8a:ad:94:5d:be:d2:80:40:4e:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1B27C26F8F7ECE53972D80933F503C09222E8F9F Validity Not Before: May 18 18:26:59 2026 GMT Not After : May 17 18:31:59 2027 GMT Subject: CN=9DA8FD14BB6031C7B303BAC2BB6969608622E005 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:8c:1f:f5:91:84:48:b2:b8:c4:d2:3a:08:3a: b5:ff:f2:48:c4:38:9f:37:6f:ad:af:56:77:5d:ea: 01:6a:2a:16:e7:b3:c0:6b:bc:16:ad:b4:09:b3:c1: b4:d9:b6:ac:26:f2:44:8e:17:96:9c:6c:6b:d5:66: 22:07:33:dd:3d:a8:52:f7:f3:cc:65:ab:2e:a2:2c: 63:f1:c4:f3:bc:1b:e3:bb:24:48:00:24:88:f7:1a: 7f:aa:43:bb:07:9a:2b:91:2f:cd:ca:e2:41:71:f0: 71:e9:f8:3e:17:63:76:a3:5f:89:6c:01:6e:5c:d8: 53:0e:09:dd:76:94:28:2a:47:94:5e:99:a4:9f:19: 93:2a:79:cd:28:62:39:00:9d:d1:14:94:c3:83:ff: 87:d6:1a:3a:0f:3e:93:81:6c:56:43:d2:4c:c4:96: 1b:8f:79:41:41:24:df:3c:ec:1b:0f:53:89:f8:e7: 76:fd:a2:e5:5e:89:b1:5f:67:32:4e:6a:52:d3:74: cf:1e:70:e2:2f:1c:6d:e0:0c:a9:c0:38:5d:95:6e: 7c:ac:cc:8d:fe:e0:27:4b:99:ca:c7:49:b3:91:34: ac:ea:ce:49:d5:35:4c:08:d6:11:f2:c9:00:ed:23: 28:7c:63:69:93:09:c9:d5:b9:52:28:22:03:56:f8: 4e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:A8:FD:14:BB:60:31:C7:B3:03:BA:C2:BB:69:69:60:86:22:E0:05 X509v3 Authority Key Identifier: keyid:1B:27:C2:6F:8F:7E:CE:53:97:2D:80:93:3F:50:3C:09:22:2E:8F:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS4847.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 60.195.248.0/21 115.182.0.0/16 118.144.64.0/19 118.145.0.0/19 118.244.192.0-118.244.239.255 123.196.112.0/20 124.202.128.0/19 211.103.152.0/21 211.147.0.0/21 211.154.160.0/20 218.241.152.0/21 219.234.80.0/20 219.238.148.0/22 219.238.232.0/21 219.239.88.0/21 Signature Algorithm: sha256WithRSAEncryption 67:26:83:fc:81:47:0d:66:39:17:cd:98:34:cb:49:be:d4:0a: cc:53:fd:ce:34:97:98:68:d6:d3:a7:21:64:d6:3c:d3:72:e9: 0d:91:88:12:1b:f8:14:56:be:82:0f:b4:01:16:b9:d9:41:a1: ad:9a:6e:4a:17:db:7f:96:48:eb:17:e3:b9:4a:58:f3:cf:23: e9:e3:e6:fd:ae:f7:87:2d:c4:2e:08:ce:77:fd:91:01:3b:da: 66:b4:e9:57:df:da:4b:61:4f:fc:23:9c:25:43:58:f5:4c:20: fd:af:8f:70:32:bb:9a:9f:c6:0c:e0:7e:f0:78:56:5e:85:ed: 97:df:1d:4e:5f:6d:51:57:b4:d1:50:d4:fe:9b:21:ff:3b:5d: 9d:5c:ff:0e:67:1a:59:4f:b0:16:69:6b:f2:eb:1d:8b:e1:b0: b6:47:f9:2c:ec:11:47:1f:c2:6e:97:80:42:1a:df:23:f4:3a: 56:e2:27:51:5c:a8:1a:08:68:f0:e7:cf:50:4c:94:ad:3d:38: 16:b9:88:a3:cd:d1:d3:fb:c6:7a:2a:d9:56:77:80:ac:54:45: 35:7d:28:d3:69:84:98:1c:1c:6e:29:4a:83:bc:b1:42:23:de: 11:b2:9f:89:61:ce:dc:af:bd:40:60:c4:31:26:d1:df:f3:01: e3:ad:d8:9c -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUQllthHTG6efXAIqtlF2+0oBATrwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUIyN0MyNkY4RjdFQ0U1Mzk3MkQ4MDkzM0Y1MDNDMDky MjJFOEY5RjAeFw0yNjA1MTgxODI2NTlaFw0yNzA1MTcxODMxNTlaMDMxMTAvBgNV BAMTKDlEQThGRDE0QkI2MDMxQzdCMzAzQkFDMkJCNjk2OTYwODYyMkUwMDUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjjB/1kYRIsrjE0joIOrX/8kjE OJ83b62vVndd6gFqKhbns8BrvBattAmzwbTZtqwm8kSOF5acbGvVZiIHM909qFL3 88xlqy6iLGPxxPO8G+O7JEgAJIj3Gn+qQ7sHmiuRL83K4kFx8HHp+D4XY3ajX4ls AW5c2FMOCd12lCgqR5RemaSfGZMqec0oYjkAndEUlMOD/4fWGjoPPpOBbFZD0kzE lhuPeUFBJN887BsPU4n453b9ouVeibFfZzJOalLTdM8ecOIvHG3gDKnAOF2Vbnys zI3+4CdLmcrHSbORNKzqzknVNUwI1hHyyQDtIyh8Y2mTCcnVuVIoIgNW+E51AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUnaj9FLtgMcezA7rCu2lpYIYi4AUwHwYDVR0j BBgwFoAUGyfCb49+zlOXLYCTP1A8CSIuj58wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA3 MDk1NTkyNDA3MzU0NTczMS8wLzFCMjdDMjZGOEY3RUNFNTM5NzJEODA5MzNGNTAz QzA5MjIyRThGOUYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUIyN0MyNkY4RjdFQ0U1Mzk3MkQ4MDkzM0Y1MDNDMDkyMjJFOEY5Ri5jZXIw XAYIKwYBBQUHAQsEUDBOMEwGCCsGAQUFBzALhkByc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNzA5NTU5MjQwNzM1NDU3MzEvMC9BUzQ4NDcucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwegYIKwYBBQUHAQcBAf8EazBpMGcEAgAB MGEDBAM8w/gDAwBztgMEBXaQQAMEBXaRADAMAwQGdvTAAwQEdvTgAwQEe8RwAwQF fMqAAwQD02eYAwQD05MAAwQE05qgAwQD2vGYAwQE2+pQAwQC2+6UAwQD2+7oAwQD 2+9YMA0GCSqGSIb3DQEBCwUAA4IBAQBnJoP8gUcNZjkXzZg0y0m+1ArMU/3ONJeY aNbTpyFk1jzTcukNkYgSG/gUVr6CD7QBFrnZQaGtmm5KF9t/lkjrF+O5SljzzyPp 4+b9rveHLcQuCM53/ZEBO9pmtOlX39pLYU/8I5wlQ1j1TCD9r49wMruan8YM4H7w eFZehe2X3x1OX21RV7TRUNT+myH/O12dXP8OZxpZT7AWaWvy6x2L4bC2R/ks7BFH H8Jul4BCGt8j9DpW4idRXKgaCGjw589QTJStPTgWuYijzdHT+8Z6KtlWd4CsVEU1 fSjTaYSYHBxuKUqDvLFCI94Rsp+JYc7cr71AYMQxJtHf8wHjrdic -----END CERTIFICATE-----Generated at Fri Jun 12 02:28:07 2026 by rpki-client