$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS59020.roa File: AS59020.roa (raw, json) Hash identifier: /Pd1x3KaSGQFTXTyZbDS1WOjjkXg/3ewVYnbuFdYmwE= Subject key identifier: 15:21:08:3B:BE:69:AF:7F:68:00:8D:DB:C7:92:1F:A5:BB:99:40:2C Certificate issuer: /CN=1C519CD1C415925E7FCE92FDA20FF18EC544C74B Certificate serial: 5B8D5FA2F05C7A71257933DB7FAD717EA1831A2B Authority key identifier: 1C:51:9C:D1:C4:15:92:5E:7F:CE:92:FD:A2:0F:F1:8E:C5:44:C7:4B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS59020.roa Signing time: Mon 08 Jun 2026 02:23:34 +0000 ROA not before: Mon 08 Jun 2026 02:18:34 +0000 ROA not after: Mon 07 Jun 2027 02:23:34 +0000 asID: 59020 IP address blocks: 42.158.0.0/16 maxlen: 32 58.83.128.0/17 maxlen: 32 59.191.0.0/17 maxlen: 32 103.247.168.0/22 maxlen: 32 120.132.128.0/17 maxlen: 32 120.133.0.0/17 maxlen: 32 120.133.128.0/18 maxlen: 32 120.133.192.0/19 maxlen: 32 120.133.224.0/20 maxlen: 32 120.133.240.0/20 maxlen: 32 120.134.0.0/15 maxlen: 32 124.250.0.0/16 maxlen: 32 124.251.0.0/16 maxlen: 32 182.174.0.0/16 maxlen: 32 182.175.0.0/17 maxlen: 32 182.175.128.0/18 maxlen: 32 182.175.192.0/19 maxlen: 32 182.175.224.0/20 maxlen: 32 182.175.240.0/23 maxlen: 32 182.175.242.0/23 maxlen: 32 183.84.0.0/15 maxlen: 32 210.77.128.0/19 maxlen: 32 211.99.160.0/19 maxlen: 32 211.99.192.0/19 maxlen: 32 211.151.0.0/16 maxlen: 32 211.152.0.0/19 maxlen: 32 211.152.64.0/18 maxlen: 32 2403:a200::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.crl rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Jun 2026 19:59:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:8d:5f:a2:f0:5c:7a:71:25:79:33:db:7f:ad:71:7e:a1:83:1a:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1C519CD1C415925E7FCE92FDA20FF18EC544C74B Validity Not Before: Jun 8 02:18:34 2026 GMT Not After : Jun 7 02:23:34 2027 GMT Subject: CN=1521083BBE69AF7F68008DDBC7921FA5BB99402C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ea:31:18:0a:2c:26:bd:a3:1a:82:a0:0e:7c: 72:df:70:f2:af:d8:c2:7b:d3:2a:91:5f:47:06:66: 6b:9d:3d:94:66:41:a0:89:bc:cb:54:d2:52:c3:2e: 65:85:39:77:74:2f:d3:21:28:40:71:ce:4f:b9:c1: fd:af:6c:da:fc:43:07:4b:27:4b:e2:d9:20:b9:35: 57:27:f1:2b:88:91:a5:62:ee:93:04:92:e8:f0:bc: 56:4c:ad:b4:ba:2e:bc:de:03:ef:cb:44:f5:b3:d0: a9:59:f2:5f:86:4d:26:ff:79:c3:e0:64:a3:29:f8: 4d:06:13:84:ed:a1:66:fb:95:e4:98:7c:86:04:94: 5a:f8:cb:a5:e9:e0:02:07:4a:fb:7d:fc:08:74:07: 95:14:51:9b:cd:c3:8d:f5:70:75:71:5b:c2:47:e3: f8:67:08:e7:e1:36:9a:87:d3:e7:1b:63:10:e9:69: ae:43:6b:4a:0d:9a:f7:a2:98:e2:ff:e4:13:44:48: 90:71:7d:47:ba:32:09:11:b4:24:59:a9:28:17:93: 0a:07:69:7d:64:b0:55:60:a2:e7:33:fc:9f:81:d3: 1b:8d:43:15:15:60:7b:94:6d:0f:32:ba:81:b6:ff: 0b:1c:b4:2b:19:5d:38:ff:1a:c7:f7:e4:7d:a1:14: de:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:21:08:3B:BE:69:AF:7F:68:00:8D:DB:C7:92:1F:A5:BB:99:40:2C X509v3 Authority Key Identifier: keyid:1C:51:9C:D1:C4:15:92:5E:7F:CE:92:FD:A2:0F:F1:8E:C5:44:C7:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS59020.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 42.158.0.0/16 58.83.128.0/17 59.191.0.0/17 103.247.168.0/22 120.132.128.0-120.135.255.255 124.250.0.0/15 182.174.0.0-182.175.243.255 183.84.0.0/15 210.77.128.0/19 211.99.160.0-211.99.223.255 211.151.0.0-211.152.31.255 211.152.64.0/18 IPv6: 2403:a200::/32 Signature Algorithm: sha256WithRSAEncryption 29:c9:3d:50:ba:98:94:e1:c1:6d:b9:a8:44:52:aa:74:0b:cf: a4:c8:a9:9b:4c:04:bd:7e:49:ed:09:d7:b6:5b:bb:8d:3b:04: 08:88:a1:e5:17:c8:58:05:61:02:58:be:04:4a:ef:25:56:8b: b5:af:20:f5:9b:07:41:89:e4:46:56:37:04:4b:b2:38:09:00: e3:ac:05:60:4f:8c:5c:45:38:73:04:f9:73:93:af:c7:e9:92: 07:ce:d5:11:de:ee:28:df:d7:6e:a0:5b:94:6e:19:cc:5d:37: ab:97:75:dc:01:fa:6a:e1:27:3b:62:61:6e:bb:da:9d:27:31: 04:a8:97:c7:1a:29:0b:9d:c3:7c:a0:af:00:ff:6a:89:0c:dc: 66:84:6d:3c:f1:44:00:41:5c:28:fd:98:e2:40:d1:0b:1c:ab: 77:77:09:bd:95:42:60:8b:a4:4b:a3:b3:ab:a6:b2:e5:ee:ac: d1:c9:ca:c4:d2:95:2f:f8:9f:67:8b:51:1f:78:03:b8:fc:1b: 77:85:34:07:ce:9a:f0:24:f1:9f:6c:45:cf:30:8c:5a:60:16: 41:e3:4e:94:8d:23:56:39:86:d7:ec:84:1d:e3:2c:0f:c4:eb: 36:76:1c:96:1c:1d:b4:ea:da:74:cf:27:1d:d6:69:d2:68:48: 24:45:d0:0a -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgIUW41fovBcenEleTPbf61xfqGDGiswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUM1MTlDRDFDNDE1OTI1RTdGQ0U5MkZEQTIwRkYxOEVD NTQ0Qzc0QjAeFw0yNjA2MDgwMjE4MzRaFw0yNzA2MDcwMjIzMzRaMDMxMTAvBgNV BAMTKDE1MjEwODNCQkU2OUFGN0Y2ODAwOEREQkM3OTIxRkE1QkI5OTQwMkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE6jEYCiwmvaMagqAOfHLfcPKv 2MJ70yqRX0cGZmudPZRmQaCJvMtU0lLDLmWFOXd0L9MhKEBxzk+5wf2vbNr8QwdL J0vi2SC5NVcn8SuIkaVi7pMEkujwvFZMrbS6LrzeA+/LRPWz0KlZ8l+GTSb/ecPg ZKMp+E0GE4TtoWb7leSYfIYElFr4y6Xp4AIHSvt9/Ah0B5UUUZvNw431cHVxW8JH 4/hnCOfhNpqH0+cbYxDpaa5Da0oNmveimOL/5BNESJBxfUe6MgkRtCRZqSgXkwoH aX1ksFVgoucz/J+B0xuNQxUVYHuUbQ8yuoG2/wsctCsZXTj/Gsf35H2hFN4NAgMB AAGjggJPMIICSzAdBgNVHQ4EFgQUFSEIO75pr39oAI3bx5IfpbuZQCwwHwYDVR0j BBgwFoAUHFGc0cQVkl5/zpL9og/xjsVEx0swDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjI2NTQ1OTM0ODUzNzM0Ni8xLzFDNTE5Q0QxQzQxNTkyNUU3RkNFOTJGREEyMEZG MThFQzU0NEM3NEIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUM1MTlDRDFDNDE1OTI1RTdGQ0U5MkZEQTIwRkYxOEVDNTQ0Qzc0Qi5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTYyNjU0NTkzNDg1MzczNDYvMS9BUzU5MDIwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQC AAEwYgMDACqeAwQHOlOAAwQHO78AAwQCZ/eoMAsDBAd4hIADAwN4gAMDAXz6MAsD AwG2rgMEArav8AMDAbdUAwQF0k2AMAwDBAXTY6ADBAXTY8AwCwMDANOXAwQF05gA AwQG05hAMA0EAgACMAcDBQAkA6IAMA0GCSqGSIb3DQEBCwUAA4IBAQApyT1QupiU 4cFtuahEUqp0C8+kyKmbTAS9fkntCde2W7uNOwQIiKHlF8hYBWECWL4ESu8lVou1 ryD1mwdBieRGVjcES7I4CQDjrAVgT4xcRThzBPlzk6/H6ZIHztUR3u4o39duoFuU bhnMXTerl3XcAfpq4Sc7YmFuu9qdJzEEqJfHGikLncN8oK8A/2qJDNxmhG088UQA QVwo/ZjiQNELHKt3dwm9lUJgi6RLo7OrprLl7qzRycrE0pUv+J9ni1EfeAO4/Bt3 hTQHzprwJPGfbEXPMIxaYBZB406UjSNWOYbX7IQd4ywPxOs2dhyWHB206tp0zycd 1mnSaEgkRdAK -----END CERTIFICATE-----Generated at Fri Jun 12 04:32:41 2026 by rpki-client