$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS141025.roa File: AS141025.roa (raw, json) Hash identifier: LHAqQm52MaqVhhxFjktYUPS6fHfSjNBht88OOuRgq9M= Subject key identifier: 3A:86:8F:48:D4:41:A6:2A:9D:E7:89:DF:14:56:D7:7A:BE:5F:8D:71 Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E Certificate serial: 179227EA94A78AD44DFB2129AF4100A5D00DEFCA Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS141025.roa Signing time: Thu 21 May 2026 16:15:15 +0000 ROA not before: Thu 21 May 2026 16:10:15 +0000 ROA not after: Thu 20 May 2027 16:15:15 +0000 asID: 141025 IP address blocks: 59.46.34.0/24 maxlen: 24 123.177.56.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 May 2026 06:28:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:92:27:ea:94:a7:8a:d4:4d:fb:21:29:af:41:00:a5:d0:0d:ef:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E Validity Not Before: May 21 16:10:15 2026 GMT Not After : May 20 16:15:15 2027 GMT Subject: CN=3A868F48D441A62A9DE789DF1456D77ABE5F8D71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ee:5e:2b:81:92:8c:1a:56:36:f4:d3:5e:75: 01:07:62:4b:b4:42:20:d3:d4:b3:c7:8b:59:78:c3: dc:16:bc:08:26:c6:0c:2f:9c:50:e2:71:25:df:d4: 3b:0d:77:ac:76:5f:c7:d4:80:5a:70:37:96:dd:ef: 29:7b:a5:00:e0:9b:e7:e1:38:a0:9d:af:a8:6e:d4: 2e:28:4d:ff:52:e0:82:4f:25:36:c3:37:95:db:28: 23:f0:6c:59:98:60:c0:ac:df:6d:50:a7:87:8b:6e: 9e:e6:14:82:9b:23:3f:2d:a7:c9:80:e1:15:33:8b: 8d:45:76:e4:3f:5a:f7:92:11:54:f0:94:ce:8e:66: a5:29:80:99:d3:92:f4:2e:e6:4b:34:4b:12:5b:b5: ec:7f:53:22:ae:3c:43:4a:74:da:91:01:5d:55:a6: dc:50:8a:7f:6f:1d:39:4d:90:d9:5d:34:9f:c4:cb: 54:1d:a7:73:68:a4:b2:f0:45:0b:51:fa:aa:f0:d0: 2b:a6:a0:30:bb:0f:fe:b7:6f:97:b8:53:9e:aa:16: 61:65:2b:c0:fb:38:ff:c4:89:9f:71:82:0a:fd:84: 1f:5e:9b:d8:69:84:c7:79:89:1b:86:ac:f9:8c:35: a8:18:2b:39:6a:a9:3f:94:27:d2:3b:93:9f:89:2a: d5:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:86:8F:48:D4:41:A6:2A:9D:E7:89:DF:14:56:D7:7A:BE:5F:8D:71 X509v3 Authority Key Identifier: keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS141025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 59.46.34.0/24 123.177.56.0/22 Signature Algorithm: sha256WithRSAEncryption 69:03:da:b6:6e:24:27:7e:97:6b:30:3c:e8:3a:27:d4:e8:b9: 42:b2:7b:f5:c1:8a:3c:82:f5:6e:44:06:b1:8b:d7:85:b4:f3: 0c:68:40:34:85:34:94:e2:00:29:37:60:ef:c0:57:65:22:65: a5:81:fa:72:cf:35:d0:21:25:4f:9d:e3:71:5f:a9:8a:c2:9e: f0:2a:72:60:33:af:72:f4:9a:84:7a:64:40:69:22:ba:aa:e1: dc:ea:ae:c8:d4:83:f2:0a:57:2c:52:fb:f8:1f:6f:ec:42:9b: 38:57:94:d3:7d:91:73:36:d7:05:b8:49:51:7c:41:36:3c:61: 19:34:e3:12:9d:41:3e:bc:55:42:1d:c7:a8:b0:d9:dc:48:91: 5e:98:ba:9f:fb:10:69:69:20:34:15:71:d4:ac:49:ca:98:6a: 09:d6:ae:c6:f0:98:19:fc:85:9b:a3:88:a0:47:55:12:27:c6: 3c:fe:d5:73:be:4f:cb:09:5e:76:e3:b7:69:f4:44:9c:99:9a: e5:47:5c:b1:56:57:db:35:c7:5b:59:72:6d:ac:40:44:b3:79: a5:45:58:b8:62:02:81:94:ac:60:8a:07:2c:a7:4d:a6:81:7a: a8:96:b5:a0:95:f5:3b:a2:92:d9:9a:1d:5d:eb:da:90:4b:0a: 21:df:3d:85 -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUF5In6pSnitRN+yEpr0EApdAN78owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyMTE2MTAxNVoX DTI3MDUyMDE2MTUxNVowMzExMC8GA1UEAxMoM0E4NjhGNDhENDQxQTYyQTlERTc4 OURGMTQ1NkQ3N0FCRTVGOEQ3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANHuXiuBkowaVjb00151AQdiS7RCINPUs8eLWXjD3Ba8CCbGDC+cUOJxJd/U Ow13rHZfx9SAWnA3lt3vKXulAOCb5+E4oJ2vqG7ULihN/1Lggk8lNsM3ldsoI/Bs WZhgwKzfbVCnh4tunuYUgpsjPy2nyYDhFTOLjUV25D9a95IRVPCUzo5mpSmAmdOS 9C7mSzRLElu17H9TIq48Q0p02pEBXVWm3FCKf28dOU2Q2V00n8TLVB2nc2iksvBF C1H6qvDQK6agMLsP/rdvl7hTnqoWYWUrwPs4/8SJn3GCCv2EH16b2GmEx3mJG4as +Yw1qBgrOWqpP5Qn0juTn4kq1aECAwEAAaOCAeowggHmMB0GA1UdDgQWBBQ6ho9I 1EGmKp3nid8UVtd6vl+NcTAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw NTk3NjgzNS8xL0FTMTQxMDI1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAOy4iAwQCe7E4MA0GCSqGSIb3 DQEBCwUAA4IBAQBpA9q2biQnfpdrMDzoOifU6LlCsnv1wYo8gvVuRAaxi9eFtPMM aEA0hTSU4gApN2DvwFdlImWlgfpyzzXQISVPneNxX6mKwp7wKnJgM69y9JqEemRA aSK6quHc6q7I1IPyClcsUvv4H2/sQps4V5TTfZFzNtcFuElRfEE2PGEZNOMSnUE+ vFVCHceosNncSJFemLqf+xBpaSA0FXHUrEnKmGoJ1q7G8JgZ/IWbo4igR1USJ8Y8 /tVzvk/LCV5247dp9EScmZrlR1yxVlfbNcdbWXJtrEBEs3mlRVi4YgKBlKxgigcs p02mgXqolrWglfU7opLZmh1d69qQSwoh3z2F -----END CERTIFICATE-----Generated at Sat May 23 07:08:24 2026 by rpki-client