$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1099364928323584001/0/AS136958.roa File: AS136958.roa (raw, json) Hash identifier: 1lLdYSrnIRbEu4dxKFeTEI02kvxqoyt4CS47V2g0UBk= Subject key identifier: 15:00:6A:74:2C:92:2A:2F:0B:63:C1:47:F4:7F:BB:9A:7F:D9:5B:42 Certificate issuer: /CN=14F2AE289734C6F9223A15F482EED7503BB5C42B Certificate serial: 69FCFEEEC280637A684058741188777FBB1ACCE3 Authority key identifier: 14:F2:AE:28:97:34:C6:F9:22:3A:15:F4:82:EE:D7:50:3B:B5:C4:2B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/14F2AE289734C6F9223A15F482EED7503BB5C42B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/AS136958.roa Signing time: Mon 25 May 2026 07:49:28 +0000 ROA not before: Mon 25 May 2026 07:44:28 +0000 ROA not after: Mon 24 May 2027 07:49:28 +0000 asID: 136958 IP address blocks: 117.48.192.0/24 maxlen: 24 117.48.195.0/24 maxlen: 24 117.48.204.0/22 maxlen: 22 117.48.216.0/24 maxlen: 24 117.48.217.0/24 maxlen: 24 117.48.218.0/24 maxlen: 24 117.48.232.0/24 maxlen: 24 117.48.233.0/24 maxlen: 24 117.48.234.0/24 maxlen: 24 120.132.117.0/24 maxlen: 24 120.132.118.0/24 maxlen: 24 120.132.119.0/24 maxlen: 24 120.132.120.0/22 maxlen: 22 120.132.124.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/14F2AE289734C6F9223A15F482EED7503BB5C42B.crl rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/14F2AE289734C6F9223A15F482EED7503BB5C42B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/14F2AE289734C6F9223A15F482EED7503BB5C42B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Jun 2026 23:56:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:fc:fe:ee:c2:80:63:7a:68:40:58:74:11:88:77:7f:bb:1a:cc:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14F2AE289734C6F9223A15F482EED7503BB5C42B Validity Not Before: May 25 07:44:28 2026 GMT Not After : May 24 07:49:28 2027 GMT Subject: CN=15006A742C922A2F0B63C147F47FBB9A7FD95B42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:53:8a:e4:0f:c0:e5:e8:30:88:35:de:96:eb: 96:7a:1c:3d:80:75:7c:40:f3:99:9c:f2:89:62:31: 41:81:f3:c2:fb:a3:29:80:e6:f0:fa:62:de:57:fc: 45:73:72:cf:af:0b:76:93:c2:45:8a:e5:25:ed:14: 54:e8:c7:10:5e:9b:3f:38:42:d2:52:9f:d3:38:28: 76:6e:c0:52:84:76:d9:f7:1c:03:f8:fe:4b:b1:e2: 82:ad:75:60:c1:70:d1:25:b1:9c:bc:3e:6f:9a:e0: 68:f8:7b:8a:26:4e:97:a0:67:15:3c:fe:86:b0:3d: f8:e1:99:68:29:2d:81:3f:47:7a:e5:3f:4d:dc:5b: e0:7f:68:2f:f2:60:4b:2c:fb:fe:e6:2c:c5:11:63: 23:52:4d:a3:bc:b9:37:88:ca:65:a6:f0:9c:00:5b: bc:23:a0:3e:3a:e8:ed:5f:db:14:3a:38:19:73:aa: 6a:d3:18:df:5a:ee:d2:34:a1:80:ac:d0:05:91:ad: 46:38:9b:11:40:9d:85:4e:96:dd:51:22:a0:2c:d6: 54:fe:51:38:51:fc:cc:02:b7:8e:3c:32:21:fc:24: b1:ea:76:e8:b3:84:87:37:4c:61:17:ae:c7:48:dc: 82:c3:f1:12:02:4e:3b:53:0d:56:30:cc:58:08:df: 6d:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:00:6A:74:2C:92:2A:2F:0B:63:C1:47:F4:7F:BB:9A:7F:D9:5B:42 X509v3 Authority Key Identifier: keyid:14:F2:AE:28:97:34:C6:F9:22:3A:15:F4:82:EE:D7:50:3B:B5:C4:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/14F2AE289734C6F9223A15F482EED7503BB5C42B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/14F2AE289734C6F9223A15F482EED7503BB5C42B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/AS136958.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 117.48.192.0/24 117.48.195.0/24 117.48.204.0/22 117.48.216.0-117.48.218.255 117.48.232.0-117.48.234.255 120.132.117.0-120.132.127.255 Signature Algorithm: sha256WithRSAEncryption 58:8b:dc:e7:78:ef:71:15:36:17:ac:75:96:17:16:62:02:f9: de:af:f1:0d:10:f5:99:86:f8:13:be:39:c1:04:3a:90:c9:f5: 00:51:39:39:4d:53:1e:bd:2e:05:0c:bc:1f:8e:5d:e0:05:be: aa:74:98:10:57:17:f7:4a:ab:03:56:79:cd:6b:ae:00:1f:36: d6:44:7b:e1:87:14:5a:d5:d1:24:3a:16:c9:bb:59:b2:4b:d9: fd:f5:d4:24:81:00:d5:64:21:2e:85:66:a9:92:46:1e:78:fa: 86:a2:fa:7e:ed:02:20:49:c7:c0:6c:a3:85:d9:df:dd:64:43: 81:de:ff:2c:75:e9:d6:69:dd:f0:d7:c3:d9:59:a6:39:3b:b3: a8:a2:70:88:d2:27:3b:4a:ce:7b:9b:37:32:0c:8c:cd:21:75: aa:c0:11:c2:b8:63:1a:8c:6c:63:aa:a7:12:b8:56:66:d9:94: 8f:8f:8d:5d:eb:e6:ee:df:fd:72:09:0a:79:99:6e:ac:b3:98: 7b:e1:e0:d1:42:46:d8:71:be:77:73:aa:fe:ea:9e:c1:42:1b: ff:4f:56:51:2c:7b:e8:80:42:16:61:b2:50:84:85:9e:32:76: fa:ed:33:6d:db:d5:8c:50:8c:d4:f7:4d:9a:11:58:27:f9:e4: c7:6d:8e:15 -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgIUafz+7sKAY3poQFh0EYh3f7sazOMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTRGMkFFMjg5NzM0QzZGOTIyM0ExNUY0ODJFRUQ3NTAz QkI1QzQyQjAeFw0yNjA1MjUwNzQ0MjhaFw0yNzA1MjQwNzQ5MjhaMDMxMTAvBgNV BAMTKDE1MDA2QTc0MkM5MjJBMkYwQjYzQzE0N0Y0N0ZCQjlBN0ZEOTVCNDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmU4rkD8Dl6DCINd6W65Z6HD2A dXxA85mc8oliMUGB88L7oymA5vD6Yt5X/EVzcs+vC3aTwkWK5SXtFFToxxBemz84 QtJSn9M4KHZuwFKEdtn3HAP4/kux4oKtdWDBcNElsZy8Pm+a4Gj4e4omTpegZxU8 /oawPfjhmWgpLYE/R3rlP03cW+B/aC/yYEss+/7mLMURYyNSTaO8uTeIymWm8JwA W7wjoD466O1f2xQ6OBlzqmrTGN9a7tI0oYCs0AWRrUY4mxFAnYVOlt1RIqAs1lT+ UThR/MwCt448MiH8JLHqduizhIc3TGEXrsdI3ILD8RICTjtTDVYwzFgI320RAgMB AAGjggIaMIICFjAdBgNVHQ4EFgQUFQBqdCySKi8LY8FH9H+7mn/ZW0IwHwYDVR0j BBgwFoAUFPKuKJc0xvkiOhX0gu7XUDu1xCswDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 OTM2NDkyODMyMzU4NDAwMS8wLzE0RjJBRTI4OTczNEM2RjkyMjNBMTVGNDgyRUVE NzUwM0JCNUM0MkIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMTRGMkFFMjg5NzM0QzZGOTIyM0ExNUY0ODJFRUQ3NTAzQkI1QzQyQi5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTkzNjQ5MjgzMjM1ODQwMDEvMC9BUzEzNjk1OC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQC AAEwPAMEAHUwwAMEAHUwwwMEAnUwzDAMAwQDdTDYAwQAdTDaMAwDBAN1MOgDBAB1 MOowDAMEAHiEdQMEB3iEADANBgkqhkiG9w0BAQsFAAOCAQEAWIvc53jvcRU2F6x1 lhcWYgL53q/xDRD1mYb4E745wQQ6kMn1AFE5OU1THr0uBQy8H45d4AW+qnSYEFcX 90qrA1Z5zWuuAB821kR74YcUWtXRJDoWybtZskvZ/fXUJIEA1WQhLoVmqZJGHnj6 hqL6fu0CIEnHwGyjhdnf3WRDgd7/LHXp1mnd8NfD2VmmOTuzqKJwiNInO0rOe5s3 MgyMzSF1qsARwrhjGoxsY6qnErhWZtmUj4+NXevm7t/9cgkKeZlurLOYe+Hg0UJG 2HG+d3Oq/uqewUIb/09WUSx76IBCFmGyUISFnjJ2+u0zbdvVjFCM1PdNmhFYJ/nk x22OFQ== -----END CERTIFICATE-----Generated at Sat Jun 6 16:46:04 2026 by rpki-client