$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1099364928323584001/0/AS59089.roa File: AS59089.roa (raw, json) Hash identifier: FZ2amEc2jacY0MY1b77loa5TKv2CCD6wo9elT+pF2zo= Subject key identifier: DE:0A:39:94:1A:B6:F9:F0:36:56:10:71:96:47:6C:EC:0E:77:C9:9A Certificate issuer: /CN=14F2AE289734C6F9223A15F482EED7503BB5C42B Certificate serial: 6BFE41E4ACEED214F84F22526AB3FE42F76747DA Authority key identifier: 14:F2:AE:28:97:34:C6:F9:22:3A:15:F4:82:EE:D7:50:3B:B5:C4:2B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/14F2AE289734C6F9223A15F482EED7503BB5C42B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/AS59089.roa Signing time: Wed 03 Jun 2026 06:39:05 +0000 ROA not before: Wed 03 Jun 2026 06:34:05 +0000 ROA not after: Wed 02 Jun 2027 06:39:05 +0000 asID: 59089 IP address blocks: 103.244.80.0/22 maxlen: 22 114.118.0.0/21 maxlen: 21 114.118.8.0/21 maxlen: 24 114.118.16.0/21 maxlen: 24 114.118.24.0/21 maxlen: 24 114.118.64.0/21 maxlen: 24 114.118.72.0/21 maxlen: 24 114.118.80.0/21 maxlen: 24 114.118.88.0/21 maxlen: 21 114.118.96.0/21 maxlen: 24 114.119.204.0/22 maxlen: 22 120.132.32.0/22 maxlen: 24 120.132.36.0/22 maxlen: 22 120.132.40.0/22 maxlen: 24 120.132.44.0/22 maxlen: 24 120.132.48.0/22 maxlen: 24 120.132.52.0/22 maxlen: 24 120.132.56.0/22 maxlen: 24 120.132.60.0/22 maxlen: 24 120.132.64.0/22 maxlen: 24 120.132.68.0/22 maxlen: 24 120.132.72.0/22 maxlen: 22 120.132.76.0/22 maxlen: 24 120.132.80.0/22 maxlen: 24 120.132.84.0/22 maxlen: 24 120.132.88.0/22 maxlen: 22 120.132.92.0/22 maxlen: 22 123.59.0.0/19 maxlen: 24 123.59.32.0/19 maxlen: 24 123.59.64.0/19 maxlen: 24 123.59.96.0/19 maxlen: 24 123.59.128.0/19 maxlen: 24 123.59.160.0/19 maxlen: 24 123.59.192.0/19 maxlen: 24 123.59.224.0/19 maxlen: 24 180.150.176.0/22 maxlen: 24 180.150.180.0/22 maxlen: 24 180.150.184.0/22 maxlen: 24 180.150.188.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/14F2AE289734C6F9223A15F482EED7503BB5C42B.crl rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/14F2AE289734C6F9223A15F482EED7503BB5C42B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/14F2AE289734C6F9223A15F482EED7503BB5C42B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Jun 2026 23:56:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:fe:41:e4:ac:ee:d2:14:f8:4f:22:52:6a:b3:fe:42:f7:67:47:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14F2AE289734C6F9223A15F482EED7503BB5C42B Validity Not Before: Jun 3 06:34:05 2026 GMT Not After : Jun 2 06:39:05 2027 GMT Subject: CN=DE0A39941AB6F9F03656107196476CEC0E77C99A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:82:d7:fb:2d:54:76:a8:3d:cb:c5:ea:65:7b: 48:59:00:1e:fd:05:e5:4d:44:ba:a1:5e:fe:3c:44: 80:8a:45:a9:61:73:e3:c3:c5:61:9f:79:fd:57:2e: cb:53:74:92:80:91:47:1e:de:bf:0a:51:f1:91:e6: c0:b7:58:91:d2:65:57:4b:a5:44:99:dc:d0:72:c7: 4f:0a:ea:9f:f1:09:40:bd:0e:06:5c:b8:9b:a5:ef: 8d:4d:57:5b:c2:d5:56:2e:b2:a1:e4:6b:bf:db:c7: 23:79:0a:bd:d7:93:bb:3f:5d:e8:4e:6b:92:a7:d4: a7:84:b2:bb:66:69:eb:31:f2:15:01:f6:87:20:02: 3c:fd:12:c0:ef:d6:fa:d2:13:71:2a:7b:f9:c3:ad: a5:24:b9:b7:e4:8d:e4:e2:3c:94:71:11:0b:c6:d6: ee:fe:75:e7:eb:5e:4b:51:0d:36:b3:e8:5a:41:72: c0:f4:22:be:9b:9c:a2:4c:9c:f5:ff:cb:db:9f:46: fa:c1:e5:82:9d:0a:79:04:17:cc:7b:da:dd:7f:c6: 1f:aa:b9:ed:d6:ab:53:6b:ac:13:e0:01:b0:79:63: 79:bc:11:76:5e:e2:0d:ed:7f:1d:f4:3f:26:a6:f9: 57:f7:32:3b:10:dc:09:24:f3:b5:ea:0a:04:d0:a9: 7b:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:0A:39:94:1A:B6:F9:F0:36:56:10:71:96:47:6C:EC:0E:77:C9:9A X509v3 Authority Key Identifier: keyid:14:F2:AE:28:97:34:C6:F9:22:3A:15:F4:82:EE:D7:50:3B:B5:C4:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/14F2AE289734C6F9223A15F482EED7503BB5C42B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/14F2AE289734C6F9223A15F482EED7503BB5C42B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1099364928323584001/0/AS59089.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.244.80.0/22 114.118.0.0/19 114.118.64.0-114.118.103.255 114.119.204.0/22 120.132.32.0-120.132.95.255 123.59.0.0/16 180.150.176.0/20 Signature Algorithm: sha256WithRSAEncryption 26:e7:14:48:c2:39:1c:10:af:85:6d:b1:f6:6e:8c:26:00:f9: 42:15:bf:e2:50:a1:f7:1e:88:a7:ab:02:6f:66:0d:65:27:ea: 3a:0f:2e:b8:7e:25:48:e8:d2:94:3a:68:6b:df:2c:4a:7b:60: a0:a3:49:fc:88:fa:73:aa:a4:84:f3:b5:0e:d8:4c:87:8b:7f: 64:9e:1d:53:a7:e3:14:5d:67:c4:ea:c6:16:5b:1d:da:88:8e: 97:11:7d:cd:f9:94:c3:cb:e8:1e:51:e6:5f:0c:0a:e3:00:8c: 19:ba:2e:72:cd:c5:92:fd:12:96:e8:cb:34:06:84:41:fc:db: 9a:9a:0b:94:b6:4b:0a:70:10:22:48:45:54:52:41:61:7b:23: 12:dd:14:a4:5d:0d:ef:2d:47:39:02:b2:2f:29:67:8c:eb:c7: d3:1c:ef:c1:1f:31:69:df:76:33:65:a0:b2:2c:8c:fa:9f:b1: 07:55:92:3a:4f:98:db:4c:1c:83:9a:6d:ee:17:f9:dd:7f:be: 87:6f:7a:8b:70:33:ac:b0:14:3e:db:d8:4a:91:43:a1:ba:80: a9:07:0f:09:04:f8:5b:07:1c:da:d1:83:3e:06:36:a4:c3:98: 38:48:1f:65:a9:ac:51:c8:9d:7d:f3:fe:3e:31:be:c3:e2:58: 8f:cd:a9:01 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIUa/5B5Kzu0hT4TyJSarP+QvdnR9owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTRGMkFFMjg5NzM0QzZGOTIyM0ExNUY0ODJFRUQ3NTAz QkI1QzQyQjAeFw0yNjA2MDMwNjM0MDVaFw0yNzA2MDIwNjM5MDVaMDMxMTAvBgNV BAMTKERFMEEzOTk0MUFCNkY5RjAzNjU2MTA3MTk2NDc2Q0VDMEU3N0M5OUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDegtf7LVR2qD3Lxeple0hZAB79 BeVNRLqhXv48RICKRalhc+PDxWGfef1XLstTdJKAkUce3r8KUfGR5sC3WJHSZVdL pUSZ3NByx08K6p/xCUC9DgZcuJul741NV1vC1VYusqHka7/bxyN5Cr3Xk7s/XehO a5Kn1KeEsrtmaesx8hUB9ocgAjz9EsDv1vrSE3Eqe/nDraUkubfkjeTiPJRxEQvG 1u7+defrXktRDTaz6FpBcsD0Ir6bnKJMnPX/y9ufRvrB5YKdCnkEF8x72t1/xh+q ue3Wq1NrrBPgAbB5Y3m8EXZe4g3tfx30Pyam+Vf3MjsQ3Akk87XqCgTQqXvxAgMB AAGjggIWMIICEjAdBgNVHQ4EFgQU3go5lBq2+fA2VhBxlkds7A53yZowHwYDVR0j BBgwFoAUFPKuKJc0xvkiOhX0gu7XUDu1xCswDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 OTM2NDkyODMyMzU4NDAwMS8wLzE0RjJBRTI4OTczNEM2RjkyMjNBMTVGNDgyRUVE NzUwM0JCNUM0MkIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMTRGMkFFMjg5NzM0QzZGOTIyM0ExNUY0ODJFRUQ3NTAzQkI1QzQyQi5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTkzNjQ5MjgzMjM1ODQwMDEvMC9BUzU5MDg5LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTA/BAIA ATA5AwQCZ/RQAwQFcnYAMAwDBAZydkADBANydmADBAJyd8wwDAMEBXiEIAMEBXiE QAMDAHs7AwQEtJawMA0GCSqGSIb3DQEBCwUAA4IBAQAm5xRIwjkcEK+FbbH2bowm APlCFb/iUKH3HoinqwJvZg1lJ+o6Dy64fiVI6NKUOmhr3yxKe2Cgo0n8iPpzqqSE 87UO2EyHi39knh1Tp+MUXWfE6sYWWx3aiI6XEX3N+ZTDy+geUeZfDArjAIwZui5y zcWS/RKW6Ms0BoRB/NuamguUtksKcBAiSEVUUkFheyMS3RSkXQ3vLUc5ArIvKWeM 68fTHO/BHzFp33YzZaCyLIz6n7EHVZI6T5jbTByDmm3uF/ndf76Hb3qLcDOssBQ+ 29hKkUOhuoCpBw8JBPhbBxza0YM+Bjakw5g4SB9lqaxRyJ198/4+Mb7D4liPzakB -----END CERTIFICATE-----Generated at Sat Jun 6 12:23:13 2026 by rpki-client