$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1111469242210844693/0/AS0.roa File: AS0.roa (raw, json) Hash identifier: 28mAZTz2GnuHbhtlI5VtdU5qKVbmobViaTukwaHnXc8= Subject key identifier: 0F:53:7E:C9:B0:0C:6D:E7:3B:97:A9:5E:EC:67:8E:F3:B0:0B:7E:FB Certificate issuer: /CN=F071BDCFD00F17B0D2CB7A04E39F7FC3C33A0B8D Certificate serial: 6CFAA2AFD8C7EB359E7F94CA69E833ABF1130435 Authority key identifier: F0:71:BD:CF:D0:0F:17:B0:D2:CB:7A:04:E3:9F:7F:C3:C3:3A:0B:8D Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/F071BDCFD00F17B0D2CB7A04E39F7FC3C33A0B8D.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1111469242210844693/0/AS0.roa Signing time: Fri 29 May 2026 03:07:25 +0000 ROA not before: Fri 29 May 2026 03:02:25 +0000 ROA not after: Fri 28 May 2027 03:07:25 +0000 asID: 0 IP address blocks: 103.96.216.0/22 maxlen: 22 119.44.6.0/24 maxlen: 24 119.44.13.0/24 maxlen: 24 119.44.14.0/24 maxlen: 24 119.44.15.0/24 maxlen: 24 119.44.22.0/24 maxlen: 24 119.44.30.0/23 maxlen: 23 119.44.32.0/21 maxlen: 21 119.44.40.0/22 maxlen: 22 119.44.44.0/24 maxlen: 24 119.44.47.0/24 maxlen: 24 119.44.48.0/24 maxlen: 24 119.44.53.0/24 maxlen: 24 119.44.54.0/24 maxlen: 24 119.44.55.0/24 maxlen: 24 119.44.193.0/24 maxlen: 24 119.44.194.0/23 maxlen: 23 119.44.196.0/22 maxlen: 22 119.44.201.0/24 maxlen: 24 119.44.202.0/23 maxlen: 23 119.44.215.0/24 maxlen: 24 119.44.216.0/24 maxlen: 24 119.44.240.0/22 maxlen: 22 119.44.244.0/22 maxlen: 22 119.44.248.0/23 maxlen: 23 119.44.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1111469242210844693/0/F071BDCFD00F17B0D2CB7A04E39F7FC3C33A0B8D.crl rsync://rpki-rps.cnnic.cn/repo/A1111469242210844693/0/F071BDCFD00F17B0D2CB7A04E39F7FC3C33A0B8D.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/F071BDCFD00F17B0D2CB7A04E39F7FC3C33A0B8D.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 May 2026 06:15:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:fa:a2:af:d8:c7:eb:35:9e:7f:94:ca:69:e8:33:ab:f1:13:04:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F071BDCFD00F17B0D2CB7A04E39F7FC3C33A0B8D Validity Not Before: May 29 03:02:25 2026 GMT Not After : May 28 03:07:25 2027 GMT Subject: CN=0F537EC9B00C6DE73B97A95EEC678EF3B00B7EFB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:20:16:33:e5:8a:40:8d:d0:4b:64:36:9f:3f: 63:bc:c7:66:29:57:17:5c:ab:38:0a:3c:82:b2:22: 54:51:36:21:89:be:51:54:89:83:3c:ca:70:7e:88: b2:b6:42:56:41:d2:44:30:86:bd:61:21:04:fc:bc: ba:14:38:5d:fb:08:7b:78:69:7b:05:41:67:42:47: ee:d8:b2:26:b5:9c:47:35:b7:19:ea:0c:de:13:9a: fe:bd:65:93:32:60:83:82:92:40:e0:06:76:fa:c0: 56:b2:0b:97:4c:f8:64:92:28:f4:2e:df:84:79:b1: 19:9d:26:c0:5d:b2:67:b7:c6:3a:bc:f1:d9:7d:09: 50:71:4a:ac:31:62:57:f8:04:54:6c:c3:c3:98:7b: f3:90:e1:70:da:6d:8f:7b:2d:c7:1c:93:23:db:eb: a2:cd:5a:d9:85:be:98:32:8e:f4:3b:fd:fa:a2:45: 11:7a:2d:4a:23:dd:b5:cd:b2:f5:ec:0a:6e:7c:d3: f1:27:19:09:00:71:46:7b:6c:f4:06:b5:0e:90:4c: 14:f2:9d:dc:69:43:06:b7:c5:7b:d9:c0:d5:29:c3: 20:be:74:e6:6a:b9:89:19:8f:d8:0d:e0:c5:a5:eb: 6f:5f:e6:91:ef:5c:f0:62:ca:0f:a9:d1:ba:88:01: 34:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:53:7E:C9:B0:0C:6D:E7:3B:97:A9:5E:EC:67:8E:F3:B0:0B:7E:FB X509v3 Authority Key Identifier: keyid:F0:71:BD:CF:D0:0F:17:B0:D2:CB:7A:04:E3:9F:7F:C3:C3:3A:0B:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1111469242210844693/0/F071BDCFD00F17B0D2CB7A04E39F7FC3C33A0B8D.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/F071BDCFD00F17B0D2CB7A04E39F7FC3C33A0B8D.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1111469242210844693/0/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.96.216.0/22 119.44.6.0/24 119.44.13.0-119.44.15.255 119.44.22.0/24 119.44.30.0-119.44.44.255 119.44.47.0-119.44.48.255 119.44.53.0-119.44.55.255 119.44.193.0-119.44.199.255 119.44.201.0-119.44.203.255 119.44.215.0-119.44.216.255 119.44.240.0-119.44.250.255 Signature Algorithm: sha256WithRSAEncryption 68:b5:6b:dc:a5:22:66:cb:3a:93:73:75:91:87:36:3f:20:13: 0c:ce:16:b4:bc:e3:53:28:67:ca:ce:f1:86:7a:06:2e:ea:dc: fb:5d:76:0d:b4:6f:f1:06:20:d1:47:72:3d:ab:93:d7:8d:c2: d6:81:a0:3e:33:af:cf:2d:b5:0b:89:46:02:a1:81:23:a6:ab: 75:71:ad:04:c7:0b:36:46:1f:d9:d6:65:78:b7:10:fb:63:c4: 4b:ac:8f:e5:fd:ca:8c:bb:e7:54:c5:13:6d:88:71:6f:3c:df: 3e:a6:48:6a:e6:b3:4c:b7:97:b0:d5:29:fb:d5:a9:17:66:e9: 3e:c9:c3:36:90:10:e4:01:8a:5a:63:36:29:cb:a1:d6:bb:c4: f7:2c:7d:f7:2b:11:82:47:b0:97:72:1f:8b:a6:c2:09:ee:04: bf:ae:ea:65:ec:13:7a:2c:aa:4e:df:94:ef:4d:55:ba:ec:a4: 96:2f:e2:2f:7b:c0:28:84:65:24:6f:47:20:b4:5b:43:9b:ee: 14:3d:03:0d:e4:54:75:aa:4f:00:76:1a:97:13:df:06:b7:78: db:b8:ad:b4:c5:43:8c:3d:b8:a9:f8:34:6e:72:87:61:b2:31: 36:a2:a8:ed:70:b4:c2:09:f0:f1:b9:74:e5:bf:c9:48:c9:fb: 96:89:a0:94 -----BEGIN CERTIFICATE----- MIIFVjCCBD6gAwIBAgIUbPqir9jH6zWef5TKaegzq/ETBDUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjA3MUJEQ0ZEMDBGMTdCMEQyQ0I3QTA0RTM5RjdGQzND MzNBMEI4RDAeFw0yNjA1MjkwMzAyMjVaFw0yNzA1MjgwMzA3MjVaMDMxMTAvBgNV BAMTKDBGNTM3RUM5QjAwQzZERTczQjk3QTk1RUVDNjc4RUYzQjAwQjdFRkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyIBYz5YpAjdBLZDafP2O8x2Yp VxdcqzgKPIKyIlRRNiGJvlFUiYM8ynB+iLK2QlZB0kQwhr1hIQT8vLoUOF37CHt4 aXsFQWdCR+7Ysia1nEc1txnqDN4Tmv69ZZMyYIOCkkDgBnb6wFayC5dM+GSSKPQu 34R5sRmdJsBdsme3xjq88dl9CVBxSqwxYlf4BFRsw8OYe/OQ4XDabY97LccckyPb 66LNWtmFvpgyjvQ7/fqiRRF6LUoj3bXNsvXsCm580/EnGQkAcUZ7bPQGtQ6QTBTy ndxpQwa3xXvZwNUpwyC+dOZquYkZj9gN4MWl629f5pHvXPBiyg+p0bqIATTBAgMB AAGjggJgMIICXDAdBgNVHQ4EFgQUD1N+ybAMbec7l6le7GeO87ALfvswHwYDVR0j BBgwFoAU8HG9z9APF7DSy3oE459/w8M6C40wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEx MTQ2OTI0MjIxMDg0NDY5My8wL0YwNzFCRENGRDAwRjE3QjBEMkNCN0EwNEUzOUY3 RkMzQzMzQTBCOEQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRjA3MUJEQ0ZEMDBGMTdCMEQyQ0I3QTA0RTM5RjdGQzNDMzNBMEI4RC5jZXIw WQYIKwYBBQUHAQsETTBLMEkGCCsGAQUFBzALhj1yc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTExMTE0NjkyNDIyMTA4NDQ2OTMvMC9BUzAucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwgZ8GCCsGAQUFBwEHAQH/BIGPMIGMMIGJBAIA ATCBggMEAmdg2AMEAHcsBjAMAwQAdywNAwQEdywAAwQAdywWMAwDBAF3LB4DBAB3 LCwwDAMEAHcsLwMEAHcsMDAMAwQAdyw1AwQDdywwMAwDBAB3LMEDBAN3LMAwDAME AHcsyQMEAncsyDAMAwQAdyzXAwQAdyzYMAwDBAR3LPADBAB3LPowDQYJKoZIhvcN AQELBQADggEBAGi1a9ylImbLOpNzdZGHNj8gEwzOFrS841MoZ8rO8YZ6Bi7q3Ptd dg20b/EGINFHcj2rk9eNwtaBoD4zr88ttQuJRgKhgSOmq3VxrQTHCzZGH9nWZXi3 EPtjxEusj+X9yoy751TFE22IcW883z6mSGrms0y3l7DVKfvVqRdm6T7JwzaQEOQB ilpjNinLoda7xPcsffcrEYJHsJdyH4umwgnuBL+u6mXsE3osqk7flO9NVbrspJYv 4i97wCiEZSRvRyC0W0Ob7hQ9Aw3kVHWqTwB2GpcT3wa3eNu4rbTFQ4w9uKn4NG5y h2GyMTaiqO1wtMIJ8PG5dOW/yUjJ+5aJoJQ= -----END CERTIFICATE-----Generated at Fri May 29 23:48:43 2026 by rpki-client