$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS131314.roa File: AS131314.roa (raw, json) Hash identifier: zm6eNEs+Sg3vn7JG2IW6iQKdGTgnpkFrfio80ns6ymQ= Subject key identifier: 5C:E7:F0:7D:7B:9C:83:95:4C:77:BB:83:E3:FF:A1:A4:AA:6C:2F:4D Certificate issuer: /CN=8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE Certificate serial: 38E7450E6A729783873184372F12DBC925C3C7E4 Authority key identifier: 8D:47:3B:7B:41:E3:D6:22:DF:B3:B6:0D:5E:B9:46:99:8F:BE:7E:AE Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS131314.roa Signing time: Wed 13 May 2026 09:27:08 +0000 ROA not before: Wed 13 May 2026 09:22:08 +0000 ROA not after: Wed 12 May 2027 09:27:08 +0000 asID: 131314 IP address blocks: 103.200.220.0/22 maxlen: 24 103.200.224.0/24 maxlen: 24 103.200.228.0/24 maxlen: 24 103.200.232.0/24 maxlen: 24 103.201.192.0/24 maxlen: 24 103.201.193.0/24 maxlen: 24 103.201.196.0/24 maxlen: 24 103.201.200.0/24 maxlen: 24 111.118.200.0/24 maxlen: 24 113.21.232.0/22 maxlen: 24 113.21.236.0/22 maxlen: 24 119.161.120.0/22 maxlen: 24 119.161.124.0/24 maxlen: 24 120.136.16.0/22 maxlen: 24 120.136.20.0/22 maxlen: 24 202.47.104.0/21 maxlen: 24 202.47.110.0/24 maxlen: 24 202.57.192.0/24 maxlen: 24 202.57.193.0/24 maxlen: 24 202.57.196.0/22 maxlen: 24 202.57.200.0/23 maxlen: 24 202.57.201.0/24 maxlen: 24 202.57.202.0/24 maxlen: 24 202.57.204.0/23 maxlen: 24 202.65.96.0/22 maxlen: 24 202.65.96.0/24 maxlen: 24 2403:9b00:2000::/48 maxlen: 48 2403:9b00:2400::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.crl rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 11:49:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:e7:45:0e:6a:72:97:83:87:31:84:37:2f:12:db:c9:25:c3:c7:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE Validity Not Before: May 13 09:22:08 2026 GMT Not After : May 12 09:27:08 2027 GMT Subject: CN=5CE7F07D7B9C83954C77BB83E3FFA1A4AA6C2F4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:37:83:8e:5b:63:0c:f2:0f:6e:bc:9a:78:ba: 3e:6a:82:07:37:16:08:ae:c0:e5:2e:a6:30:d4:fa: 55:9d:27:6a:6b:24:dd:b4:0e:ca:0b:d0:8e:64:5f: 02:c4:6c:28:5e:13:5c:4a:33:76:15:d4:a1:d3:4a: 6e:e2:02:50:e0:c5:57:7c:5f:07:21:54:78:dc:b1: d2:34:9a:f3:fc:bc:23:1f:59:e8:2f:83:77:a4:17: 5b:1c:77:c4:d9:5c:78:5f:69:64:a4:7b:b0:6e:b3: 5e:ea:73:44:16:fb:c6:93:b0:08:d4:ef:56:67:a5: 1b:61:39:73:66:76:f2:a1:dd:90:df:f7:b6:df:9d: 93:8b:b8:c3:a1:c2:4a:06:80:5f:06:c3:34:9a:fe: 1f:b7:9f:0f:e1:f9:e2:be:1c:3d:2a:01:38:cb:f5: d8:df:c3:43:dc:bf:42:2f:6b:d3:9b:4e:f6:75:39: 53:1f:33:a7:31:44:83:a0:70:08:11:df:7d:60:c7: 94:8e:39:ef:78:c4:01:45:de:22:cf:75:15:1a:f3: 1c:a9:16:99:f6:2c:62:0b:83:51:ed:aa:00:ee:2c: 07:ed:8c:27:f3:1f:3c:9c:93:69:fe:8a:9c:be:91: 1d:47:e2:91:66:ff:45:b4:1a:ca:f4:12:34:b0:39: 27:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:E7:F0:7D:7B:9C:83:95:4C:77:BB:83:E3:FF:A1:A4:AA:6C:2F:4D X509v3 Authority Key Identifier: keyid:8D:47:3B:7B:41:E3:D6:22:DF:B3:B6:0D:5E:B9:46:99:8F:BE:7E:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS131314.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.200.220.0-103.200.224.255 103.200.228.0/24 103.200.232.0/24 103.201.192.0/23 103.201.196.0/24 103.201.200.0/24 111.118.200.0/24 113.21.232.0/21 119.161.120.0-119.161.124.255 120.136.16.0/21 202.47.104.0/21 202.57.192.0/23 202.57.196.0-202.57.202.255 202.57.204.0/23 202.65.96.0/22 IPv6: 2403:9b00:2000::/48 2403:9b00:2400::/48 Signature Algorithm: sha256WithRSAEncryption 43:e6:fb:74:48:09:0c:03:7e:94:5e:bf:b4:bc:f6:e3:0c:fa: 0d:a3:81:94:89:85:d8:1d:83:e3:33:fe:6e:53:f4:d1:28:7a: b7:a3:66:6e:27:66:37:0f:4c:ea:84:9b:a7:67:10:27:76:a9: 62:b9:54:1a:75:06:dc:2b:a3:bf:10:ee:fc:98:58:d0:48:91: cd:11:09:24:0a:ca:e3:bf:03:0c:9b:0d:cb:0e:28:c5:f4:7d: d6:70:25:ee:78:24:ad:d1:1f:10:46:6b:f8:51:17:3a:74:47: e7:78:1f:f3:21:bb:9e:4f:98:6b:a2:b1:f0:74:de:07:d5:46: ec:6d:d4:df:05:41:2f:fa:d9:7d:a7:e8:7e:c3:1b:a6:85:65: 44:5f:69:8d:ff:a2:2e:a3:17:dc:2d:25:37:6c:8a:6f:1b:fb: 01:a9:92:11:18:b6:f0:15:c1:cd:ea:db:24:1c:8c:58:09:a6: 2d:8e:6c:24:1e:89:c7:f9:aa:5f:b2:7c:22:34:05:ad:c5:be: 41:c6:20:c3:0b:ba:83:8d:47:d9:e4:60:47:91:03:7e:c7:f3: f4:a5:d4:41:dc:75:ae:4a:a5:22:e0:b0:68:57:2a:96:a8:ac: a4:f4:a3:6c:e5:ab:1a:02:e1:95:fb:05:6a:03:dd:20:d5:28: 38:08:56:40 -----BEGIN CERTIFICATE----- MIIFYzCCBEugAwIBAgIUOOdFDmpyl4OHMYQ3LxLbySXDx+QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0NzNCN0I0MUUzRDYyMkRGQjNCNjBENUVCOTQ2OTk4 RkJFN0VBRTAeFw0yNjA1MTMwOTIyMDhaFw0yNzA1MTIwOTI3MDhaMDMxMTAvBgNV BAMTKDVDRTdGMDdEN0I5QzgzOTU0Qzc3QkI4M0UzRkZBMUE0QUE2QzJGNEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqN4OOW2MM8g9uvJp4uj5qggc3 FgiuwOUupjDU+lWdJ2prJN20DsoL0I5kXwLEbCheE1xKM3YV1KHTSm7iAlDgxVd8 XwchVHjcsdI0mvP8vCMfWegvg3ekF1scd8TZXHhfaWSke7Bus17qc0QW+8aTsAjU 71ZnpRthOXNmdvKh3ZDf97bfnZOLuMOhwkoGgF8GwzSa/h+3nw/h+eK+HD0qATjL 9djfw0Pcv0Iva9ObTvZ1OVMfM6cxRIOgcAgR331gx5SOOe94xAFF3iLPdRUa8xyp Fpn2LGILg1HtqgDuLAftjCfzHzyck2n+ipy+kR1H4pFm/0W0Gsr0EjSwOSfTAgMB AAGjggJtMIICaTAdBgNVHQ4EFgQUXOfwfXucg5VMd7uD4/+hpKpsL00wHwYDVR0j BBgwFoAUjUc7e0Hj1iLfs7YNXrlGmY++fq4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NjcyMzM3MjE3OTQ1OC8wLzhENDczQjdCNDFFM0Q2MjJERkIzQjYwRDVFQjk0 Njk5OEZCRTdFQUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0NzNCN0I0MUUzRDYyMkRGQjNCNjBENUVCOTQ2OTk4RkJFN0VBRS5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1NzY3MjMzNzIxNzk0NTgvMC9BUzEzMTMxNC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBpwYIKwYBBQUHAQcBAf8EgZcwgZQw eAQCAAEwcjAMAwQCZ8jcAwQAZ8jgAwQAZ8jkAwQAZ8joAwQBZ8nAAwQAZ8nEAwQA Z8nIAwQAb3bIAwQDcRXoMAwDBAN3oXgDBAB3oXwDBAN4iBADBAPKL2gDBAHKOcAw DAMEAso5xAMEAMo5ygMEAco5zAMEAspBYDAYBAIAAjASAwcAJAObACAAAwcAJAOb ACQAMA0GCSqGSIb3DQEBCwUAA4IBAQBD5vt0SAkMA36UXr+0vPbjDPoNo4GUiYXY HYPjM/5uU/TRKHq3o2ZuJ2Y3D0zqhJunZxAndqliuVQadQbcK6O/EO78mFjQSJHN EQkkCsrjvwMMmw3LDijF9H3WcCXueCSt0R8QRmv4URc6dEfneB/zIbueT5hrorHw dN4H1UbsbdTfBUEv+tl9p+h+wxumhWVEX2mN/6IuoxfcLSU3bIpvG/sBqZIRGLbw FcHN6tskHIxYCaYtjmwkHonH+apfsnwiNAWtxb5BxiDDC7qDjUfZ5GBHkQN+x/P0 pdRB3HWuSqUi4LBoVyqWqKyk9KNs5asaAuGV+wVqA90g1Sg4CFZA -----END CERTIFICATE-----Generated at Wed May 13 14:14:00 2026 by rpki-client