$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS4847.roa File: AS4847.roa (raw, json) Hash identifier: UaL0mueNJNce4o1bxIo/jlJg2m3Z4Oheqv+PAKiB4xA= Subject key identifier: B4:59:3E:04:76:3C:2E:64:99:DA:C2:E0:D0:52:76:0A:CF:77:4C:F3 Certificate issuer: /CN=8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE Certificate serial: 52EAE0F4CF70D880820081DF4AC9B86FA3F73EA4 Authority key identifier: 8D:47:3B:7B:41:E3:D6:22:DF:B3:B6:0D:5E:B9:46:99:8F:BE:7E:AE Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS4847.roa Signing time: Wed 13 May 2026 09:27:08 +0000 ROA not before: Wed 13 May 2026 09:22:08 +0000 ROA not after: Wed 12 May 2027 09:27:08 +0000 asID: 4847 IP address blocks: 119.161.120.0/22 maxlen: 24 119.161.124.0/24 maxlen: 24 120.136.16.0/22 maxlen: 24 120.136.20.0/22 maxlen: 24 202.57.204.0/23 maxlen: 24 202.65.96.0/22 maxlen: 24 202.65.96.0/24 maxlen: 24 2403:9b00:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.crl rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 11:49:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:ea:e0:f4:cf:70:d8:80:82:00:81:df:4a:c9:b8:6f:a3:f7:3e:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE Validity Not Before: May 13 09:22:08 2026 GMT Not After : May 12 09:27:08 2027 GMT Subject: CN=B4593E04763C2E6499DAC2E0D052760ACF774CF3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:37:03:01:fd:e8:4e:61:d9:b7:22:1b:cd:7d: d1:d9:04:ba:79:c2:81:2d:34:c9:83:fe:3e:8f:4b: 78:e9:97:de:4d:89:b3:78:61:37:11:23:5c:eb:f9: 94:e0:38:96:2d:ae:23:ac:5a:0b:cc:fb:57:5d:b1: 36:06:f0:2e:3d:6c:4d:8f:b5:33:0a:cf:3c:0c:41: 41:d8:0d:7a:d1:d4:05:ab:e7:23:40:4e:43:9f:1e: 09:51:7d:47:a9:dd:b1:fb:a8:7d:e0:a4:0b:f7:ee: c1:8b:3a:e4:e0:2e:3e:f2:a8:31:3f:9a:8c:e8:1d: 88:ef:29:0e:2f:c0:7f:31:41:5d:ec:1c:81:c6:33: 04:86:d3:60:43:de:59:ec:9f:04:6a:c7:0a:9d:5f: a6:a3:e8:b8:3a:dc:ba:4e:70:1a:81:04:e1:70:e3: f8:e8:6e:73:c4:4e:63:b9:39:09:53:d4:fd:ac:83: 71:ae:ca:bb:97:00:16:32:11:a0:ef:55:d5:38:5e: 82:bb:d6:dc:7d:f3:e6:d7:56:74:9b:3c:29:6f:c1: 25:bd:e3:db:c5:59:2c:5d:ab:ff:09:74:cc:d4:70: 41:40:ae:37:1d:c1:76:74:57:96:c7:4e:a2:56:b7: 81:74:f6:99:9b:32:ea:a6:5f:36:6f:6e:18:84:67: ea:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:59:3E:04:76:3C:2E:64:99:DA:C2:E0:D0:52:76:0A:CF:77:4C:F3 X509v3 Authority Key Identifier: keyid:8D:47:3B:7B:41:E3:D6:22:DF:B3:B6:0D:5E:B9:46:99:8F:BE:7E:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS4847.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 119.161.120.0-119.161.124.255 120.136.16.0/21 202.57.204.0/23 202.65.96.0/22 IPv6: 2403:9b00:2000::/48 Signature Algorithm: sha256WithRSAEncryption c0:b5:f6:a0:93:52:55:46:c6:77:f9:58:b4:8e:ce:d4:0c:ac: c5:2c:7d:50:86:23:71:71:26:74:3c:37:b3:d1:12:f5:54:65: bd:ca:35:f4:9d:24:16:45:52:ea:cb:16:6d:33:34:4c:d4:d0: e7:59:83:88:7b:6d:2a:84:83:2e:8c:85:30:8b:a8:11:1f:fb: b3:59:12:2d:3e:13:02:78:75:73:f7:52:1f:da:54:72:e6:c7: 76:b8:a4:93:07:84:77:aa:b8:be:aa:be:e3:93:74:6e:ab:82: d9:68:82:b6:19:80:4d:c0:58:62:14:1e:f1:49:5f:bc:8b:66: 7b:d1:b1:2b:4c:41:79:11:e9:9f:4d:c5:a5:d8:50:05:4a:cf: 71:44:8b:9c:08:18:d1:ea:85:64:c2:bb:75:b4:0b:86:3d:6c: c0:e7:36:8c:6f:84:1f:36:ad:79:33:7c:da:68:41:40:a4:8d: 9f:77:eb:47:fb:40:3c:94:60:09:7d:2c:4a:52:c3:cf:bd:a0: 59:b8:c0:65:95:06:4c:8c:17:02:94:44:0b:70:ac:fb:08:a2: 52:65:64:f1:7a:b8:8e:9d:56:50:7c:1b:11:2b:cb:33:25:51: c2:89:30:59:b0:31:19:4b:b4:c5:78:92:8b:dd:b6:41:b8:a6: 9c:52:72:6a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIUUurg9M9w2ICCAIHfSsm4b6P3PqQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0NzNCN0I0MUUzRDYyMkRGQjNCNjBENUVCOTQ2OTk4 RkJFN0VBRTAeFw0yNjA1MTMwOTIyMDhaFw0yNzA1MTIwOTI3MDhaMDMxMTAvBgNV BAMTKEI0NTkzRTA0NzYzQzJFNjQ5OURBQzJFMEQwNTI3NjBBQ0Y3NzRDRjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnNwMB/ehOYdm3IhvNfdHZBLp5 woEtNMmD/j6PS3jpl95NibN4YTcRI1zr+ZTgOJYtriOsWgvM+1ddsTYG8C49bE2P tTMKzzwMQUHYDXrR1AWr5yNATkOfHglRfUep3bH7qH3gpAv37sGLOuTgLj7yqDE/ mozoHYjvKQ4vwH8xQV3sHIHGMwSG02BD3lnsnwRqxwqdX6aj6Lg63LpOcBqBBOFw 4/jobnPETmO5OQlT1P2sg3GuyruXABYyEaDvVdU4XoK71tx98+bXVnSbPClvwSW9 49vFWSxdq/8JdMzUcEFArjcdwXZ0V5bHTqJWt4F09pmbMuqmXzZvbhiEZ+rrAgMB AAGjggINMIICCTAdBgNVHQ4EFgQUtFk+BHY8LmSZ2sLg0FJ2Cs93TPMwHwYDVR0j BBgwFoAUjUc7e0Hj1iLfs7YNXrlGmY++fq4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NjcyMzM3MjE3OTQ1OC8wLzhENDczQjdCNDFFM0Q2MjJERkIzQjYwRDVFQjk0 Njk5OEZCRTdFQUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0NzNCN0I0MUUzRDYyMkRGQjNCNjBENUVCOTQ2OTk4RkJFN0VBRS5jZXIw XAYIKwYBBQUHAQsEUDBOMEwGCCsGAQUFBzALhkByc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1NzY3MjMzNzIxNzk0NTgvMC9BUzQ4NDcucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwSgYIKwYBBQUHAQcBAf8EOzA5MCYEAgAB MCAwDAMEA3eheAMEAHehfAMEA3iIEAMEAco5zAMEAspBYDAPBAIAAjAJAwcAJAOb ACAAMA0GCSqGSIb3DQEBCwUAA4IBAQDAtfagk1JVRsZ3+Vi0js7UDKzFLH1QhiNx cSZ0PDez0RL1VGW9yjX0nSQWRVLqyxZtMzRM1NDnWYOIe20qhIMujIUwi6gRH/uz WRItPhMCeHVz91If2lRy5sd2uKSTB4R3qri+qr7jk3Ruq4LZaIK2GYBNwFhiFB7x SV+8i2Z70bErTEF5EemfTcWl2FAFSs9xRIucCBjR6oVkwrt1tAuGPWzA5zaMb4Qf Nq15M3zaaEFApI2fd+tH+0A8lGAJfSxKUsPPvaBZuMBllQZMjBcClEQLcKz7CKJS ZWTxeriOnVZQfBsRK8szJVHCiTBZsDEZS7TFeJKL3bZBuKacUnJq -----END CERTIFICATE-----Generated at Wed May 13 14:14:01 2026 by rpki-client