$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS0.roa File: AS0.roa (raw, json) Hash identifier: gOXlO16zLqrwAqKI4fF54M1BTUqGjt4L3X0q9PLWs6c= Subject key identifier: 5B:32:83:08:A2:D3:2F:7C:7B:42:F6:84:54:BC:57:56:7B:77:0F:4A Certificate issuer: /CN=1FFF263C64163BC58514B539C10375CCB553D75E Certificate serial: 7A597FECD18CF6B1F0DAB3837D6EFB3CBBBEB290 Authority key identifier: 1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS0.roa Signing time: Thu 23 Apr 2026 03:57:20 +0000 ROA not before: Thu 23 Apr 2026 03:52:20 +0000 ROA not after: Thu 22 Apr 2027 03:57:20 +0000 asID: 0 IP address blocks: 59.153.168.0/22 maxlen: 22 103.24.116.0/22 maxlen: 22 150.242.236.0/22 maxlen: 22 202.89.108.0/22 maxlen: 22 202.136.248.0/22 maxlen: 22 202.174.124.0/22 maxlen: 22 2406:1e80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 13:31:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:59:7f:ec:d1:8c:f6:b1:f0:da:b3:83:7d:6e:fb:3c:bb:be:b2:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FFF263C64163BC58514B539C10375CCB553D75E Validity Not Before: Apr 23 03:52:20 2026 GMT Not After : Apr 22 03:57:20 2027 GMT Subject: CN=5B328308A2D32F7C7B42F68454BC57567B770F4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:8e:c7:aa:8e:48:f4:71:79:3a:86:df:17:64: b3:75:a6:02:ff:05:ef:12:79:25:fc:73:14:d6:83: df:bb:cb:29:d1:07:b1:99:ae:ec:fb:69:87:b4:7c: b0:15:65:b6:9c:3b:4c:27:68:4c:d1:c0:bb:c0:25: 94:38:c5:7e:05:26:d7:94:d1:26:8b:08:67:6f:12: 32:05:6e:62:26:87:4c:a1:e0:72:c6:54:d8:24:0f: 35:ed:8f:b1:25:ba:5d:d6:fb:53:a3:7d:11:aa:e7: 66:a4:8f:c2:23:05:ed:6e:b6:25:52:cf:f8:f4:c3: ea:6b:54:c6:d3:d8:4a:15:ea:b1:fa:5a:3d:c4:f2: e8:e3:21:92:b8:06:fa:8b:cc:96:c0:b9:79:ea:80: 97:09:9e:79:85:c1:53:3d:34:f1:28:70:42:37:d7: 2f:60:d0:79:c3:73:07:c0:86:99:10:af:4a:c8:e9: 5a:e3:4f:c4:bc:54:90:7b:7e:40:ae:a9:63:9b:cb: 01:75:d3:63:fb:d9:a6:62:10:d1:69:98:4b:94:f8: 62:dc:1a:c9:47:d6:6c:e9:65:c5:81:52:0e:72:7d: 9d:c3:da:ec:04:24:47:ac:0d:28:99:e8:c9:b0:3f: 46:ae:35:f2:d8:a8:22:2f:26:42:9a:42:c2:d9:4f: ef:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:32:83:08:A2:D3:2F:7C:7B:42:F6:84:54:BC:57:56:7B:77:0F:4A X509v3 Authority Key Identifier: keyid:1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 59.153.168.0/22 103.24.116.0/22 150.242.236.0/22 202.89.108.0/22 202.136.248.0/22 202.174.124.0/22 IPv6: 2406:1e80::/32 Signature Algorithm: sha256WithRSAEncryption 7c:f5:12:09:c1:35:70:ed:18:6b:63:8e:23:e8:0c:eb:b6:e7: cd:20:3a:2e:40:41:81:04:3d:ed:b2:39:1f:9e:fd:cf:ca:65: 7f:73:72:47:9c:30:ca:7c:d4:05:72:5e:86:51:fa:0f:28:1f: 53:b8:bb:e4:0b:e2:8a:f9:1f:0a:8d:dd:bb:77:c0:53:d8:13: 73:b0:a1:d7:90:14:aa:a3:d4:eb:6d:83:95:03:04:92:8b:7f: ad:fc:d3:04:5c:79:f0:84:85:bc:a3:14:9b:eb:d1:c8:ab:58: aa:02:f9:c6:5f:2a:9b:d5:2e:86:1e:29:90:2a:99:74:e2:50: e0:1f:c3:00:d8:de:7c:e6:1e:9e:7a:84:03:f9:f3:af:f0:59: a9:35:5c:83:9c:40:d1:c3:4b:ca:95:3b:cc:85:2b:bc:75:f3: 60:56:c7:a2:b6:08:8a:17:68:a2:3b:e8:a3:ea:4b:67:d9:f8: 8c:92:dc:8a:f0:4e:9b:e9:9c:98:b3:d9:f6:ba:a9:5c:f4:80: 0b:67:9a:80:27:f8:2d:72:27:85:87:04:ca:0e:f5:6a:a0:22: 63:0b:a2:b1:1a:99:fa:3d:39:00:95:44:ad:9d:07:bd:b7:ac: be:5b:36:17:82:4f:66:2d:a9:4c:bc:a1:47:7a:13:30:44:be: 1f:8c:14:a2 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUell/7NGM9rHw2rODfW77PLu+spAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NC NTUzRDc1RTAeFw0yNjA0MjMwMzUyMjBaFw0yNzA0MjIwMzU3MjBaMDMxMTAvBgNV BAMTKDVCMzI4MzA4QTJEMzJGN0M3QjQyRjY4NDU0QkM1NzU2N0I3NzBGNEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHjseqjkj0cXk6ht8XZLN1pgL/ Be8SeSX8cxTWg9+7yynRB7GZruz7aYe0fLAVZbacO0wnaEzRwLvAJZQ4xX4FJteU 0SaLCGdvEjIFbmImh0yh4HLGVNgkDzXtj7Elul3W+1OjfRGq52akj8IjBe1utiVS z/j0w+prVMbT2EoV6rH6Wj3E8ujjIZK4BvqLzJbAuXnqgJcJnnmFwVM9NPEocEI3 1y9g0HnDcwfAhpkQr0rI6VrjT8S8VJB7fkCuqWObywF102P72aZiENFpmEuU+GLc GslH1mzpZcWBUg5yfZ3D2uwEJEesDSiZ6MmwP0auNfLYqCIvJkKaQsLZT+9FAgMB AAGjggIMMIICCDAdBgNVHQ4EFgQUWzKDCKLTL3x7QvaEVLxXVnt3D0owHwYDVR0j BBgwFoAUH/8mPGQWO8WFFLU5wQN1zLVT114wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDMyNzA0My8wLzFGRkYyNjNDNjQxNjNCQzU4NTE0QjUzOUMxMDM3 NUNDQjU1M0Q3NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NCNTUzRDc1RS5jZXIw WQYIKwYBBQUHAQsETTBLMEkGCCsGAQUFBzALhj1yc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQzMjcwNDMvMC9BUzAucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwTAYIKwYBBQUHAQcBAf8EPTA7MCoEAgABMCQD BAI7magDBAJnGHQDBAKW8uwDBALKWWwDBALKiPgDBALKrnwwDQQCAAIwBwMFACQG HoAwDQYJKoZIhvcNAQELBQADggEBAHz1EgnBNXDtGGtjjiPoDOu2580gOi5AQYEE Pe2yOR+e/c/KZX9zckecMMp81AVyXoZR+g8oH1O4u+QL4or5HwqN3bt3wFPYE3Ow odeQFKqj1Ottg5UDBJKLf6380wRcefCEhbyjFJvr0cirWKoC+cZfKpvVLoYeKZAq mXTiUOAfwwDY3nzmHp56hAP586/wWak1XIOcQNHDS8qVO8yFK7x182BWx6K2CIoX aKI76KPqS2fZ+IyS3IrwTpvpnJiz2fa6qVz0gAtnmoAn+C1yJ4WHBMoO9WqgImML orEamfo9OQCVRK2dB723rL5bNheCT2YtqUy8oUd6EzBEvh+MFKI= -----END CERTIFICATE-----Generated at Tue May 12 21:53:47 2026 by rpki-client