$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS136958.roa File: AS136958.roa (raw, json) Hash identifier: 7jCeyf6AU3H7YzswgS/JqKo70V3T9ZpJ66+1N6L7IMY= Subject key identifier: CE:43:4D:4B:32:24:BD:D4:08:5B:40:A7:7B:30:6B:20:6E:AE:13:A2 Certificate issuer: /CN=9BF34B3817748D3E69CC3880F13A8383A9AA3C2C Certificate serial: 6C2FD0A8F00A2B4FF6B187D82F6CCD6457405607 Authority key identifier: 9B:F3:4B:38:17:74:8D:3E:69:CC:38:80:F1:3A:83:83:A9:AA:3C:2C Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS136958.roa Signing time: Tue 12 May 2026 09:40:16 +0000 ROA not before: Tue 12 May 2026 09:35:16 +0000 ROA not after: Tue 11 May 2027 09:40:16 +0000 asID: 136958 IP address blocks: 42.240.128.0/20 maxlen: 20 42.240.144.0/20 maxlen: 20 42.240.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 07:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:2f:d0:a8:f0:0a:2b:4f:f6:b1:87:d8:2f:6c:cd:64:57:40:56:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9BF34B3817748D3E69CC3880F13A8383A9AA3C2C Validity Not Before: May 12 09:35:16 2026 GMT Not After : May 11 09:40:16 2027 GMT Subject: CN=CE434D4B3224BDD4085B40A77B306B206EAE13A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:eb:d4:84:75:96:7e:aa:76:6d:d9:06:c6:5d: 27:a8:1e:7c:b8:69:58:9d:bc:6d:ec:c0:51:f3:d6: 96:da:4b:50:cd:10:ff:22:5c:b0:45:fc:4d:50:02: f0:8b:94:82:49:b6:72:57:0a:05:99:b7:8c:2e:0f: ee:88:83:34:b7:16:e7:90:b1:06:7e:a4:dd:3f:a8: ff:df:0d:d8:78:50:03:15:91:00:9d:69:9e:f3:47: e8:dd:4a:d5:08:c5:28:8d:26:35:1f:e5:26:a7:ed: 14:3c:5b:e3:c5:dc:8b:8d:cc:a6:c5:5f:92:10:69: e7:a1:4e:bf:c4:7d:59:44:d4:47:7e:42:bd:13:a5: 19:86:d4:a8:b3:e8:56:32:98:1b:85:14:8d:c8:1a: f7:52:9a:73:18:82:7b:4b:5f:84:ae:85:d4:fb:0e: 73:f6:34:e9:c2:74:2e:82:3a:eb:6c:6f:03:d8:89: fb:70:b3:ed:43:f1:2b:9b:f2:e9:aa:03:95:af:f5: c9:e0:5a:0c:d4:26:bb:33:f3:84:82:1c:70:5b:bf: d9:a5:91:60:f7:5b:50:fa:0f:aa:1f:f2:f6:15:b0: b3:63:94:df:d2:37:96:40:7d:aa:76:29:fb:bd:56: 41:a9:69:44:4a:6b:6e:ca:14:3d:af:2b:0a:76:d1: b0:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:43:4D:4B:32:24:BD:D4:08:5B:40:A7:7B:30:6B:20:6E:AE:13:A2 X509v3 Authority Key Identifier: keyid:9B:F3:4B:38:17:74:8D:3E:69:CC:38:80:F1:3A:83:83:A9:AA:3C:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS136958.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 42.240.128.0-42.240.175.255 Signature Algorithm: sha256WithRSAEncryption 6c:b9:20:1b:f4:3a:a0:d0:3e:67:46:22:0d:c7:02:ee:e4:b0: 64:10:c5:45:0a:79:55:37:d3:ef:4f:c9:20:94:21:0d:1e:85: f4:fa:93:64:ac:44:6e:b7:f5:d0:db:3d:d9:c2:bc:06:ec:22: ab:be:06:3d:b5:08:fd:b8:b9:fb:55:04:77:bd:21:18:1c:b3: 22:da:53:fc:89:75:73:48:77:1e:d7:59:59:73:74:0e:06:a0: 59:d2:21:8b:8b:9c:5d:f1:50:da:9d:ce:70:96:df:5b:a2:2f: 23:bd:6d:01:d2:02:80:c4:c8:e0:ae:3e:df:ea:36:90:18:2e: 9c:b0:d7:a4:63:8f:c7:60:40:d1:c0:60:f0:08:28:74:a3:a5: cd:e8:6a:d1:24:45:81:9c:92:c4:10:7c:8a:5e:76:3c:4d:48: 3a:98:d1:b0:a0:4b:56:4f:f9:2b:6b:06:a5:45:a4:2c:02:68: f6:18:b9:99:f9:62:01:59:bb:4d:b1:a4:07:73:68:54:08:75: 3c:69:d5:ed:8c:bb:5a:22:ec:58:e9:dd:1d:6c:c6:40:45:f1: 53:43:8b:1b:91:1d:db:1a:6f:f3:bd:bd:46:fd:60:89:5f:5c: dc:7c:a1:dd:0f:7d:db:b2:3e:77:4c:5a:03:4b:63:df:a6:ad: 55:77:df:cd -----BEGIN CERTIFICATE----- MIIE4jCCA8qgAwIBAgIUbC/QqPAKK0/2sYfYL2zNZFdAVgcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUJGMzRCMzgxNzc0OEQzRTY5Q0MzODgwRjEzQTgzODNB OUFBM0MyQzAeFw0yNjA1MTIwOTM1MTZaFw0yNzA1MTEwOTQwMTZaMDMxMTAvBgNV BAMTKENFNDM0RDRCMzIyNEJERDQwODVCNDBBNzdCMzA2QjIwNkVBRTEzQTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC469SEdZZ+qnZt2QbGXSeoHny4 aVidvG3swFHz1pbaS1DNEP8iXLBF/E1QAvCLlIJJtnJXCgWZt4wuD+6IgzS3FueQ sQZ+pN0/qP/fDdh4UAMVkQCdaZ7zR+jdStUIxSiNJjUf5San7RQ8W+PF3IuNzKbF X5IQaeehTr/EfVlE1Ed+Qr0TpRmG1Kiz6FYymBuFFI3IGvdSmnMYgntLX4SuhdT7 DnP2NOnCdC6COutsbwPYiftws+1D8Sub8umqA5Wv9cngWgzUJrsz84SCHHBbv9ml kWD3W1D6D6of8vYVsLNjlN/SN5ZAfap2Kfu9VkGpaURKa27KFD2vKwp20bCjAgMB AAGjggHsMIIB6DAdBgNVHQ4EFgQUzkNNSzIkvdQIW0CnezBrIG6uE6IwHwYDVR0j BBgwFoAUm/NLOBd0jT5pzDiA8TqDg6mqPCwwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDU4OTE4Ny8wLzlCRjM0QjM4MTc3NDhEM0U2OUNDMzg4MEYxM0E4 MzgzQTlBQTNDMkMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOUJGMzRCMzgxNzc0OEQzRTY5Q0MzODgwRjEzQTgzODNBOUFBM0MyQy5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ1ODkxODcvMC9BUzEzNjk1OC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQC AAEwDjAMAwQHKvCAAwQEKvCgMA0GCSqGSIb3DQEBCwUAA4IBAQBsuSAb9Dqg0D5n RiINxwLu5LBkEMVFCnlVN9PvT8kglCENHoX0+pNkrERut/XQ2z3ZwrwG7CKrvgY9 tQj9uLn7VQR3vSEYHLMi2lP8iXVzSHce11lZc3QOBqBZ0iGLi5xd8VDanc5wlt9b oi8jvW0B0gKAxMjgrj7f6jaQGC6csNekY4/HYEDRwGDwCCh0o6XN6GrRJEWBnJLE EHyKXnY8TUg6mNGwoEtWT/krawalRaQsAmj2GLmZ+WIBWbtNsaQHc2hUCHU8adXt jLtaIuxY6d0dbMZARfFTQ4sbkR3bGm/zvb1G/WCJX1zcfKHdD33bsj53TFoDS2Pf pq1Vd9/N -----END CERTIFICATE-----Generated at Wed May 13 08:25:11 2026 by rpki-client