$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS23724.roa File: AS23724.roa (raw, json) Hash identifier: PWNpvMqZ/OiMRgBsCv4/CI4tfd1J7ukQKAyQ4Se+Gkc= Subject key identifier: 42:8B:EC:8F:63:8B:DE:39:88:ED:8D:41:E0:49:D9:43:94:C3:5D:3E Certificate issuer: /CN=9BF34B3817748D3E69CC3880F13A8383A9AA3C2C Certificate serial: 561FB8F3E33AE69AEF02CBC6981F3C62C845D112 Authority key identifier: 9B:F3:4B:38:17:74:8D:3E:69:CC:38:80:F1:3A:83:83:A9:AA:3C:2C Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS23724.roa Signing time: Tue 12 May 2026 09:40:16 +0000 ROA not before: Tue 12 May 2026 09:35:16 +0000 ROA not after: Tue 11 May 2027 09:40:16 +0000 asID: 23724 IP address blocks: 101.237.34.0/24 maxlen: 24 101.237.37.0/24 maxlen: 24 106.75.0.0/19 maxlen: 19 106.75.32.0/19 maxlen: 19 106.75.64.0/19 maxlen: 19 106.75.96.0/19 maxlen: 19 117.50.0.0/19 maxlen: 19 117.50.32.0/19 maxlen: 19 117.50.64.0/19 maxlen: 19 117.50.96.0/19 maxlen: 19 117.50.128.0/19 maxlen: 19 117.50.160.0/19 maxlen: 19 117.50.192.0/19 maxlen: 19 117.50.224.0/19 maxlen: 19 2401:3480::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 11:48:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:1f:b8:f3:e3:3a:e6:9a:ef:02:cb:c6:98:1f:3c:62:c8:45:d1:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9BF34B3817748D3E69CC3880F13A8383A9AA3C2C Validity Not Before: May 12 09:35:16 2026 GMT Not After : May 11 09:40:16 2027 GMT Subject: CN=428BEC8F638BDE3988ED8D41E049D94394C35D3E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:77:41:d2:27:46:73:99:4f:2d:47:99:89:6a: 2d:47:38:60:a0:ab:2a:bf:45:8e:83:2e:30:57:7d: 67:66:08:1c:e5:6d:84:57:b0:ed:a1:d5:69:7a:9d: dd:b8:f6:23:30:47:cc:7e:db:6a:9a:1a:57:a8:8c: b5:a0:1f:8d:b0:a9:41:cb:97:da:7e:9b:a5:64:bd: 81:36:09:40:6d:00:bc:c5:4c:48:78:e6:19:09:83: 30:42:d6:b7:e3:99:8a:bb:3f:df:99:38:3d:b0:ee: a0:b4:e6:fe:60:31:55:8b:6e:14:57:68:47:fe:ba: c4:c0:ca:a6:bb:3f:dd:84:f2:be:c3:c4:50:c2:71: 74:07:ba:11:f7:59:71:93:07:ae:b2:4f:14:fb:4e: 8f:ef:e6:53:67:35:7b:5e:db:3c:07:52:ea:79:76: 9f:0a:c4:28:d2:22:2a:8d:25:33:32:a5:c7:3f:44: 25:75:81:59:80:7e:bb:14:d3:7e:b8:18:4b:58:49: 1d:12:c9:d4:a0:20:cc:2a:2c:3c:43:5f:a1:f5:c4: bd:08:4c:f0:04:0e:86:5d:a3:db:56:67:5c:ba:a8: d5:95:64:4e:9b:94:f9:a8:03:c7:2f:dc:1e:da:92: 5c:18:c4:ca:18:0b:58:0d:af:61:94:98:d0:7b:e2: d8:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:8B:EC:8F:63:8B:DE:39:88:ED:8D:41:E0:49:D9:43:94:C3:5D:3E X509v3 Authority Key Identifier: keyid:9B:F3:4B:38:17:74:8D:3E:69:CC:38:80:F1:3A:83:83:A9:AA:3C:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS23724.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 101.237.34.0/24 101.237.37.0/24 106.75.0.0/17 117.50.0.0/16 IPv6: 2401:3480::/36 Signature Algorithm: sha256WithRSAEncryption 73:0c:26:66:3a:7f:19:7d:6d:ab:a7:a5:92:01:6d:5e:01:5c: c9:cd:d5:48:c9:a7:b2:f0:7a:ac:90:18:89:bd:f1:d8:78:b4: f3:51:07:5a:dc:a1:ee:2c:90:88:5f:12:22:70:e7:78:3b:bd: 36:a7:bf:5d:da:6d:2a:8b:c3:46:da:b5:d7:dc:7b:de:7e:0a: c7:3f:3a:bb:98:b0:f6:78:60:46:d6:b7:4a:48:74:23:83:d0: d1:68:8e:e8:1a:90:68:b4:74:63:4a:78:b9:aa:46:34:27:fa: 10:ee:80:77:c8:28:75:ec:bc:fe:e8:04:9d:78:c0:0b:ab:89: 5e:ef:4d:52:e8:db:26:de:af:3f:51:f9:3d:08:77:26:6b:1b: 0d:6b:67:7d:a9:27:fd:93:7e:69:96:9a:cd:c5:9d:14:b0:b1: b1:08:ef:71:3c:ee:3a:a8:33:07:19:9b:b1:aa:28:3f:17:a2: 19:bd:22:c1:c2:1f:4e:9d:09:d3:93:a4:4a:36:46:ec:9d:dc: e9:da:1f:6f:51:cc:3d:7f:c7:d6:a4:91:7a:41:ef:01:b9:62: 8e:ef:f9:c2:f1:62:0c:c0:96:36:04:f1:a6:63:05:bf:fc:4d: f5:b7:fd:dc:46:e5:5e:29:36:06:a1:8a:58:90:cb:ff:82:fc: c6:39:cd:30 -----BEGIN CERTIFICATE----- MIIE+jCCA+KgAwIBAgIUVh+48+M65prvAsvGmB88YshF0RIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUJGMzRCMzgxNzc0OEQzRTY5Q0MzODgwRjEzQTgzODNB OUFBM0MyQzAeFw0yNjA1MTIwOTM1MTZaFw0yNzA1MTEwOTQwMTZaMDMxMTAvBgNV BAMTKDQyOEJFQzhGNjM4QkRFMzk4OEVEOEQ0MUUwNDlEOTQzOTRDMzVEM0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgd0HSJ0ZzmU8tR5mJai1HOGCg qyq/RY6DLjBXfWdmCBzlbYRXsO2h1Wl6nd249iMwR8x+22qaGleojLWgH42wqUHL l9p+m6VkvYE2CUBtALzFTEh45hkJgzBC1rfjmYq7P9+ZOD2w7qC05v5gMVWLbhRX aEf+usTAyqa7P92E8r7DxFDCcXQHuhH3WXGTB66yTxT7To/v5lNnNXte2zwHUup5 dp8KxCjSIiqNJTMypcc/RCV1gVmAfrsU0364GEtYSR0SydSgIMwqLDxDX6H1xL0I TPAEDoZdo9tWZ1y6qNWVZE6blPmoA8cv3B7aklwYxMoYC1gNr2GUmNB74tjHAgMB AAGjggIEMIICADAdBgNVHQ4EFgQUQovsj2OL3jmI7Y1B4EnZQ5TDXT4wHwYDVR0j BBgwFoAUm/NLOBd0jT5pzDiA8TqDg6mqPCwwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDU4OTE4Ny8wLzlCRjM0QjM4MTc3NDhEM0U2OUNDMzg4MEYxM0E4 MzgzQTlBQTNDMkMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOUJGMzRCMzgxNzc0OEQzRTY5Q0MzODgwRjEzQTgzODNBOUFBM0MyQy5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ1ODkxODcvMC9BUzIzNzI0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAdBAIA ATAXAwQAZe0iAwQAZe0lAwQHaksAAwMAdTIwDgQCAAIwCAMGBCQBNIAAMA0GCSqG SIb3DQEBCwUAA4IBAQBzDCZmOn8ZfW2rp6WSAW1eAVzJzdVIyaey8HqskBiJvfHY eLTzUQda3KHuLJCIXxIicOd4O702p79d2m0qi8NG2rXX3HvefgrHPzq7mLD2eGBG 1rdKSHQjg9DRaI7oGpBotHRjSni5qkY0J/oQ7oB3yCh17Lz+6ASdeMALq4le701S 6Nsm3q8/Ufk9CHcmaxsNa2d9qSf9k35plprNxZ0UsLGxCO9xPO46qDMHGZuxqig/ F6IZvSLBwh9OnQnTk6RKNkbsndzp2h9vUcw9f8fWpJF6Qe8BuWKO7/nC8WIMwJY2 BPGmYwW//E31t/3cRuVeKTYGoYpYkMv/gvzGOc0w -----END CERTIFICATE-----Generated at Wed May 13 03:49:07 2026 by rpki-client