$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS136958.roa File: AS136958.roa (raw, json) Hash identifier: 9evXBbv7x1TGnMGjCSgUJriu28GZk/4mc69qLBT6/pU= Subject key identifier: 02:41:5C:EE:89:B6:BA:28:64:99:EA:EC:24:EF:56:3C:E3:C2:9D:31 Certificate issuer: /CN=A9EF6BDE84A8B115C80721B280C9470B3BC0D886 Certificate serial: 1703A27B4F054761151FCB7F652FDC6F692EC2ED Authority key identifier: A9:EF:6B:DE:84:A8:B1:15:C8:07:21:B2:80:C9:47:0B:3B:C0:D8:86 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS136958.roa Signing time: Mon 11 May 2026 04:34:34 +0000 ROA not before: Mon 11 May 2026 04:29:34 +0000 ROA not after: Mon 10 May 2027 04:34:34 +0000 asID: 136958 IP address blocks: 110.43.32.0/21 maxlen: 21 110.43.40.0/21 maxlen: 21 110.43.48.0/21 maxlen: 21 110.43.56.0/21 maxlen: 21 110.43.240.0/21 maxlen: 21 110.43.248.0/21 maxlen: 21 2401:1d40:3000::/48 maxlen: 48 2401:1d40:3100::/48 maxlen: 48 2401:1d40:3101::/48 maxlen: 48 2401:1d40:3e00::/48 maxlen: 48 2401:1d40:3f00::/48 maxlen: 48 2401:1d40:3f02::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.crl rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 19:02:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:03:a2:7b:4f:05:47:61:15:1f:cb:7f:65:2f:dc:6f:69:2e:c2:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9EF6BDE84A8B115C80721B280C9470B3BC0D886 Validity Not Before: May 11 04:29:34 2026 GMT Not After : May 10 04:34:34 2027 GMT Subject: CN=02415CEE89B6BA286499EAEC24EF563CE3C29D31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6c:3d:ca:da:9b:4c:bf:95:aa:60:a7:81:2c: eb:70:a0:84:34:1f:60:5e:bb:9a:d1:47:0c:d6:c5: 48:12:6b:a9:b8:01:ac:40:94:8b:50:d9:68:f8:13: 8f:cc:27:86:12:20:70:1c:f5:9c:18:26:c8:b1:ef: 8a:56:07:9d:38:d9:18:cb:54:2b:25:b6:a9:ee:78: 25:90:81:2c:91:d3:b4:a7:a2:98:32:71:5b:3f:2a: 1f:3a:19:49:66:6f:1a:5c:f2:00:74:af:f9:3d:6b: f9:1e:12:5d:f6:4f:11:55:bd:44:e2:2d:74:c9:fd: f5:52:8b:f0:0b:a0:43:af:60:6a:d7:45:5d:15:d2: 7a:72:19:95:45:2e:3f:bc:b5:c4:4b:72:1d:25:c5: 7f:3e:1c:9b:03:1f:b6:14:12:54:f2:fe:7d:87:d9: c0:b6:cf:0b:b7:39:b3:8b:a3:12:b2:3a:0c:4d:3f: 5d:d7:30:24:44:e1:b3:b8:2a:39:7c:fc:d8:01:35: f3:70:43:02:b2:74:e3:14:e0:ce:3c:e9:ac:4f:dd: 1b:e6:7f:be:53:3f:ba:e3:61:22:0b:32:47:ac:08: 8b:e0:99:b8:98:79:78:d1:d5:6c:23:31:f5:71:06: a7:b6:5b:b2:05:59:16:66:d7:33:dd:d1:9a:4c:e4: 16:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:41:5C:EE:89:B6:BA:28:64:99:EA:EC:24:EF:56:3C:E3:C2:9D:31 X509v3 Authority Key Identifier: keyid:A9:EF:6B:DE:84:A8:B1:15:C8:07:21:B2:80:C9:47:0B:3B:C0:D8:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS136958.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 110.43.32.0/19 110.43.240.0/20 IPv6: 2401:1d40:3000::/48 2401:1d40:3100::/47 2401:1d40:3e00::/48 2401:1d40:3f00::/48 2401:1d40:3f02::/48 Signature Algorithm: sha256WithRSAEncryption 62:c8:c0:79:5f:b5:88:86:1c:f6:3e:07:a3:4e:6c:49:10:65: ea:84:ce:44:97:14:ee:36:c0:70:e8:49:f5:a2:b7:68:a1:87: 7f:a2:bd:cd:0c:d0:bf:97:de:84:84:ac:18:1a:26:17:86:6c: 0a:a6:68:c4:ff:7f:e3:64:e2:92:37:fc:eb:89:88:94:e9:07: e4:a5:1f:2f:08:dc:54:3f:1a:fe:50:95:ac:a4:ad:b4:a4:af: 53:72:3d:e5:80:4e:d8:24:ea:07:e4:6f:c7:89:0f:8e:d1:69: 2d:d2:2c:96:a9:37:0c:ef:ef:66:8d:f6:ba:10:0d:af:6e:d9: 7b:b7:92:7f:ae:91:9b:13:d2:32:2c:53:71:3d:aa:56:37:ad: dc:d8:66:22:07:d7:75:30:8c:22:aa:fb:98:e2:8e:80:33:ae: 83:6b:8d:91:cd:d0:c6:15:b3:e9:07:c1:c1:d4:bc:72:f2:7e: d9:d6:9b:e2:b7:8b:de:34:67:24:83:49:e8:72:6d:f4:78:5d: 3e:3f:a6:05:ce:77:5a:9c:10:ab:ac:d5:03:da:21:2d:01:f3: cd:37:91:53:49:53:c6:eb:50:c9:29:cf:f1:58:a9:34:bd:df: f1:4c:e7:5f:aa:a2:e1:12:8c:2b:bf:1f:67:e3:3b:a2:6f:7a: f2:58:9b:bd -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgIUFwOie08FR2EVH8t/ZS/cb2kuwu0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTlFRjZCREU4NEE4QjExNUM4MDcyMUIyODBDOTQ3MEIz QkMwRDg4NjAeFw0yNjA1MTEwNDI5MzRaFw0yNzA1MTAwNDM0MzRaMDMxMTAvBgNV BAMTKDAyNDE1Q0VFODlCNkJBMjg2NDk5RUFFQzI0RUY1NjNDRTNDMjlEMzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCibD3K2ptMv5WqYKeBLOtwoIQ0 H2Beu5rRRwzWxUgSa6m4AaxAlItQ2Wj4E4/MJ4YSIHAc9ZwYJsix74pWB5042RjL VCsltqnueCWQgSyR07SnopgycVs/Kh86GUlmbxpc8gB0r/k9a/keEl32TxFVvUTi LXTJ/fVSi/ALoEOvYGrXRV0V0npyGZVFLj+8tcRLch0lxX8+HJsDH7YUElTy/n2H 2cC2zwu3ObOLoxKyOgxNP13XMCRE4bO4Kjl8/NgBNfNwQwKydOMU4M486axP3Rvm f75TP7rjYSILMkesCIvgmbiYeXjR1WwjMfVxBqe2W7IFWRZm1zPd0ZpM5Ba/AgMB AAGjggIfMIICGzAdBgNVHQ4EFgQUAkFc7om2uihkmersJO9WPOPCnTEwHwYDVR0j BBgwFoAUqe9r3oSosRXIByGygMlHCzvA2IYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw NTA0NDMyNDIyOTMxNjYxNy8wL0E5RUY2QkRFODRBOEIxMTVDODA3MjFCMjgwQzk0 NzBCM0JDMEQ4ODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQTlFRjZCREU4NEE4QjExNUM4MDcyMUIyODBDOTQ3MEIzQkMwRDg4Ni5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTExMDUwNDQzMjQyMjkzMTY2MTcvMC9BUzEzNjk1OC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBggrBgEFBQcBBwEB/wRLMEkwEgQC AAEwDAMEBW4rIAMEBG4r8DAzBAIAAjAtAwcAJAEdQDAAAwcBJAEdQDEAAwcAJAEd QD4AAwcAJAEdQD8AAwcAJAEdQD8CMA0GCSqGSIb3DQEBCwUAA4IBAQBiyMB5X7WI hhz2PgejTmxJEGXqhM5ElxTuNsBw6En1ordooYd/or3NDNC/l96EhKwYGiYXhmwK pmjE/3/jZOKSN/zriYiU6QfkpR8vCNxUPxr+UJWspK20pK9Tcj3lgE7YJOoH5G/H iQ+O0Wkt0iyWqTcM7+9mjfa6EA2vbtl7t5J/rpGbE9IyLFNxPapWN63c2GYiB9d1 MIwiqvuY4o6AM66Da42RzdDGFbPpB8HB1Lxy8n7Z1pvit4veNGckg0nocm30eF0+ P6YFzndanBCrrNUD2iEtAfPNN5FTSVPG61DJKc/xWKk0vd/xTOdfqqLhEowrvx9n 4zuib3ryWJu9 -----END CERTIFICATE-----Generated at Wed May 13 08:25:11 2026 by rpki-client