$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065591195721793537/0/AS146788.roa File: AS146788.roa (raw, json) Hash identifier: rVdRouxB5F2Bn88ZAEgt2PXhDEy2teygSVIxZd3/qt0= Subject key identifier: 23:AF:D1:C2:24:7C:C8:52:0B:D3:C5:B5:74:5B:95:66:90:08:41:CF Certificate issuer: /CN=845BB307E2A1100E89FA0C939A9389686796F0F6 Certificate serial: 694717EDB7A314B1D691F761A1FDAB5AEEE4733F Authority key identifier: 84:5B:B3:07:E2:A1:10:0E:89:FA:0C:93:9A:93:89:68:67:96:F0:F6 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/845BB307E2A1100E89FA0C939A9389686796F0F6.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065591195721793537/0/AS146788.roa Signing time: Thu 04 Jun 2026 02:16:57 +0000 ROA not before: Thu 04 Jun 2026 02:11:57 +0000 ROA not after: Thu 03 Jun 2027 02:16:57 +0000 asID: 146788 IP address blocks: 240a:4040::/27 maxlen: 48 240a:4080:8000::/48 maxlen: 48 240a:4081:8000::/48 maxlen: 48 240a:40aa:c000::/48 maxlen: 48 240a:40c0:8200::/48 maxlen: 48 240a:40c0:8240::/48 maxlen: 48 240a:40c3:c200::/48 maxlen: 48 240a:40c3:c240::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065591195721793537/0/845BB307E2A1100E89FA0C939A9389686796F0F6.crl rsync://rpki-rps.cnnic.cn/repo/A1065591195721793537/0/845BB307E2A1100E89FA0C939A9389686796F0F6.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/845BB307E2A1100E89FA0C939A9389686796F0F6.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 16:02:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:47:17:ed:b7:a3:14:b1:d6:91:f7:61:a1:fd:ab:5a:ee:e4:73:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=845BB307E2A1100E89FA0C939A9389686796F0F6 Validity Not Before: Jun 4 02:11:57 2026 GMT Not After : Jun 3 02:16:57 2027 GMT Subject: CN=23AFD1C2247CC8520BD3C5B5745B9566900841CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:f9:97:79:a8:b8:de:67:15:bc:e3:b6:79:07: c1:e7:11:52:01:7b:3a:ab:7e:d5:04:69:06:20:0c: 13:a0:b0:87:7f:76:8c:11:bf:1e:69:ac:e6:18:cc: 59:56:52:94:e6:a7:37:a8:49:55:78:2e:8a:31:a3: 36:b8:02:e5:42:a7:2d:e0:60:40:3d:fe:e9:ce:e5: b8:b5:ae:75:07:1f:a0:c6:2f:de:a6:fe:f5:3b:e2: 13:d8:cc:1a:c6:14:ac:23:35:9a:54:88:21:1f:fa: cb:4b:6b:bc:14:9a:00:49:7c:34:4b:db:0f:5c:9b: 3a:e2:a7:48:71:d9:0b:b1:f9:ea:22:8c:16:ec:6d: 3a:df:96:a5:54:bb:87:33:5e:27:71:fc:d9:c3:bb: 3f:f6:42:ff:eb:81:94:29:ed:90:c4:d3:00:91:d0: e5:1a:ee:e0:f8:35:5d:4d:59:75:eb:27:df:f4:f0: 34:79:fc:81:0d:f8:41:33:e6:0a:ea:a5:52:a9:a0: cc:de:53:ea:ce:7c:83:38:bf:d4:47:fc:4f:7e:3b: 6f:4a:9a:cb:3e:56:8d:cd:75:a4:77:cb:b7:5a:84: fa:0e:59:49:6b:3e:2e:89:05:73:a5:0d:6e:ab:07: b6:d1:19:72:83:fc:e3:66:40:3a:cc:14:87:7b:b3: ff:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:AF:D1:C2:24:7C:C8:52:0B:D3:C5:B5:74:5B:95:66:90:08:41:CF X509v3 Authority Key Identifier: keyid:84:5B:B3:07:E2:A1:10:0E:89:FA:0C:93:9A:93:89:68:67:96:F0:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065591195721793537/0/845BB307E2A1100E89FA0C939A9389686796F0F6.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/845BB307E2A1100E89FA0C939A9389686796F0F6.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065591195721793537/0/AS146788.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:4040::/27 240a:4080:8000::/48 240a:4081:8000::/48 240a:40aa:c000::/48 240a:40c0:8200::/48 240a:40c0:8240::/48 240a:40c3:c200::/48 240a:40c3:c240::/48 Signature Algorithm: sha256WithRSAEncryption d3:4e:f7:00:a0:0e:ae:6d:72:b7:db:10:74:47:ad:dc:83:60: c4:2e:7a:f8:86:fb:92:a9:0a:1e:c7:66:64:df:34:8b:97:95: 91:97:2a:2f:fb:85:72:57:f4:b9:ea:2c:73:d7:5a:4b:e3:6b: ea:37:30:af:0d:50:db:f3:67:ef:24:42:f0:b1:3c:3e:f4:2f: ee:d4:7d:3d:7c:57:9d:ea:4c:01:a8:41:2d:da:c7:76:b8:e0: b3:9d:9f:f9:fe:7b:42:7b:94:4e:6b:7a:59:68:b9:46:c5:4a: 90:3f:8a:f8:98:4b:e5:42:c0:50:5c:07:4c:aa:6e:22:e2:9a: e0:13:d7:93:9f:d4:e4:15:4f:22:dd:ca:a9:e3:b8:1b:5f:52: 59:bd:91:e3:28:f4:70:47:0c:c7:02:bb:30:6b:16:d2:fc:ef: 26:00:e4:8f:87:03:6f:af:3d:7f:44:74:3f:a0:be:55:9c:61: fd:a3:ab:c5:36:45:f8:6f:96:cd:cc:de:31:f0:40:44:66:35: 64:d5:2b:d2:4a:f8:2b:5b:18:d2:b1:7c:8f:4b:e4:f1:5e:d2: a1:4b:0c:dd:88:b1:04:96:d8:d2:d4:f9:aa:54:29:16:17:3d: f7:b1:4e:8c:45:be:b6:08:8a:be:cf:35:ce:92:1c:b8:38:00: 29:3d:bc:02 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgIUaUcX7bejFLHWkfdhof2rWu7kcz8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODQ1QkIzMDdFMkExMTAwRTg5RkEwQzkzOUE5Mzg5Njg2 Nzk2RjBGNjAeFw0yNjA2MDQwMjExNTdaFw0yNzA2MDMwMjE2NTdaMDMxMTAvBgNV BAMTKDIzQUZEMUMyMjQ3Q0M4NTIwQkQzQzVCNTc0NUI5NTY2OTAwODQxQ0YwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJ+Zd5qLjeZxW847Z5B8HnEVIB ezqrftUEaQYgDBOgsId/dowRvx5prOYYzFlWUpTmpzeoSVV4Looxoza4AuVCpy3g YEA9/unO5bi1rnUHH6DGL96m/vU74hPYzBrGFKwjNZpUiCEf+stLa7wUmgBJfDRL 2w9cmzrip0hx2Qux+eoijBbsbTrflqVUu4czXidx/NnDuz/2Qv/rgZQp7ZDE0wCR 0OUa7uD4NV1NWXXrJ9/08DR5/IEN+EEz5grqpVKpoMzeU+rOfIM4v9RH/E9+O29K mss+Vo3NdaR3y7dahPoOWUlrPi6JBXOlDW6rB7bRGXKD/ONmQDrMFId7s//xAgMB AAGjggIkMIICIDAdBgNVHQ4EFgQUI6/RwiR8yFIL08W1dFuVZpAIQc8wHwYDVR0j BBgwFoAUhFuzB+KhEA6J+gyTmpOJaGeW8PYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU5MTE5NTcyMTc5MzUzNy8wLzg0NUJCMzA3RTJBMTEwMEU4OUZBMEM5MzlBOTM4 OTY4Njc5NkYwRjYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvODQ1QkIzMDdFMkExMTAwRTg5RkEwQzkzOUE5Mzg5Njg2Nzk2RjBGNi5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1OTExOTU3MjE3OTM1MzcvMC9BUzE0Njc4OC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQME4wTAQC AAIwRgMFBSQKQEADBwAkCkCAgAADBwAkCkCBgAADBwAkCkCqwAADBwAkCkDAggAD BwAkCkDAgkADBwAkCkDDwgADBwAkCkDDwkAwDQYJKoZIhvcNAQELBQADggEBANNO 9wCgDq5tcrfbEHRHrdyDYMQueviG+5KpCh7HZmTfNIuXlZGXKi/7hXJX9LnqLHPX Wkvja+o3MK8NUNvzZ+8kQvCxPD70L+7UfT18V53qTAGoQS3ax3a44LOdn/n+e0J7 lE5rellouUbFSpA/iviYS+VCwFBcB0yqbiLimuAT15Of1OQVTyLdyqnjuBtfUlm9 keMo9HBHDMcCuzBrFtL87yYA5I+HA2+vPX9EdD+gvlWcYf2jq8U2Rfhvls3M3jHw QERmNWTVK9JK+CtbGNKxfI9L5PFe0qFLDN2IsQSW2NLU+apUKRYXPfexToxFvrYI ir7PNc6SHLg4ACk9vAI= -----END CERTIFICATE-----Generated at Sun Jun 14 08:36:09 2026 by rpki-client