$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1068363599790997506/0/AS141679.roa File: AS141679.roa (raw, json) Hash identifier: QsBxvlTVUwKrMZj2U6EcyVvBhZjwk3O6PdTggf+BNR0= Subject key identifier: 11:42:E9:23:D2:4F:A3:CA:09:4C:3E:12:58:D5:88:9D:F3:1D:23:D7 Certificate issuer: /CN=D6805DB309057612CC9272CB2C85BA6CB0D389E5 Certificate serial: 31C592E9702C38479F7906B9015998E7E08B544B Authority key identifier: D6:80:5D:B3:09:05:76:12:CC:92:72:CB:2C:85:BA:6C:B0:D3:89:E5 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D6805DB309057612CC9272CB2C85BA6CB0D389E5.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/AS141679.roa Signing time: Thu 16 Apr 2026 06:34:07 +0000 ROA not before: Thu 16 Apr 2026 06:29:07 +0000 ROA not after: Thu 15 Apr 2027 06:34:07 +0000 asID: 141679 IP address blocks: 111.228.0.0/16 maxlen: 24 111.228.0.0/18 maxlen: 18 117.72.0.0/16 maxlen: 24 117.72.8.0/21 maxlen: 24 117.72.16.0/23 maxlen: 24 117.72.24.0/21 maxlen: 24 117.72.32.0/19 maxlen: 24 117.72.32.0/20 maxlen: 20 117.72.48.0/21 maxlen: 21 117.72.56.0/21 maxlen: 21 117.72.64.0/18 maxlen: 24 117.72.64.0/24 maxlen: 24 117.72.65.0/24 maxlen: 24 117.72.66.0/24 maxlen: 24 117.72.67.0/24 maxlen: 24 117.72.68.0/24 maxlen: 24 117.72.69.0/24 maxlen: 24 117.72.70.0/24 maxlen: 24 117.72.71.0/24 maxlen: 24 117.72.72.0/24 maxlen: 24 117.72.73.0/24 maxlen: 24 117.72.74.0/24 maxlen: 24 117.72.75.0/24 maxlen: 24 117.72.76.0/24 maxlen: 24 117.72.77.0/24 maxlen: 24 117.72.78.0/24 maxlen: 24 117.72.79.0/24 maxlen: 24 117.72.80.0/20 maxlen: 20 117.72.96.0/19 maxlen: 19 117.72.144.0/20 maxlen: 24 117.72.160.0/19 maxlen: 24 117.72.192.0/19 maxlen: 24 117.72.224.0/20 maxlen: 24 117.72.240.0/21 maxlen: 24 117.72.248.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/D6805DB309057612CC9272CB2C85BA6CB0D389E5.crl rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/D6805DB309057612CC9272CB2C85BA6CB0D389E5.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D6805DB309057612CC9272CB2C85BA6CB0D389E5.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 15:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:c5:92:e9:70:2c:38:47:9f:79:06:b9:01:59:98:e7:e0:8b:54:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D6805DB309057612CC9272CB2C85BA6CB0D389E5 Validity Not Before: Apr 16 06:29:07 2026 GMT Not After : Apr 15 06:34:07 2027 GMT Subject: CN=1142E923D24FA3CA094C3E1258D5889DF31D23D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:57:58:87:a1:e5:8b:38:55:c8:22:d4:a4:6a: 97:1a:21:eb:77:8f:fb:8a:33:18:8a:35:5e:17:09: 12:9a:1c:47:ea:e1:c2:d6:4e:5a:92:3a:ad:e7:87: c6:aa:df:84:40:4d:9f:5b:a5:b7:a4:d2:0d:dc:e5: 7a:0a:d8:89:3f:2b:4c:87:6e:e5:3d:6e:8f:32:24: 50:71:93:b0:af:a7:62:63:3c:0d:7f:42:ef:1e:7d: 31:49:5b:89:ff:4e:81:0d:4a:f6:86:43:fc:56:39: 05:fd:12:c5:59:92:97:77:b7:42:b6:a7:e6:6e:60: 05:d6:b0:31:d2:86:60:03:b5:d5:4f:ef:5e:f2:78: a3:30:4c:67:dc:52:d6:99:f1:4e:1d:80:41:e3:ca: 62:7f:0d:7f:fc:94:8e:47:75:5a:35:23:5b:ff:21: ae:40:95:dc:45:31:b6:18:6d:03:a5:ac:52:1b:ec: df:9c:53:b4:39:a1:8f:77:b4:16:ac:a0:8b:b2:f9: c4:85:60:be:6c:76:6e:23:99:01:8a:54:92:d0:e8: 62:a9:86:f9:29:d5:88:61:11:04:79:1d:33:77:c0: 83:17:a5:d5:56:de:41:d6:e4:25:36:e3:7f:95:90: 28:3a:60:a0:dc:64:50:7d:c8:ef:08:88:fa:f9:c4: ab:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:42:E9:23:D2:4F:A3:CA:09:4C:3E:12:58:D5:88:9D:F3:1D:23:D7 X509v3 Authority Key Identifier: keyid:D6:80:5D:B3:09:05:76:12:CC:92:72:CB:2C:85:BA:6C:B0:D3:89:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/D6805DB309057612CC9272CB2C85BA6CB0D389E5.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D6805DB309057612CC9272CB2C85BA6CB0D389E5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/AS141679.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 111.228.0.0/16 117.72.0.0/16 Signature Algorithm: sha256WithRSAEncryption 7c:5b:e9:ca:de:7f:51:03:61:5b:3b:f5:80:31:59:7f:c1:e4: 00:b3:a2:42:e2:15:cb:a6:a2:b3:e2:03:c7:e8:a0:f4:59:0e: 42:bb:05:e1:b9:d4:c7:df:33:b4:b3:43:27:f4:01:27:34:37: f8:92:61:15:49:3d:69:1f:e3:0a:9c:cb:3d:67:27:1b:a6:31: 7c:b0:e7:0a:f2:5a:11:8c:d6:bb:65:2c:29:83:45:6b:ea:68: 79:bc:c1:e5:81:ee:4c:dc:87:fe:11:28:6c:e9:9a:79:3c:e8: d4:ad:c9:d5:74:6c:e6:b9:69:52:b8:f2:86:26:7f:e7:df:8b: b6:3b:9f:18:1a:31:bc:99:dc:fc:d5:e4:14:fb:a7:76:5d:90: 23:65:79:3c:0a:06:16:aa:d6:5b:ea:44:0e:ae:4e:8b:ab:40: df:08:17:0a:5c:9a:a0:b4:92:31:b3:fb:fd:24:d7:3c:a5:70: f6:c3:1c:ca:89:ff:e6:ea:5b:91:06:c7:3f:85:f0:59:4a:5a: 7f:78:d2:94:43:ee:7c:07:84:d8:b3:51:82:62:af:6e:73:7a: fe:58:e9:ad:1e:de:1a:ea:26:7e:c0:11:17:46:d8:41:93:43: 4d:ce:67:44:1c:9a:d6:4e:8a:2c:9c:88:4c:ef:9c:2d:da:9b: 25:ff:41:02 -----BEGIN CERTIFICATE----- MIIE3jCCA8agAwIBAgIUMcWS6XAsOEefeQa5AVmY5+CLVEswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDY4MDVEQjMwOTA1NzYxMkNDOTI3MkNCMkM4NUJBNkNC MEQzODlFNTAeFw0yNjA0MTYwNjI5MDdaFw0yNzA0MTUwNjM0MDdaMDMxMTAvBgNV BAMTKDExNDJFOTIzRDI0RkEzQ0EwOTRDM0UxMjU4RDU4ODlERjMxRDIzRDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrV1iHoeWLOFXIItSkapcaIet3 j/uKMxiKNV4XCRKaHEfq4cLWTlqSOq3nh8aq34RATZ9bpbek0g3c5XoK2Ik/K0yH buU9bo8yJFBxk7Cvp2JjPA1/Qu8efTFJW4n/ToENSvaGQ/xWOQX9EsVZkpd3t0K2 p+ZuYAXWsDHShmADtdVP717yeKMwTGfcUtaZ8U4dgEHjymJ/DX/8lI5HdVo1I1v/ Ia5AldxFMbYYbQOlrFIb7N+cU7Q5oY93tBasoIuy+cSFYL5sdm4jmQGKVJLQ6GKp hvkp1YhhEQR5HTN3wIMXpdVW3kHW5CU243+VkCg6YKDcZFB9yO8IiPr5xKvtAgMB AAGjggHoMIIB5DAdBgNVHQ4EFgQUEULpI9JPo8oJTD4SWNWInfMdI9cwHwYDVR0j BBgwFoAU1oBdswkFdhLMknLLLIW6bLDTieUwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 ODM2MzU5OTc5MDk5NzUwNi8wL0Q2ODA1REIzMDkwNTc2MTJDQzkyNzJDQjJDODVC QTZDQjBEMzg5RTUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDY4MDVEQjMwOTA1NzYxMkNDOTI3MkNCMkM4NUJBNkNCMEQzODlFNS5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjgzNjM1OTk3OTA5OTc1MDYvMC9BUzE0MTY3OS5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAjBggrBgEFBQcBBwEB/wQUMBIwEAQC AAEwCgMDAG/kAwMAdUgwDQYJKoZIhvcNAQELBQADggEBAHxb6cref1EDYVs79YAx WX/B5ACzokLiFcumorPiA8fooPRZDkK7BeG51MffM7SzQyf0ASc0N/iSYRVJPWkf 4wqcyz1nJxumMXyw5wryWhGM1rtlLCmDRWvqaHm8weWB7kzch/4RKGzpmnk86NSt ydV0bOa5aVK48oYmf+ffi7Y7nxgaMbyZ3PzV5BT7p3ZdkCNleTwKBhaq1lvqRA6u TourQN8IFwpcmqC0kjGz+/0k1zylcPbDHMqJ/+bqW5EGxz+F8FlKWn940pRD7nwH hNizUYJir25zev5Y6a0e3hrqJn7AERdG2EGTQ03OZ0QcmtZOiiyciEzvnC3amyX/ QQI= -----END CERTIFICATE-----Generated at Fri Apr 17 17:51:55 2026 by rpki-client