$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1068363599790997506/0/AS23724.roa File: AS23724.roa (raw, json) Hash identifier: 8krRNne+KRTBey0q0TJzCVIFcEgDHE+LzZ9++xzsw7Q= Subject key identifier: F4:CD:BD:8A:2D:A2:FD:50:1D:90:5A:44:54:B8:BF:02:8E:13:45:FE Certificate issuer: /CN=D6805DB309057612CC9272CB2C85BA6CB0D389E5 Certificate serial: 663A075F44BD050EE5791552069DB0C80D820A66 Authority key identifier: D6:80:5D:B3:09:05:76:12:CC:92:72:CB:2C:85:BA:6C:B0:D3:89:E5 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D6805DB309057612CC9272CB2C85BA6CB0D389E5.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/AS23724.roa Signing time: Thu 16 Apr 2026 06:29:06 +0000 ROA not before: Thu 16 Apr 2026 06:24:06 +0000 ROA not after: Thu 15 Apr 2027 06:29:06 +0000 asID: 23724 IP address blocks: 101.124.0.0/16 maxlen: 24 101.124.0.0/20 maxlen: 20 101.124.19.0/24 maxlen: 24 101.124.22.0/24 maxlen: 24 101.124.62.0/24 maxlen: 24 103.37.72.0/22 maxlen: 24 114.67.128.0/17 maxlen: 24 114.67.131.0/24 maxlen: 24 114.67.136.0/24 maxlen: 24 114.67.150.0/24 maxlen: 24 114.67.152.0/22 maxlen: 22 114.67.156.0/24 maxlen: 24 114.67.159.0/24 maxlen: 24 114.67.224.0/19 maxlen: 19 116.196.64.0/18 maxlen: 24 116.198.0.0/16 maxlen: 24 116.198.0.0/18 maxlen: 18 116.198.11.0/24 maxlen: 24 116.198.64.0/21 maxlen: 21 116.198.72.0/22 maxlen: 22 116.198.96.0/19 maxlen: 19 117.72.0.0/16 maxlen: 24 117.72.0.0/24 maxlen: 24 2402:db40::/32 maxlen: 48 2403:1ec0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/D6805DB309057612CC9272CB2C85BA6CB0D389E5.crl rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/D6805DB309057612CC9272CB2C85BA6CB0D389E5.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D6805DB309057612CC9272CB2C85BA6CB0D389E5.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 15:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:3a:07:5f:44:bd:05:0e:e5:79:15:52:06:9d:b0:c8:0d:82:0a:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D6805DB309057612CC9272CB2C85BA6CB0D389E5 Validity Not Before: Apr 16 06:24:06 2026 GMT Not After : Apr 15 06:29:06 2027 GMT Subject: CN=F4CDBD8A2DA2FD501D905A4454B8BF028E1345FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2b:ae:82:b5:c5:c4:d6:8c:c5:f6:85:f3:a0: 12:de:81:0a:26:2e:89:cf:58:9f:b5:9f:a2:65:ab: 6e:ae:74:31:3f:2f:03:d6:1f:02:0f:85:05:fd:d0: 93:be:e4:f0:81:83:53:a4:fe:fb:4f:ff:ca:f0:0a: bf:ea:1c:3b:05:c1:27:10:8b:6e:26:a7:3e:99:a4: 0d:0d:37:a0:07:f8:de:f7:0e:37:0a:95:02:f7:c8: 3b:f5:cb:d4:84:61:29:f7:65:d3:b7:55:e2:12:df: 02:ca:ce:ec:93:d5:b8:68:e0:4e:6b:1c:96:14:a9: 3d:41:20:65:58:e6:6a:c0:ed:56:7e:e2:d5:66:bc: cd:47:95:a9:b1:da:35:6f:42:96:2a:e5:3a:ab:e3: 5a:7d:45:4e:4f:c7:42:ff:a3:97:4e:3f:27:26:86: 56:9e:58:2b:77:6a:52:a6:c9:9b:e7:67:92:25:b7: eb:b4:4c:e2:b8:ca:70:77:e2:4a:48:df:01:74:16: 7d:25:34:1b:d8:57:44:a3:a1:3d:f0:32:88:cc:9a: 49:70:df:d1:51:2e:33:71:71:b2:31:98:0a:72:56: 5b:d6:fc:6c:2e:25:88:9b:a3:09:d2:84:e5:d1:53: c0:b7:6f:3a:ac:14:8e:f6:00:6d:46:6d:c7:3a:63: 74:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:CD:BD:8A:2D:A2:FD:50:1D:90:5A:44:54:B8:BF:02:8E:13:45:FE X509v3 Authority Key Identifier: keyid:D6:80:5D:B3:09:05:76:12:CC:92:72:CB:2C:85:BA:6C:B0:D3:89:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/D6805DB309057612CC9272CB2C85BA6CB0D389E5.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D6805DB309057612CC9272CB2C85BA6CB0D389E5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1068363599790997506/0/AS23724.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 101.124.0.0/16 103.37.72.0/22 114.67.128.0/17 116.196.64.0/18 116.198.0.0/16 117.72.0.0/16 IPv6: 2402:db40::/32 2403:1ec0::/32 Signature Algorithm: sha256WithRSAEncryption b3:8b:a3:ac:ae:4d:22:ab:3d:e7:21:5d:65:72:40:55:10:f7: c9:e3:80:c4:3c:01:ea:4e:fd:2d:35:82:b1:f5:8b:6c:0e:58: e3:fe:dd:b8:76:51:b5:a2:1d:cd:02:87:c7:64:d0:11:d4:7c: 4a:ea:64:95:3d:e3:3b:3c:bf:11:b2:7f:50:b6:65:13:4c:eb: c6:cf:06:d3:a6:71:b2:33:72:c1:ca:d2:82:f2:65:52:24:65: 6d:d0:fc:ff:cc:a8:98:42:bf:67:1b:4f:ed:a1:b1:ed:b3:fe: 27:b3:86:5f:6d:1e:c9:25:55:84:71:5d:4b:dd:53:1c:28:58: 59:9d:7b:ad:b4:36:25:d8:2d:b8:ed:20:fd:01:3c:0d:ff:c9: e4:22:b4:95:b5:c8:51:d4:51:0d:f0:29:a1:ac:7b:2c:3b:3f: 40:02:0e:c9:a4:5a:f1:ce:3f:23:06:6b:8a:63:dc:af:35:e7: e7:fc:22:51:60:92:a8:46:32:1d:2f:f0:3e:08:88:47:64:3a: b2:52:41:ad:f9:8a:24:c6:c8:ea:f8:10:e9:f6:39:85:5b:69: 75:13:64:e5:62:1b:1d:a0:36:14:cb:ee:18:90:4c:10:b7:9c: 8c:f0:89:0f:9f:75:06:ff:61:21:8e:97:b2:99:f6:77:ca:e5: b7:69:13:b0 -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgIUZjoHX0S9BQ7leRVSBp2wyA2CCmYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRDY4MDVEQjMwOTA1NzYxMkNDOTI3MkNCMkM4NUJBNkNC MEQzODlFNTAeFw0yNjA0MTYwNjI0MDZaFw0yNzA0MTUwNjI5MDZaMDMxMTAvBgNV BAMTKEY0Q0RCRDhBMkRBMkZENTAxRDkwNUE0NDU0QjhCRjAyOEUxMzQ1RkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzK66CtcXE1ozF9oXzoBLegQom LonPWJ+1n6Jlq26udDE/LwPWHwIPhQX90JO+5PCBg1Ok/vtP/8rwCr/qHDsFwScQ i24mpz6ZpA0NN6AH+N73DjcKlQL3yDv1y9SEYSn3ZdO3VeIS3wLKzuyT1bho4E5r HJYUqT1BIGVY5mrA7VZ+4tVmvM1Hlamx2jVvQpYq5Tqr41p9RU5Px0L/o5dOPycm hlaeWCt3alKmyZvnZ5Ilt+u0TOK4ynB34kpI3wF0Fn0lNBvYV0SjoT3wMojMmklw 39FRLjNxcbIxmApyVlvW/GwuJYibownShOXRU8C3bzqsFI72AG1Gbcc6Y3STAgMB AAGjggIUMIICEDAdBgNVHQ4EFgQU9M29ii2i/VAdkFpEVLi/Ao4TRf4wHwYDVR0j BBgwFoAU1oBdswkFdhLMknLLLIW6bLDTieUwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 ODM2MzU5OTc5MDk5NzUwNi8wL0Q2ODA1REIzMDkwNTc2MTJDQzkyNzJDQjJDODVC QTZDQjBEMzg5RTUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvRDY4MDVEQjMwOTA1NzYxMkNDOTI3MkNCMkM4NUJBNkNCMEQzODlFNS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjgzNjM1OTk3OTA5OTc1MDYvMC9BUzIzNzI0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAnBAIA ATAhAwMAZXwDBAJnJUgDBAdyQ4ADBAZ0xEADAwB0xgMDAHVIMBQEAgACMA4DBQAk AttAAwUAJAMewDANBgkqhkiG9w0BAQsFAAOCAQEAs4ujrK5NIqs95yFdZXJAVRD3 yeOAxDwB6k79LTWCsfWLbA5Y4/7duHZRtaIdzQKHx2TQEdR8SupklT3jOzy/EbJ/ ULZlE0zrxs8G06ZxsjNywcrSgvJlUiRlbdD8/8yomEK/ZxtP7aGx7bP+J7OGX20e ySVVhHFdS91THChYWZ17rbQ2JdgtuO0g/QE8Df/J5CK0lbXIUdRRDfApoax7LDs/ QAIOyaRa8c4/IwZrimPcrzXn5/wiUWCSqEYyHS/wPgiIR2Q6slJBrfmKJMbI6vgQ 6fY5hVtpdRNk5WIbHaA2FMvuGJBMELecjPCJD591Bv9hIY6Xspn2d8rlt2kTsA== -----END CERTIFICATE-----Generated at Fri Apr 17 20:59:39 2026 by rpki-client