$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1095890985226862595/0/AS133107.roa File: AS133107.roa (raw, json) Hash identifier: y62cPCfxWjg2pkff5JXbQPzelOt/DX53mNzmhFTgo8g= Subject key identifier: 17:60:C5:4A:C6:7D:0E:0D:D8:33:F9:CB:2D:46:45:6B:D5:FF:87:49 Certificate issuer: /CN=91C6B644DD6D84839ED120FBC00984D60495C8C4 Certificate serial: 591DE13F8727B2A630CF1E8715488D90827B1B7D Authority key identifier: 91:C6:B6:44:DD:6D:84:83:9E:D1:20:FB:C0:09:84:D6:04:95:C8:C4 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/91C6B644DD6D84839ED120FBC00984D60495C8C4.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/AS133107.roa Signing time: Tue 09 Jun 2026 09:22:12 +0000 ROA not before: Tue 09 Jun 2026 09:17:12 +0000 ROA not after: Tue 08 Jun 2027 09:22:12 +0000 asID: 133107 IP address blocks: 114.112.232.0/23 maxlen: 23 114.112.232.0/24 maxlen: 24 114.112.233.0/24 maxlen: 24 114.112.236.0/22 maxlen: 22 114.112.236.0/23 maxlen: 23 114.112.236.0/24 maxlen: 24 114.112.237.0/24 maxlen: 24 114.112.238.0/23 maxlen: 23 114.112.238.0/24 maxlen: 24 114.112.239.0/24 maxlen: 24 114.113.240.0/23 maxlen: 23 114.113.240.0/24 maxlen: 24 114.113.241.0/24 maxlen: 24 114.113.243.0/24 maxlen: 24 114.113.244.0/23 maxlen: 23 114.113.244.0/24 maxlen: 24 114.113.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/91C6B644DD6D84839ED120FBC00984D60495C8C4.crl rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/91C6B644DD6D84839ED120FBC00984D60495C8C4.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/91C6B644DD6D84839ED120FBC00984D60495C8C4.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 16:02:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:1d:e1:3f:87:27:b2:a6:30:cf:1e:87:15:48:8d:90:82:7b:1b:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91C6B644DD6D84839ED120FBC00984D60495C8C4 Validity Not Before: Jun 9 09:17:12 2026 GMT Not After : Jun 8 09:22:12 2027 GMT Subject: CN=1760C54AC67D0E0DD833F9CB2D46456BD5FF8749 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:dc:9a:47:39:1d:0b:e6:52:78:78:6a:79:0e: 14:3f:8d:8f:e3:95:c8:16:2c:f5:af:1f:29:6e:65: 2c:7e:82:2d:a1:f4:70:9a:b0:57:15:7e:80:76:5d: 89:a1:7e:f0:71:db:37:23:8b:35:4d:f6:a0:17:ae: 2a:24:c6:52:4e:7d:ff:80:21:94:5b:6e:6b:5f:a4: 46:a6:bd:57:52:08:fe:88:9e:bc:3f:40:e5:96:cd: d5:1d:db:e5:43:88:28:7b:a2:97:55:de:e1:bc:34: 38:68:70:0d:8b:b2:bd:80:00:43:5a:90:22:08:ba: 65:28:c0:62:8b:58:e6:1b:6b:17:69:51:d2:ae:0e: 38:e3:9e:cf:b3:74:99:ad:03:82:56:1b:98:ba:38: 6f:dd:04:25:52:fd:52:22:a9:c7:29:95:48:95:6e: 4b:eb:51:52:56:ff:2c:7a:ae:b5:8d:43:40:8a:ce: d0:9e:d4:e4:0a:5b:b3:4c:50:0c:09:72:0e:17:4d: 9e:f0:60:55:05:68:00:29:36:93:dd:ae:d7:ed:f1: 87:53:67:79:f7:84:3e:8b:1f:5a:79:9c:56:84:6a: 2c:a7:56:d7:52:87:5c:cd:80:03:7a:b4:ed:4b:b9: 46:cd:50:f9:18:d1:75:20:c3:c8:d9:ee:b6:c9:9f: c6:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:60:C5:4A:C6:7D:0E:0D:D8:33:F9:CB:2D:46:45:6B:D5:FF:87:49 X509v3 Authority Key Identifier: keyid:91:C6:B6:44:DD:6D:84:83:9E:D1:20:FB:C0:09:84:D6:04:95:C8:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/91C6B644DD6D84839ED120FBC00984D60495C8C4.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/91C6B644DD6D84839ED120FBC00984D60495C8C4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/AS133107.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 114.112.232.0/23 114.112.236.0/22 114.113.240.0/23 114.113.243.0-114.113.245.255 Signature Algorithm: sha256WithRSAEncryption 5e:da:e0:f6:c3:ce:f2:09:8c:e9:37:71:06:eb:bd:b1:79:d5: a3:dd:d9:49:f6:bc:25:1e:da:39:7a:de:b8:b4:b7:e2:2a:e3: 61:b7:27:cc:30:d5:4a:ee:09:25:93:c5:c1:97:a1:a1:63:a9: 99:23:1e:9e:ff:21:76:55:bf:f0:d3:19:e7:1b:73:8d:f1:78: 81:fa:9a:ae:d5:26:b6:a4:15:a6:da:8d:3c:be:9e:7e:1f:ff: 16:27:da:9d:69:58:a4:58:c3:07:bb:4c:68:17:8d:72:2c:70: ed:a1:de:4e:f2:fa:5c:f9:01:07:d8:ad:15:de:24:e7:88:91: a0:3a:63:30:91:7d:86:e9:ee:5b:b3:29:fc:59:11:87:85:83: 72:65:b6:e7:7a:6e:d7:a3:62:e4:e0:f9:cf:3c:61:2b:f1:c9: 23:0f:df:a3:30:9c:05:d4:c7:37:40:07:28:d5:2a:aa:e5:b8: 1b:64:f2:a0:d5:e8:58:0f:40:fa:9e:23:a9:e5:e4:55:ae:da: 33:58:f8:af:3e:16:27:b2:6f:bb:c5:00:91:0b:81:81:9d:0e: ab:c2:43:ad:11:9b:5e:da:b2:a0:d1:bf:e0:b4:5b:f0:4c:50: ce:76:aa:5a:20:12:8e:65:51:3e:5e:49:91:07:5d:15:2b:47: e4:09:20:8b -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUWR3hP4cnsqYwzx6HFUiNkIJ7G30wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTFDNkI2NDRERDZEODQ4MzlFRDEyMEZCQzAwOTg0RDYw NDk1QzhDNDAeFw0yNjA2MDkwOTE3MTJaFw0yNzA2MDgwOTIyMTJaMDMxMTAvBgNV BAMTKDE3NjBDNTRBQzY3RDBFMEREODMzRjlDQjJENDY0NTZCRDVGRjg3NDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL3JpHOR0L5lJ4eGp5DhQ/jY/j lcgWLPWvHyluZSx+gi2h9HCasFcVfoB2XYmhfvBx2zcjizVN9qAXriokxlJOff+A IZRbbmtfpEamvVdSCP6Inrw/QOWWzdUd2+VDiCh7opdV3uG8NDhocA2Lsr2AAENa kCIIumUowGKLWOYbaxdpUdKuDjjjns+zdJmtA4JWG5i6OG/dBCVS/VIiqccplUiV bkvrUVJW/yx6rrWNQ0CKztCe1OQKW7NMUAwJcg4XTZ7wYFUFaAApNpPdrtft8YdT Z3n3hD6LH1p5nFaEaiynVtdSh1zNgAN6tO1LuUbNUPkY0XUgw8jZ7rbJn8ZPAgMB AAGjggH+MIIB+jAdBgNVHQ4EFgQUF2DFSsZ9Dg3YM/nLLUZFa9X/h0kwHwYDVR0j BBgwFoAUkca2RN1thIOe0SD7wAmE1gSVyMQwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NTg5MDk4NTIyNjg2MjU5NS8wLzkxQzZCNjQ0REQ2RDg0ODM5RUQxMjBGQkMwMDk4 NEQ2MDQ5NUM4QzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOTFDNkI2NDRERDZEODQ4MzlFRDEyMEZCQzAwOTg0RDYwNDk1QzhDNC5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTU4OTA5ODUyMjY4NjI1OTUvMC9BUzEzMzEwNy5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQC AAEwIAMEAXJw6AMEAnJw7AMEAXJx8DAMAwQAcnHzAwQBcnH0MA0GCSqGSIb3DQEB CwUAA4IBAQBe2uD2w87yCYzpN3EG672xedWj3dlJ9rwlHto5et64tLfiKuNhtyfM MNVK7gklk8XBl6GhY6mZIx6e/yF2Vb/w0xnnG3ON8XiB+pqu1Sa2pBWm2o08vp5+ H/8WJ9qdaVikWMMHu0xoF41yLHDtod5O8vpc+QEH2K0V3iTniJGgOmMwkX2G6e5b syn8WRGHhYNyZbbnem7Xo2Lk4PnPPGEr8ckjD9+jMJwF1Mc3QAco1Sqq5bgbZPKg 1ehYD0D6niOp5eRVrtozWPivPhYnsm+7xQCRC4GBnQ6rwkOtEZte2rKg0b/gtFvw TFDOdqpaIBKOZVE+XkmRB10VK0fkCSCL -----END CERTIFICATE-----Generated at Sun Jun 14 03:35:40 2026 by rpki-client