$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1095890985226862595/0/AS23724.roa File: AS23724.roa (raw, json) Hash identifier: lFZ+iI9Ktf0skZroln5ZXW5emwOe7uCzGaBwRTfMjRk= Subject key identifier: 59:0B:27:C8:5B:0F:44:93:59:0F:CA:97:74:E4:9D:51:ED:65:E1:9E Certificate issuer: /CN=91C6B644DD6D84839ED120FBC00984D60495C8C4 Certificate serial: B8980DA88C61D452E384337A94886CB0FAF360 Authority key identifier: 91:C6:B6:44:DD:6D:84:83:9E:D1:20:FB:C0:09:84:D6:04:95:C8:C4 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/91C6B644DD6D84839ED120FBC00984D60495C8C4.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/AS23724.roa Signing time: Thu 11 Jun 2026 08:13:41 +0000 ROA not before: Thu 11 Jun 2026 08:08:41 +0000 ROA not after: Thu 10 Jun 2027 08:13:41 +0000 asID: 23724 IP address blocks: 101.36.128.0/17 maxlen: 17 114.64.0.0/16 maxlen: 16 122.14.192.0/18 maxlen: 18 180.186.38.0/24 maxlen: 24 180.186.39.0/24 maxlen: 24 180.186.40.0/24 maxlen: 24 180.186.41.0/24 maxlen: 24 180.186.42.0/24 maxlen: 24 180.186.43.0/24 maxlen: 24 180.186.44.0/24 maxlen: 24 210.14.128.0/20 maxlen: 20 210.14.144.0/20 maxlen: 20 2401:be00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/91C6B644DD6D84839ED120FBC00984D60495C8C4.crl rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/91C6B644DD6D84839ED120FBC00984D60495C8C4.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/91C6B644DD6D84839ED120FBC00984D60495C8C4.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 16:02:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: b8:98:0d:a8:8c:61:d4:52:e3:84:33:7a:94:88:6c:b0:fa:f3:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91C6B644DD6D84839ED120FBC00984D60495C8C4 Validity Not Before: Jun 11 08:08:41 2026 GMT Not After : Jun 10 08:13:41 2027 GMT Subject: CN=590B27C85B0F4493590FCA9774E49D51ED65E19E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:7c:18:38:a9:a2:f0:eb:8a:ac:5b:58:b2:2a: 46:45:44:c6:3b:c3:4d:22:33:0f:db:e0:29:93:b9: fe:18:f2:bb:e9:5f:e7:47:27:c5:0b:58:a0:64:ba: 54:40:02:88:6e:6f:91:d1:a0:bf:34:5e:35:69:ed: 1b:5f:f7:87:44:c1:29:00:56:7f:fb:63:8b:09:b2: c4:73:56:23:36:ab:c8:73:65:d2:3f:31:72:2c:56: e9:4c:35:66:9f:74:84:ba:f4:86:97:e9:99:26:35: d7:08:2c:86:1d:a4:d6:6e:cf:ff:54:b9:d4:77:54: a1:98:41:bd:f2:a9:61:b6:73:00:2c:fe:9d:d1:d7: 0d:5b:c5:f3:bd:e9:cf:c9:55:de:19:72:75:49:91: e2:1d:e3:bb:ce:b8:56:e7:27:4c:c1:a0:d5:65:41: f4:b6:28:89:3c:07:f0:70:f9:86:bd:77:17:a2:38: c2:e6:9a:57:aa:24:e5:bf:ae:c7:7f:44:5b:4c:21: 66:4a:ed:93:06:a2:88:63:97:65:dd:09:d4:b2:f8: 89:be:81:5d:98:92:ac:45:78:76:97:18:f1:4f:46: 84:1d:92:31:e7:cb:e8:c1:9b:56:bf:53:3f:f8:2c: 85:56:07:76:4c:c0:53:b9:bb:33:6e:8b:a2:45:88: bf:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:0B:27:C8:5B:0F:44:93:59:0F:CA:97:74:E4:9D:51:ED:65:E1:9E X509v3 Authority Key Identifier: keyid:91:C6:B6:44:DD:6D:84:83:9E:D1:20:FB:C0:09:84:D6:04:95:C8:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/91C6B644DD6D84839ED120FBC00984D60495C8C4.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/91C6B644DD6D84839ED120FBC00984D60495C8C4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1095890985226862595/0/AS23724.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 101.36.128.0/17 114.64.0.0/16 122.14.192.0/18 180.186.38.0-180.186.44.255 210.14.128.0/19 IPv6: 2401:be00::/48 Signature Algorithm: sha256WithRSAEncryption 50:ea:86:a2:ef:6e:5f:ea:91:2b:fa:a0:47:88:3a:01:7d:27: 9d:92:bf:2e:7a:99:33:54:53:af:94:f8:b2:f9:5e:9f:e0:90: 90:92:98:41:e1:86:23:ea:51:02:5f:4a:cf:a0:42:b2:a9:56: 85:a3:aa:ae:d3:8a:2d:25:67:50:a5:b8:88:9f:34:f6:a4:ca: 99:a4:eb:c3:f0:fd:56:59:49:8e:9d:99:2d:67:2f:eb:b7:4e: 89:0a:66:c6:85:1b:3f:aa:7c:37:13:08:e6:3a:25:d3:7f:82: bc:60:30:6f:bb:a0:64:25:97:10:df:1d:44:fb:8a:65:16:c8: 4e:79:c0:62:82:f2:91:00:bc:b9:11:5a:11:d6:40:c8:9c:87: 6f:08:4c:3b:0d:f8:98:1d:5a:44:c1:15:c3:85:16:46:81:87: 11:d3:9b:40:22:53:48:fa:b7:7c:a5:a4:d9:77:ce:ac:4e:8a: 29:74:63:e1:c2:9a:d7:1c:40:50:7a:d3:32:c1:e7:61:17:e9: 4d:42:1a:61:f2:1a:9f:67:c1:25:19:c2:0a:9a:98:5c:b1:bb: 88:98:4f:80:f9:f8:fb:03:cb:ca:7e:ec:a4:92:47:ce:01:74: 5b:4f:8f:73:15:bf:40:c7:e4:15:df:71:d4:ef:ee:5b:4b:7a: 48:2b:00:54 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgIUALiYDaiMYdRS44QzepSIbLD682AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTFDNkI2NDRERDZEODQ4MzlFRDEyMEZCQzAwOTg0RDYw NDk1QzhDNDAeFw0yNjA2MTEwODA4NDFaFw0yNzA2MTAwODEzNDFaMDMxMTAvBgNV BAMTKDU5MEIyN0M4NUIwRjQ0OTM1OTBGQ0E5Nzc0RTQ5RDUxRUQ2NUUxOUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4fBg4qaLw64qsW1iyKkZFRMY7 w00iMw/b4CmTuf4Y8rvpX+dHJ8ULWKBkulRAAohub5HRoL80XjVp7Rtf94dEwSkA Vn/7Y4sJssRzViM2q8hzZdI/MXIsVulMNWafdIS69IaX6ZkmNdcILIYdpNZuz/9U udR3VKGYQb3yqWG2cwAs/p3R1w1bxfO96c/JVd4ZcnVJkeId47vOuFbnJ0zBoNVl QfS2KIk8B/Bw+Ya9dxeiOMLmmleqJOW/rsd/RFtMIWZK7ZMGoohjl2XdCdSy+Im+ gV2YkqxFeHaXGPFPRoQdkjHny+jBm1a/Uz/4LIVWB3ZMwFO5uzNui6JFiL8fAgMB AAGjggITMIICDzAdBgNVHQ4EFgQUWQsnyFsPRJNZD8qXdOSdUe1l4Z4wHwYDVR0j BBgwFoAUkca2RN1thIOe0SD7wAmE1gSVyMQwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NTg5MDk4NTIyNjg2MjU5NS8wLzkxQzZCNjQ0REQ2RDg0ODM5RUQxMjBGQkMwMDk4 NEQ2MDQ5NUM4QzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOTFDNkI2NDRERDZEODQ4MzlFRDEyMEZCQzAwOTg0RDYwNDk1QzhDNC5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTU4OTA5ODUyMjY4NjI1OTUvMC9BUzIzNzI0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjArBAIA ATAlAwQHZSSAAwMAckADBAZ6DsAwDAMEAbS6JgMEALS6LAMEBdIOgDAPBAIAAjAJ AwcAJAG+AAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ6oai725f6pEr+qBHiDoBfSed kr8uepkzVFOvlPiy+V6f4JCQkphB4YYj6lECX0rPoEKyqVaFo6qu04otJWdQpbiI nzT2pMqZpOvD8P1WWUmOnZktZy/rt06JCmbGhRs/qnw3EwjmOiXTf4K8YDBvu6Bk JZcQ3x1E+4plFshOecBigvKRALy5EVoR1kDInIdvCEw7DfiYHVpEwRXDhRZGgYcR 05tAIlNI+rd8paTZd86sToopdGPhwprXHEBQetMywedhF+lNQhph8hqfZ8ElGcIK mphcsbuImE+A+fj7A8vKfuykkkfOAXRbT49zFb9Ax+QV33HU7+5bS3pIKwBU -----END CERTIFICATE-----Generated at Sun Jun 14 00:58:30 2026 by rpki-client