$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS133111.roa File: AS133111.roa (raw, json) Hash identifier: wczUjdPp/Uwb5rWXi6oHegyjpDQrvqpc3CUSK3r89BE= Subject key identifier: 00:18:BD:0B:17:C8:CC:0D:27:98:89:7D:46:8A:08:18:25:87:1D:B1 Certificate issuer: /CN=1C519CD1C415925E7FCE92FDA20FF18EC544C74B Certificate serial: 3C54A2E16965AB6809FF4205700616FC491F2CA4 Authority key identifier: 1C:51:9C:D1:C4:15:92:5E:7F:CE:92:FD:A2:0F:F1:8E:C5:44:C7:4B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS133111.roa Signing time: Mon 08 Jun 2026 02:23:34 +0000 ROA not before: Mon 08 Jun 2026 02:18:34 +0000 ROA not after: Mon 07 Jun 2027 02:23:34 +0000 asID: 133111 IP address blocks: 42.158.0.0/16 maxlen: 32 58.83.128.0/17 maxlen: 32 59.151.0.0/17 maxlen: 32 59.191.0.0/17 maxlen: 32 103.247.168.0/22 maxlen: 32 120.132.128.0/17 maxlen: 32 120.133.0.0/17 maxlen: 32 120.133.128.0/18 maxlen: 32 120.133.192.0/19 maxlen: 32 120.133.224.0/20 maxlen: 32 120.134.0.0/15 maxlen: 32 124.250.0.0/16 maxlen: 32 124.251.0.0/16 maxlen: 32 182.174.0.0/16 maxlen: 32 182.175.0.0/17 maxlen: 32 182.175.128.0/18 maxlen: 32 182.175.192.0/19 maxlen: 32 182.175.224.0/20 maxlen: 32 183.84.0.0/15 maxlen: 32 203.196.0.0/21 maxlen: 32 210.77.128.0/19 maxlen: 32 211.99.160.0/19 maxlen: 32 211.99.192.0/19 maxlen: 32 211.151.0.0/16 maxlen: 32 211.152.0.0/19 maxlen: 32 211.152.64.0/18 maxlen: 32 2403:a200::/32 maxlen: 64 2403:a200:a2ff::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.crl rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 18 Jun 2026 00:55:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:54:a2:e1:69:65:ab:68:09:ff:42:05:70:06:16:fc:49:1f:2c:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1C519CD1C415925E7FCE92FDA20FF18EC544C74B Validity Not Before: Jun 8 02:18:34 2026 GMT Not After : Jun 7 02:23:34 2027 GMT Subject: CN=0018BD0B17C8CC0D2798897D468A081825871DB1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:75:b0:f0:53:ea:20:26:06:c2:84:22:fb:b2: c0:76:0e:9a:7e:40:41:e8:bb:65:12:c8:7a:25:23: 55:bf:bd:5c:60:63:48:5d:72:a4:4c:bc:98:60:78: 1e:cd:80:94:1e:e9:70:16:dc:c2:33:d6:91:b3:b9: cb:70:83:ce:a6:38:b6:62:6e:a4:0c:93:df:7f:1e: 5e:4e:45:d6:b7:10:30:0c:fe:7c:85:32:b4:3f:6d: a4:ec:f5:a5:c9:12:3b:14:b7:30:3c:db:59:80:c6: 4e:b7:7e:6c:85:13:bc:03:1d:da:e1:bf:07:f3:25: 84:97:60:0c:72:5e:9d:23:f2:8c:fb:02:3e:38:b6: 60:88:08:b4:27:db:e7:6d:65:db:96:8d:f6:6b:59: 4c:bc:8b:c4:d8:66:f5:d8:06:3e:c1:6b:2b:d3:23: 54:27:9e:54:70:47:cd:4c:88:3b:bb:60:ec:d0:63: d9:de:37:fc:d4:e3:dc:52:83:1e:4a:46:77:d0:23: b4:95:d6:22:01:5a:b6:9c:1c:ab:fc:a3:d5:6a:4c: 82:8d:e9:14:71:d8:05:28:2f:67:5c:48:27:4e:6c: 5a:da:13:90:73:ae:39:ef:93:e8:83:11:6d:3e:4d: 67:e0:c1:86:61:d7:c0:60:f4:72:e4:62:7e:37:ed: 22:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:18:BD:0B:17:C8:CC:0D:27:98:89:7D:46:8A:08:18:25:87:1D:B1 X509v3 Authority Key Identifier: keyid:1C:51:9C:D1:C4:15:92:5E:7F:CE:92:FD:A2:0F:F1:8E:C5:44:C7:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS133111.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 42.158.0.0/16 58.83.128.0/17 59.151.0.0/17 59.191.0.0/17 103.247.168.0/22 120.132.128.0-120.133.239.255 120.134.0.0/15 124.250.0.0/15 182.174.0.0-182.175.239.255 183.84.0.0/15 203.196.0.0/21 210.77.128.0/19 211.99.160.0-211.99.223.255 211.151.0.0-211.152.31.255 211.152.64.0/18 IPv6: 2403:a200::/32 Signature Algorithm: sha256WithRSAEncryption 55:57:68:25:d2:ee:80:c8:a7:77:52:0f:8a:32:75:24:df:12: 6d:06:15:0d:b9:55:97:93:cc:35:fd:d6:f1:dd:bb:a5:b9:18: 6a:3e:dd:66:6a:31:98:99:85:83:51:12:bf:71:65:2e:1c:79: 91:bf:27:c2:0f:61:fa:2f:81:97:36:e5:1a:5c:d0:e2:c5:54: b0:d5:98:35:e1:39:6c:34:59:c1:f8:59:50:82:ca:39:d7:6d: 78:5a:39:b8:65:95:3f:ad:d0:48:d8:63:17:c7:65:e5:b9:82: 1a:a6:f9:96:bf:0a:48:58:2a:30:99:3f:f0:77:d5:c6:41:05: 84:ef:cd:73:06:b4:85:52:60:b2:b7:dc:b3:d3:e7:25:ed:1d: 1c:5e:af:e6:97:58:d2:c9:6c:55:b8:6c:a1:78:09:24:ac:23: 96:90:3b:a3:85:93:19:35:a1:f9:bb:b9:4a:c6:38:f0:60:4b: 02:97:9e:ee:33:94:e0:e3:1e:d8:85:00:b9:2b:c4:3e:89:90: be:b8:07:0a:b4:05:67:0c:4b:e8:63:f2:4c:06:e8:bc:9d:60: 9f:27:d9:80:e9:2e:73:fd:dd:7e:f8:45:cd:b8:c1:93:b7:b7: 46:8a:14:54:84:9a:2c:63:7a:88:62:b1:97:1e:57:dc:12:12: df:4c:b2:c0 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgIUPFSi4Wllq2gJ/0IFcAYW/EkfLKQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUM1MTlDRDFDNDE1OTI1RTdGQ0U5MkZEQTIwRkYxOEVD NTQ0Qzc0QjAeFw0yNjA2MDgwMjE4MzRaFw0yNzA2MDcwMjIzMzRaMDMxMTAvBgNV BAMTKDAwMThCRDBCMTdDOENDMEQyNzk4ODk3RDQ2OEEwODE4MjU4NzFEQjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYdbDwU+ogJgbChCL7ssB2Dpp+ QEHou2USyHolI1W/vVxgY0hdcqRMvJhgeB7NgJQe6XAW3MIz1pGzuctwg86mOLZi bqQMk99/Hl5ORda3EDAM/nyFMrQ/baTs9aXJEjsUtzA821mAxk63fmyFE7wDHdrh vwfzJYSXYAxyXp0j8oz7Aj44tmCICLQn2+dtZduWjfZrWUy8i8TYZvXYBj7BayvT I1QnnlRwR81MiDu7YOzQY9neN/zU49xSgx5KRnfQI7SV1iIBWracHKv8o9VqTIKN 6RRx2AUoL2dcSCdObFraE5Bzrjnvk+iDEW0+TWfgwYZh18Bg9HLkYn437SINAgMB AAGjggJkMIICYDAdBgNVHQ4EFgQUABi9CxfIzA0nmIl9RooIGCWHHbEwHwYDVR0j BBgwFoAUHFGc0cQVkl5/zpL9og/xjsVEx0swDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjI2NTQ1OTM0ODUzNzM0Ni8xLzFDNTE5Q0QxQzQxNTkyNUU3RkNFOTJGREEyMEZG MThFQzU0NEM3NEIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUM1MTlDRDFDNDE1OTI1RTdGQ0U5MkZEQTIwRkYxOEVDNTQ0Qzc0Qi5jZXIw XgYIKwYBBQUHAQsEUjBQME4GCCsGAQUFBzALhkJyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTYyNjU0NTkzNDg1MzczNDYvMS9BUzEzMzExMS5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCBngYIKwYBBQUHAQcBAf8EgY4wgYsw egQCAAEwdAMDACqeAwQHOlOAAwQHO5cAAwQHO78AAwQCZ/eoMAwDBAd4hIADBAR4 heADAwF4hgMDAXz6MAsDAwG2rgMEBLav4AMDAbdUAwQDy8QAAwQF0k2AMAwDBAXT Y6ADBAXTY8AwCwMDANOXAwQF05gAAwQG05hAMA0EAgACMAcDBQAkA6IAMA0GCSqG SIb3DQEBCwUAA4IBAQBVV2gl0u6AyKd3Ug+KMnUk3xJtBhUNuVWXk8w1/dbx3bul uRhqPt1majGYmYWDURK/cWUuHHmRvyfCD2H6L4GXNuUaXNDixVSw1Zg14TlsNFnB +FlQgso51214Wjm4ZZU/rdBI2GMXx2XluYIapvmWvwpIWCowmT/wd9XGQQWE781z BrSFUmCyt9yz0+cl7R0cXq/ml1jSyWxVuGyheAkkrCOWkDujhZMZNaH5u7lKxjjw YEsCl57uM5Tg4x7YhQC5K8Q+iZC+uAcKtAVnDEvoY/JMBui8nWCfJ9mA6S5z/d1+ +EXNuMGTt7dGihRUhJosY3qIYrGXHlfcEhLfTLLA -----END CERTIFICATE-----Generated at Wed Jun 17 08:44:21 2026 by rpki-client