$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS23724.roa File: AS23724.roa (raw, json) Hash identifier: T0fAwl6wYamPJGnxn4dx30kfD3ZCVW9sUQOvSfYJGI0= Subject key identifier: 1C:FE:E3:0F:1E:A9:8B:5B:B2:21:C5:44:6C:D4:93:C0:CB:92:33:33 Certificate issuer: /CN=1C519CD1C415925E7FCE92FDA20FF18EC544C74B Certificate serial: 096D47976D8F3F3F5D1BADFDB9DBFDCF5A23E37B Authority key identifier: 1C:51:9C:D1:C4:15:92:5E:7F:CE:92:FD:A2:0F:F1:8E:C5:44:C7:4B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS23724.roa Signing time: Mon 08 Jun 2026 02:23:34 +0000 ROA not before: Mon 08 Jun 2026 02:18:34 +0000 ROA not after: Mon 07 Jun 2027 02:23:34 +0000 asID: 23724 IP address blocks: 42.158.0.0/16 maxlen: 32 58.83.128.0/17 maxlen: 32 59.151.0.0/17 maxlen: 32 59.191.0.0/17 maxlen: 32 103.247.168.0/22 maxlen: 32 120.132.128.0/17 maxlen: 32 120.133.0.0/17 maxlen: 32 120.133.128.0/18 maxlen: 32 120.133.192.0/19 maxlen: 32 120.133.224.0/20 maxlen: 32 120.134.0.0/15 maxlen: 32 124.250.0.0/16 maxlen: 32 124.251.0.0/16 maxlen: 32 182.174.0.0/16 maxlen: 32 182.175.0.0/17 maxlen: 32 182.175.128.0/18 maxlen: 32 182.175.192.0/19 maxlen: 32 182.175.224.0/20 maxlen: 32 183.84.0.0/15 maxlen: 32 203.196.0.0/21 maxlen: 32 210.77.128.0/19 maxlen: 32 211.99.160.0/19 maxlen: 32 211.99.192.0/19 maxlen: 32 211.151.0.0/16 maxlen: 32 211.152.0.0/19 maxlen: 32 211.152.64.0/18 maxlen: 32 2403:a200::/32 maxlen: 64 2403:a200:a2ff::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.crl rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 13 Jun 2026 23:15:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:6d:47:97:6d:8f:3f:3f:5d:1b:ad:fd:b9:db:fd:cf:5a:23:e3:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1C519CD1C415925E7FCE92FDA20FF18EC544C74B Validity Not Before: Jun 8 02:18:34 2026 GMT Not After : Jun 7 02:23:34 2027 GMT Subject: CN=1CFEE30F1EA98B5BB221C5446CD493C0CB923333 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:6d:bc:fa:11:09:c8:7a:17:c3:61:18:00:25: 48:d6:1f:64:9b:9f:37:cc:84:29:4c:25:71:13:c3: f2:d7:9b:1b:90:dd:19:98:d6:af:56:b8:6d:12:cd: 2f:6d:b7:91:c0:6c:4a:c8:b8:af:13:49:a3:0f:c2: d4:10:2b:5c:38:05:09:75:d3:9b:19:f2:da:a5:92: 6e:fb:be:69:0d:e4:f8:01:37:37:e9:4d:3c:2b:7e: f1:55:c5:fe:32:63:6f:6c:75:23:e8:1b:84:bd:21: cb:16:13:6f:6d:34:d5:c4:5e:a6:16:a1:d4:05:33: 42:c9:ad:93:32:53:88:bd:e0:d9:37:6e:2f:42:fd: 49:03:41:ae:7c:40:ee:76:78:e1:f5:17:66:6a:21: 91:ce:40:02:c2:9a:f4:cb:d0:4f:0e:a3:08:e8:dd: 7b:48:ae:4e:2b:c3:6a:14:6a:11:9c:51:2b:23:a0: 9f:3d:1b:d8:59:6a:21:e1:ac:8a:ac:fe:ab:b5:85: 20:c8:df:53:fa:2a:39:f5:57:67:9a:59:68:71:a7: 3f:b7:8e:69:bf:da:28:e6:8b:67:22:41:8a:d6:d5: 2d:5f:01:70:54:fa:58:55:de:04:17:aa:50:0e:72: ef:0d:81:2a:dd:59:ac:99:33:c4:3c:57:6c:53:5b: 16:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:FE:E3:0F:1E:A9:8B:5B:B2:21:C5:44:6C:D4:93:C0:CB:92:33:33 X509v3 Authority Key Identifier: keyid:1C:51:9C:D1:C4:15:92:5E:7F:CE:92:FD:A2:0F:F1:8E:C5:44:C7:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS23724.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 42.158.0.0/16 58.83.128.0/17 59.151.0.0/17 59.191.0.0/17 103.247.168.0/22 120.132.128.0-120.133.239.255 120.134.0.0/15 124.250.0.0/15 182.174.0.0-182.175.239.255 183.84.0.0/15 203.196.0.0/21 210.77.128.0/19 211.99.160.0-211.99.223.255 211.151.0.0-211.152.31.255 211.152.64.0/18 IPv6: 2403:a200::/32 Signature Algorithm: sha256WithRSAEncryption 81:d3:f9:c0:fb:3e:04:39:19:f3:b7:54:ec:1d:58:7e:59:fd: 0a:69:24:43:fc:9f:e0:2c:4f:22:bb:2e:70:87:3b:4d:11:c4: a9:66:26:e1:ef:53:72:45:31:41:64:23:d2:0b:9a:ce:8f:d6: 21:b9:d2:f7:ca:a8:c9:8c:39:df:9c:d3:1a:d5:5c:b1:c9:f9: 9b:fa:22:98:e7:fe:0f:67:85:f7:53:36:4d:30:af:cd:53:64: df:15:d6:b4:5d:9a:e9:cf:53:7a:a4:dc:34:01:4e:89:c5:56: 3b:cb:d1:e4:60:ae:89:3e:5b:d9:be:f1:d5:1f:7c:1d:bd:6c: 0d:68:74:58:6f:0c:38:30:eb:68:a1:6e:cf:59:f6:1d:86:25: ac:9b:6a:b7:27:aa:51:44:35:fb:aa:fb:aa:3f:29:f3:77:b3: 18:c2:f9:7f:26:c9:4d:4a:54:5e:fe:67:5f:a5:e3:2e:19:60: 94:17:f2:30:ca:02:c7:a9:73:96:b0:56:33:0d:00:8a:02:b9: 81:e4:42:d0:d9:b9:27:86:fc:b9:83:c8:6d:09:d5:53:42:2b: d3:60:8e:0a:10:18:ac:0d:39:fe:4f:c7:e8:ba:d5:4d:7d:d8: d9:57:65:6c:8a:6b:62:00:fa:e2:a8:90:bf:65:aa:f1:6b:4b: 0d:56:72:aa -----BEGIN CERTIFICATE----- MIIFWTCCBEGgAwIBAgIUCW1Hl22PPz9dG639udv9z1oj43swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUM1MTlDRDFDNDE1OTI1RTdGQ0U5MkZEQTIwRkYxOEVD NTQ0Qzc0QjAeFw0yNjA2MDgwMjE4MzRaFw0yNzA2MDcwMjIzMzRaMDMxMTAvBgNV BAMTKDFDRkVFMzBGMUVBOThCNUJCMjIxQzU0NDZDRDQ5M0MwQ0I5MjMzMzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCbbz6EQnIehfDYRgAJUjWH2Sb nzfMhClMJXETw/LXmxuQ3RmY1q9WuG0SzS9tt5HAbErIuK8TSaMPwtQQK1w4BQl1 05sZ8tqlkm77vmkN5PgBNzfpTTwrfvFVxf4yY29sdSPoG4S9IcsWE29tNNXEXqYW odQFM0LJrZMyU4i94Nk3bi9C/UkDQa58QO52eOH1F2ZqIZHOQALCmvTL0E8Oowjo 3XtIrk4rw2oUahGcUSsjoJ89G9hZaiHhrIqs/qu1hSDI31P6Kjn1V2eaWWhxpz+3 jmm/2ijmi2ciQYrW1S1fAXBU+lhV3gQXqlAOcu8NgSrdWayZM8Q8V2xTWxbTAgMB AAGjggJjMIICXzAdBgNVHQ4EFgQUHP7jDx6pi1uyIcVEbNSTwMuSMzMwHwYDVR0j BBgwFoAUHFGc0cQVkl5/zpL9og/xjsVEx0swDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjI2NTQ1OTM0ODUzNzM0Ni8xLzFDNTE5Q0QxQzQxNTkyNUU3RkNFOTJGREEyMEZG MThFQzU0NEM3NEIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUM1MTlDRDFDNDE1OTI1RTdGQ0U5MkZEQTIwRkYxOEVDNTQ0Qzc0Qi5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTYyNjU0NTkzNDg1MzczNDYvMS9BUzIzNzI0LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6 BAIAATB0AwMAKp4DBAc6U4ADBAc7lwADBAc7vwADBAJn96gwDAMEB3iEgAMEBHiF 4AMDAXiGAwMBfPowCwMDAbauAwQEtq/gAwMBt1QDBAPLxAADBAXSTYAwDAMEBdNj oAMEBdNjwDALAwMA05cDBAXTmAADBAbTmEAwDQQCAAIwBwMFACQDogAwDQYJKoZI hvcNAQELBQADggEBAIHT+cD7PgQ5GfO3VOwdWH5Z/QppJEP8n+AsTyK7LnCHO00R xKlmJuHvU3JFMUFkI9ILms6P1iG50vfKqMmMOd+c0xrVXLHJ+Zv6Ipjn/g9nhfdT Nk0wr81TZN8V1rRdmunPU3qk3DQBTonFVjvL0eRgrok+W9m+8dUffB29bA1odFhv DDgw62ihbs9Z9h2GJaybarcnqlFENfuq+6o/KfN3sxjC+X8myU1KVF7+Z1+l4y4Z YJQX8jDKAsepc5awVjMNAIoCuYHkQtDZuSeG/LmDyG0J1VNCK9NgjgoQGKwNOf5P x+i61U192NlXZWyKa2IA+uKokL9lqvFrSw1Wcqo= -----END CERTIFICATE-----Generated at Sat Jun 13 15:54:51 2026 by rpki-client