$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS133119.roa File: AS133119.roa (raw, json) Hash identifier: Roun36f4d33qwfjgVrr2P9lFTockr6MsTl7heCiFx9s= Subject key identifier: BA:A6:7E:0F:47:A5:08:2A:10:D6:35:98:BD:7F:66:AA:DC:01:F1:8D Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925 Certificate serial: 6368D6A5DC3E79DACB3C5ABDEC32D024DDF4D420 Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS133119.roa Signing time: Thu 11 Jun 2026 12:19:40 +0000 ROA not before: Thu 11 Jun 2026 12:14:40 +0000 ROA not after: Thu 10 Jun 2027 12:19:40 +0000 asID: 133119 IP address blocks: 2408:877e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 00:24:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:68:d6:a5:dc:3e:79:da:cb:3c:5a:bd:ec:32:d0:24:dd:f4:d4:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925 Validity Not Before: Jun 11 12:14:40 2026 GMT Not After : Jun 10 12:19:40 2027 GMT Subject: CN=BAA67E0F47A5082A10D63598BD7F66AADC01F18D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:8b:8d:f0:2e:a0:f4:ca:38:69:c2:59:8c:ed: c0:a5:f7:9d:2c:42:94:4a:cf:e4:c7:2d:98:82:9a: 45:b5:b3:36:ef:0f:5a:5e:b6:62:14:3d:a8:24:1b: 9b:f2:d7:13:e8:c4:4d:54:5e:5b:1a:15:8a:53:da: 21:d0:d1:b9:1b:af:a5:a8:15:a3:08:77:5f:fd:bb: 84:62:26:b8:00:77:a2:0a:24:4b:6c:5c:35:ae:97: 20:30:9c:c1:3c:d4:8c:bb:49:6d:c5:2d:6c:c3:6d: c9:e4:63:fb:82:8b:d2:39:8b:d4:cc:66:29:8c:31: 8c:32:43:a5:d2:9f:8a:80:22:a6:51:f1:30:d6:17: 7b:b4:08:32:d3:4c:0c:fc:7e:31:70:29:2b:a9:04: 13:98:d2:5f:ba:d1:bd:f0:7f:99:d6:9f:28:7e:0d: 61:2f:23:27:4d:0f:57:f4:b9:ea:a8:15:d2:d0:13: 8c:5b:4d:43:04:1b:b4:e3:70:dc:f4:6d:bf:5f:ae: 3a:a5:6a:c5:a1:b2:c5:0d:ae:70:de:99:cf:ba:2c: fc:62:48:55:af:79:f0:10:c5:c9:76:82:7a:61:9e: 34:2f:95:d7:6b:75:12:1a:3b:95:a2:69:d0:b6:88: aa:46:6e:cd:f0:9b:5a:36:37:1e:41:2b:d9:96:ae: 48:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:A6:7E:0F:47:A5:08:2A:10:D6:35:98:BD:7F:66:AA:DC:01:F1:8D X509v3 Authority Key Identifier: keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS133119.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2408:877e::/32 Signature Algorithm: sha256WithRSAEncryption b4:c1:92:22:d6:2c:a2:79:df:b9:77:23:d1:49:40:c5:d4:3c: 4e:91:8b:91:fe:18:3f:cd:33:9d:56:fe:bf:39:9c:12:21:30: 2c:ca:c2:12:c5:d1:8d:37:f1:f5:bd:25:ba:d7:f7:bd:8b:0b: 94:9b:43:fb:f8:30:a4:bd:c4:4a:1a:1a:0e:7a:79:18:82:13: 64:65:46:20:73:5a:5b:df:d0:6d:94:60:ed:e3:0d:71:b7:c0: 1a:fe:7b:4b:06:ec:ef:a8:77:b3:f1:f3:f1:9e:fd:5a:4d:3b: 9c:6c:59:30:f9:e1:5f:1c:b4:e6:98:7b:41:65:a2:b3:01:a1: 06:b8:f2:c6:7c:18:bd:51:8e:a0:54:de:97:2e:8c:22:be:d9: 02:cf:d8:46:b8:b8:0d:6e:5c:25:09:84:5f:28:79:45:ee:ed: 87:69:0e:11:c0:40:79:05:08:28:51:9e:d6:a8:0d:f1:55:10: c1:f2:b4:e6:f5:51:78:92:0b:0d:5f:7b:ad:e6:a2:f2:24:e6: 5f:ed:bd:04:08:7f:67:bc:52:c4:7e:24:a4:87:a5:51:63:03: 29:d9:8d:36:4a:01:4e:72:0a:e2:ef:b0:59:61:1c:9e:f5:86: 4b:03:8c:f6:13:cf:91:e1:5b:30:e2:79:45:45:39:91:ca:34: 21:e2:6c:15 -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIUY2jWpdw+edrLPFq97DLQJN301CAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDYxMTEyMTQ0MFoX DTI3MDYxMDEyMTk0MFowMzExMC8GA1UEAxMoQkFBNjdFMEY0N0E1MDgyQTEwRDYz NTk4QkQ3RjY2QUFEQzAxRjE4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJCLjfAuoPTKOGnCWYztwKX3nSxClErP5MctmIKaRbWzNu8PWl62YhQ9qCQb m/LXE+jETVReWxoVilPaIdDRuRuvpagVowh3X/27hGImuAB3ogokS2xcNa6XIDCc wTzUjLtJbcUtbMNtyeRj+4KL0jmL1MxmKYwxjDJDpdKfioAiplHxMNYXe7QIMtNM DPx+MXApK6kEE5jSX7rRvfB/mdafKH4NYS8jJ00PV/S56qgV0tATjFtNQwQbtONw 3PRtv1+uOqVqxaGyxQ2ucN6Zz7os/GJIVa958BDFyXaCemGeNC+V12t1Eho7laJp 0LaIqkZuzfCbWjY3HkEr2ZauSOcCAwEAAaOCAeUwggHhMB0GA1UdDgQWBBS6pn4P R6UIKhDWNZi9f2aq3AHxjTAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5 NTM0MjU5My8xL0FTMTMzMTE5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAiHfjANBgkqhkiG9w0BAQsF AAOCAQEAtMGSItYsonnfuXcj0UlAxdQ8TpGLkf4YP80znVb+vzmcEiEwLMrCEsXR jTfx9b0lutf3vYsLlJtD+/gwpL3EShoaDnp5GIITZGVGIHNaW9/QbZRg7eMNcbfA Gv57Swbs76h3s/Hz8Z79Wk07nGxZMPnhXxy05ph7QWWiswGhBrjyxnwYvVGOoFTe ly6MIr7ZAs/YRri4DW5cJQmEXyh5Re7th2kOEcBAeQUIKFGe1qgN8VUQwfK05vVR eJILDV97reai8iTmX+29BAh/Z7xSxH4kpIelUWMDKdmNNkoBTnIK4u+wWWEcnvWG SwOM9hPPkeFbMOJ5RUU5kco0IeJsFQ== -----END CERTIFICATE-----Generated at Sat Jun 13 10:17:11 2026 by rpki-client