$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS137539.roa File: AS137539.roa (raw, json) Hash identifier: otBv9CgpIdH1jkS+1OeIvuZsRmj9gXrSLLCFCXZdKXY= Subject key identifier: DE:F7:A2:BF:77:D1:41:2B:2D:38:6E:66:DA:8F:17:98:DF:9D:AC:E1 Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925 Certificate serial: 2CC38BA9488B377E3C467C82C2EEFD9E353D2B20 Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS137539.roa Signing time: Thu 11 Jun 2026 12:19:40 +0000 ROA not before: Thu 11 Jun 2026 12:14:40 +0000 ROA not after: Thu 10 Jun 2027 12:19:40 +0000 asID: 137539 IP address blocks: 2408:877c::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 00:24:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:c3:8b:a9:48:8b:37:7e:3c:46:7c:82:c2:ee:fd:9e:35:3d:2b:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925 Validity Not Before: Jun 11 12:14:40 2026 GMT Not After : Jun 10 12:19:40 2027 GMT Subject: CN=DEF7A2BF77D1412B2D386E66DA8F1798DF9DACE1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:fe:39:0a:66:8b:dc:19:60:64:27:a9:c7:87: ca:3e:0e:80:a4:c1:87:93:80:62:ec:49:b3:80:49: 21:30:4f:bc:00:6b:f3:05:4f:05:cb:19:4b:8d:cd: e7:6d:02:42:92:ec:3c:6b:9c:c3:f4:0a:91:4e:d9: 8d:fd:44:70:07:c4:11:82:f6:f2:85:fb:2b:3c:a1: 9f:59:e4:3b:f5:12:26:9c:e0:8c:f9:dc:9a:69:24: f2:62:5c:28:98:5d:58:4d:49:d3:f3:31:1c:43:f1: 03:35:98:5a:cd:9f:a8:b7:aa:d0:d1:bc:ba:8e:37: b8:97:8d:66:b7:3c:bf:dd:dd:cd:f3:21:68:0b:f1: 04:2a:a7:89:29:8c:a1:cd:59:5f:62:89:5a:c9:9b: 21:b8:70:93:cf:56:9e:9a:bb:65:0c:2b:2b:fb:f2: b8:90:8e:a5:7c:62:40:3d:75:21:3c:0a:7a:6c:2c: 51:52:68:cc:de:2e:7e:e6:9d:32:a3:05:2d:f8:fa: 77:fd:86:d4:95:80:41:bd:95:02:cc:04:2e:8f:50: fa:16:86:5a:98:50:bc:c1:79:ec:83:84:86:1e:56: 4d:78:27:10:65:a5:37:74:81:fb:13:b1:39:a4:23: b8:9b:ca:e1:e2:b9:73:ef:e9:fb:c2:89:e9:e5:d0: e9:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:F7:A2:BF:77:D1:41:2B:2D:38:6E:66:DA:8F:17:98:DF:9D:AC:E1 X509v3 Authority Key Identifier: keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS137539.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2408:877c::/32 Signature Algorithm: sha256WithRSAEncryption 4b:a9:cc:6a:48:3d:30:b1:0c:22:05:2c:42:c8:cb:c6:61:ac: 88:8a:cf:33:96:b7:b9:6c:38:a8:9d:c1:68:f8:30:41:f0:a9: 71:80:1b:ce:32:d7:33:35:b2:6a:2d:65:7e:36:4a:21:6b:00: 91:c9:1a:40:6b:03:a1:d4:64:6b:3c:3d:85:e9:80:98:80:51: 13:2b:75:c2:ff:a3:28:a6:2c:14:5d:34:46:6a:80:2c:73:d6: 04:75:68:62:b7:a0:b5:cc:46:9d:7e:e4:7a:c9:33:54:9b:dd: c8:c4:9f:7a:e0:13:13:cb:a1:40:cc:04:c3:68:7a:4b:af:a9: 38:63:0f:9b:c4:bc:ff:ae:54:20:d8:3a:3f:eb:27:ce:74:8e: 96:da:08:51:9b:29:bc:e2:6f:dd:8a:66:fd:65:85:d9:a6:49: 27:94:59:fa:8c:fe:80:d8:ac:a3:0a:6c:0c:d0:e8:22:7b:1e: 8b:ac:b0:10:81:3a:54:47:99:bf:a9:d3:da:87:5a:99:e5:89: b7:5e:1e:fd:58:51:85:e5:87:3a:f4:ac:cd:52:ba:59:d0:29: 42:ae:18:93:d3:e8:6c:24:01:9f:e7:e1:29:0f:39:e0:79:8f: b7:fc:c7:e6:57:ee:3a:54:fd:79:3f:a1:68:48:de:85:ed:df: 4f:7b:f0:30 -----BEGIN CERTIFICATE----- MIIE8jCCA9qgAwIBAgIULMOLqUiLN348RnyCwu79njU9KyAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDYxMTEyMTQ0MFoX DTI3MDYxMDEyMTk0MFowMzExMC8GA1UEAxMoREVGN0EyQkY3N0QxNDEyQjJEMzg2 RTY2REE4RjE3OThERjlEQUNFMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJL+OQpmi9wZYGQnqceHyj4OgKTBh5OAYuxJs4BJITBPvABr8wVPBcsZS43N 520CQpLsPGucw/QKkU7Zjf1EcAfEEYL28oX7Kzyhn1nkO/USJpzgjPncmmkk8mJc KJhdWE1J0/MxHEPxAzWYWs2fqLeq0NG8uo43uJeNZrc8v93dzfMhaAvxBCqniSmM oc1ZX2KJWsmbIbhwk89Wnpq7ZQwrK/vyuJCOpXxiQD11ITwKemwsUVJozN4ufuad MqMFLfj6d/2G1JWAQb2VAswELo9Q+haGWphQvMF57IOEhh5WTXgnEGWlN3SB+xOx OaQjuJvK4eK5c+/p+8KJ6eXQ6UcCAwEAAaOCAeUwggHhMB0GA1UdDgQWBBTe96K/ d9FBKy04bmbajxeY352s4TAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5 NTM0MjU5My8xL0FTMTM3NTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAiHfDANBgkqhkiG9w0BAQsF AAOCAQEAS6nMakg9MLEMIgUsQsjLxmGsiIrPM5a3uWw4qJ3BaPgwQfCpcYAbzjLX MzWyai1lfjZKIWsAkckaQGsDodRkazw9hemAmIBREyt1wv+jKKYsFF00RmqALHPW BHVoYregtcxGnX7keskzVJvdyMSfeuATE8uhQMwEw2h6S6+pOGMPm8S8/65UINg6 P+snznSOltoIUZspvOJv3Ypm/WWF2aZJJ5RZ+oz+gNisowpsDNDoInsei6ywEIE6 VEeZv6nT2odameWJt14e/VhRheWHOvSszVK6WdApQq4Yk9PobCQBn+fhKQ854HmP t/zH5lfuOlT9eT+haEjehe3fT3vwMA== -----END CERTIFICATE-----Generated at Sat Jun 13 10:17:11 2026 by rpki-client