$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140707.roa File: AS140707.roa (raw, json) Hash identifier: dhCaFshRZ7M09xzhUAyNw9T/7RVZBAzAYQhNY5c85IU= Subject key identifier: 12:CA:B4:5A:87:AA:BC:B1:C4:DD:8C:95:34:9C:59:B5:41:05:D1:BF Certificate issuer: /CN=A9143CB30000/serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925 Certificate serial: 4BF8EAA4A063820E36E66A70C8C0E00D4D2DD1DE Authority key identifier: 8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140707.roa Signing time: Thu 04 Jun 2026 01:00:20 +0000 ROA not before: Thu 04 Jun 2026 00:55:20 +0000 ROA not after: Thu 03 Jun 2027 01:00:20 +0000 asID: 140707 IP address blocks: 2408:81a3:c800::/48 maxlen: 48 2408:81a3:ca66::/48 maxlen: 48 2408:8779:c000::/48 maxlen: 48 2408:8779:c001::/48 maxlen: 48 2408:8779:c002::/48 maxlen: 48 2408:8779:c003::/48 maxlen: 48 2408:8779:c004::/48 maxlen: 48 2408:8779:c005::/48 maxlen: 48 2408:8779:c006::/48 maxlen: 48 2408:8779:c007::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 00:24:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:f8:ea:a4:a0:63:82:0e:36:e6:6a:70:c8:c0:e0:0d:4d:2d:d1:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143CB30000, serialNumber=8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925 Validity Not Before: Jun 4 00:55:20 2026 GMT Not After : Jun 3 01:00:20 2027 GMT Subject: CN=12CAB45A87AABCB1C4DD8C95349C59B54105D1BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d7:06:5a:3b:85:98:7b:fa:14:47:08:0b:7c: 3b:26:ba:52:35:bd:d6:b3:96:39:83:58:97:17:fe: 87:b6:e8:e5:03:3c:e1:f5:a7:c7:10:c1:4c:d7:da: b8:7f:37:49:63:f7:f0:3e:d1:69:dc:dd:73:d2:25: bf:fc:43:84:1f:89:2d:1b:e8:f0:9e:80:0a:bd:2d: e8:c9:b6:ca:bb:8e:03:02:9f:ae:39:91:ae:96:07: a6:0b:73:d7:b2:91:c9:4c:81:75:01:1e:af:5b:35: a8:ce:01:49:0c:cf:cc:50:43:7c:05:45:47:73:d8: 7f:22:27:5a:7b:f8:c4:e3:2d:a9:4c:d3:ec:52:4b: c8:a3:dd:9a:c6:7e:f1:fb:63:d4:58:0c:cd:fb:a3: 63:01:24:0e:1f:b7:c9:cf:50:7c:97:98:cf:e8:de: 34:66:e9:1f:15:f6:6d:78:4c:a8:e8:4a:74:ba:3a: 64:fd:47:94:18:2b:62:d5:7e:9c:ac:3b:be:73:f6: 39:e6:66:83:d8:5c:5d:fd:68:d8:04:44:8f:3d:dc: b0:ac:62:7e:95:1d:90:b3:da:3e:59:48:66:0c:11: 2d:51:db:ff:68:9a:ad:50:17:05:5d:b2:b9:84:e2: cf:9e:d2:74:24:c1:af:59:c5:dd:05:31:54:3e:73: 25:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:CA:B4:5A:87:AA:BC:B1:C4:DD:8C:95:34:9C:59:B5:41:05:D1:BF X509v3 Authority Key Identifier: keyid:8A:1B:4E:4A:63:29:5F:18:B4:F0:6F:FF:6A:D0:2C:31:65:BF:99:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/8A1B4E4A63295F18B4F06FFF6AD02C3165BF9925.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ihtOSmMpXxi08G__atAsMWW_mSU.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096704593695342593/1/AS140707.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2408:81a3:c800::/48 2408:81a3:ca66::/48 2408:8779:c000::/45 Signature Algorithm: sha256WithRSAEncryption c1:c9:8e:4b:cb:16:97:2d:23:57:c2:ef:a7:2d:57:51:a3:59: 55:d5:8f:f6:1d:7a:a3:04:14:a8:fd:4b:fa:15:6a:85:bd:1f: 34:71:55:50:1c:ec:67:45:36:d0:c4:3b:19:81:0a:15:9c:01: 3a:7d:46:9b:7e:d8:23:00:7f:c6:cc:34:53:83:da:57:9b:1d: d2:b2:21:5b:da:3b:4c:25:04:9e:0a:de:fd:33:bc:92:d4:a6: 68:91:e1:9c:1e:d0:03:20:24:28:fc:45:04:60:52:98:b3:42: 48:d1:a5:74:d2:9d:74:68:18:25:07:19:b8:c3:8e:14:c4:ec: e7:90:fd:34:a9:7b:fa:35:11:7f:69:3b:bd:a9:ec:e3:24:28: 4c:7c:ee:b0:f6:b3:14:8a:5b:a1:42:2e:b6:cc:e7:f9:b6:be: 32:a0:1a:0f:9b:01:d5:35:c4:1a:b9:a3:72:3b:33:c5:fc:56: 80:40:df:24:26:dd:10:76:07:a6:bd:be:63:c6:1f:3f:4d:ea: 39:1f:2a:08:3b:e0:25:50:45:0c:c6:8f:77:8e:22:04:64:77: 25:05:73:01:e1:d6:6b:e1:0f:4b:00:90:89:8d:c5:48:40:26: 6a:cd:13:34:ff:48:97:90:48:18:60:4d:4f:e5:18:b2:27:a7: 2b:f8:c2:47 -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUS/jqpKBjgg425mpwyMDgDU0t0d4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNDNDQjMwMDAwMTEwLwYDVQQFEyg4QTFCNEU0QTYz Mjk1RjE4QjRGMDZGRkY2QUQwMkMzMTY1QkY5OTI1MB4XDTI2MDYwNDAwNTUyMFoX DTI3MDYwMzAxMDAyMFowMzExMC8GA1UEAxMoMTJDQUI0NUE4N0FBQkNCMUM0REQ4 Qzk1MzQ5QzU5QjU0MTA1RDFCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALLXBlo7hZh7+hRHCAt8Oya6UjW91rOWOYNYlxf+h7bo5QM84fWnxxDBTNfa uH83SWP38D7Radzdc9Ilv/xDhB+JLRvo8J6ACr0t6Mm2yruOAwKfrjmRrpYHpgtz 17KRyUyBdQEer1s1qM4BSQzPzFBDfAVFR3PYfyInWnv4xOMtqUzT7FJLyKPdmsZ+ 8ftj1FgMzfujYwEkDh+3yc9QfJeYz+jeNGbpHxX2bXhMqOhKdLo6ZP1HlBgrYtV+ nKw7vnP2OeZmg9hcXf1o2AREjz3csKxifpUdkLPaPllIZgwRLVHb/2iarVAXBV2y uYTiz57SdCTBr1nF3QUxVD5zJZUCAwEAAaOCAfkwggH1MB0GA1UdDgQWBBQSyrRa h6q8scTdjJU0nFm1QQXRvzAfBgNVHSMEGDAWgBSKG05KYylfGLTwb/9q0CwxZb+Z JTAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk2NzA0NTkzNjk1MzQyNTkzLzEvOEExQjRF NEE2MzI5NUYxOEI0RjA2RkZGNkFEMDJDMzE2NUJGOTkyNS5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvaWh0T1NtTXBY eGkwOEdfX2F0QXNNV1dfbVNVLmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NjcwNDU5MzY5 NTM0MjU5My8xL0FTMTQwNzA3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAJAiBo8gAAwcAJAiBo8pmAwcD JAiHecAAMA0GCSqGSIb3DQEBCwUAA4IBAQDByY5LyxaXLSNXwu+nLVdRo1lV1Y/2 HXqjBBSo/Uv6FWqFvR80cVVQHOxnRTbQxDsZgQoVnAE6fUabftgjAH/GzDRTg9pX mx3SsiFb2jtMJQSeCt79M7yS1KZokeGcHtADICQo/EUEYFKYs0JI0aV00p10aBgl Bxm4w44UxOznkP00qXv6NRF/aTu9qezjJChMfO6w9rMUiluhQi62zOf5tr4yoBoP mwHVNcQauaNyOzPF/FaAQN8kJt0Qdgemvb5jxh8/Teo5HyoIO+AlUEUMxo93jiIE ZHclBXMB4dZr4Q9LAJCJjcVIQCZqzRM0/0iXkEgYYE1P5RiyJ6cr+MJH -----END CERTIFICATE-----Generated at Sat Jun 13 10:17:12 2026 by rpki-client