$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132437.roa File: AS132437.roa (raw, json) Hash identifier: 0a3UYxodlw6I0UIUC5WTRMT2aKU2kNlXasawJ9/s3BU= Subject key identifier: A2:30:99:A6:7B:82:D1:E5:92:CD:FF:2B:29:74:C7:67:16:7E:1D:08 Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E Certificate serial: 2BC7D91A058E835BFE5021CBC17CE1285B2610AE Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132437.roa Signing time: Mon 01 Jun 2026 16:03:08 +0000 ROA not before: Mon 01 Jun 2026 15:58:08 +0000 ROA not after: Mon 31 May 2027 16:03:08 +0000 asID: 132437 IP address blocks: 117.66.16.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 12:26:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:c7:d9:1a:05:8e:83:5b:fe:50:21:cb:c1:7c:e1:28:5b:26:10:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E Validity Not Before: Jun 1 15:58:08 2026 GMT Not After : May 31 16:03:08 2027 GMT Subject: CN=A23099A67B82D1E592CDFF2B2974C767167E1D08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:d8:a5:54:c0:da:ed:50:51:d6:00:a6:e0:3d: bf:70:bb:ee:bb:89:98:d4:cd:38:e2:62:dc:10:1f: 43:9a:28:16:b0:c8:28:93:13:b7:83:73:91:75:f0: 18:c9:f0:72:ad:8a:d7:a9:e0:fa:fe:d7:5d:f6:8c: 3b:51:3e:a0:78:6e:9b:d7:9b:cd:e9:ad:e4:fd:94: e7:ac:57:68:31:2f:48:04:70:34:46:2f:b1:f8:76: 92:29:63:b8:9d:cf:ce:94:d7:9a:c2:b6:eb:42:4d: 4b:4b:fc:45:a8:d9:0e:a9:9b:ff:cc:79:55:d7:75: 78:c0:86:45:24:a0:2f:6a:c3:65:1d:82:e5:c1:3d: 46:44:a3:8c:a2:72:30:84:8b:17:0b:87:5b:e0:37: b1:d8:57:43:bb:ac:52:be:9f:e5:fa:b0:73:f2:01: c2:82:2b:0a:68:de:c0:ed:87:87:0d:93:f5:7b:e6: a6:cc:ba:31:fc:31:0c:c4:ed:f1:fa:fc:37:de:fb: 73:f3:cb:e3:55:27:1f:88:6f:b6:57:47:e6:2c:ac: ff:6a:9b:e7:d3:19:90:87:e7:91:dd:28:ad:49:e9: 8f:3a:ba:f7:16:e2:74:ad:b5:e3:f5:37:04:2d:6b: 34:0c:98:26:30:4f:39:89:f1:53:63:e7:44:5f:4b: bf:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:30:99:A6:7B:82:D1:E5:92:CD:FF:2B:29:74:C7:67:16:7E:1D:08 X509v3 Authority Key Identifier: keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS132437.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 117.66.16.0/21 Signature Algorithm: sha256WithRSAEncryption 0d:0f:6e:73:8a:5a:a6:b6:3e:d2:6a:12:b8:98:d9:fb:31:7d: f6:45:a8:14:a9:15:89:62:a6:57:2e:7a:09:6f:9e:6a:a9:f4: 38:fe:b1:8e:19:ae:1b:f3:4d:a4:8e:45:61:ea:fe:39:b1:48: b7:ae:83:21:5c:50:57:8f:ed:a0:1d:3d:19:5d:59:a4:11:ae: 33:09:f6:7d:33:38:a0:22:92:dd:5e:f2:0e:fc:79:86:a1:58: 32:86:57:23:79:af:12:b5:44:94:49:86:9b:6c:d0:cb:c0:50: 65:80:67:11:17:74:0f:22:93:7e:2b:cd:88:57:31:ca:6b:b8: c0:98:b0:57:a3:78:f3:4a:88:ee:4f:ac:2a:a1:9b:2b:7d:14: 1e:e9:4c:7d:5e:ea:53:84:65:a5:8d:4f:a4:32:80:70:47:64: cc:b0:5d:28:b1:e3:a4:bc:02:b2:d7:b8:af:5b:03:95:20:9c: f7:f0:77:c6:3a:44:e4:0e:12:ac:6c:3b:0f:2f:ac:b5:fc:e5: 36:02:32:de:9a:9e:86:61:3f:f9:ad:ae:96:a2:87:56:32:39: b9:e5:7b:da:5f:94:d5:2f:84:7e:c1:93:8d:be:96:2f:f9:13: b3:d3:81:1e:09:6f:1f:32:2c:31:c8:95:ac:73:9d:bb:72:3c: a2:42:00:25 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUK8fZGgWOg1v+UCHLwXzhKFsmEK4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMTE1NTgwOFoX DTI3MDUzMTE2MDMwOFowMzExMC8GA1UEAxMoQTIzMDk5QTY3QjgyRDFFNTkyQ0RG RjJCMjk3NEM3NjcxNjdFMUQwODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANvYpVTA2u1QUdYApuA9v3C77ruJmNTNOOJi3BAfQ5ooFrDIKJMTt4NzkXXw GMnwcq2K16ng+v7XXfaMO1E+oHhum9ebzemt5P2U56xXaDEvSARwNEYvsfh2kilj uJ3PzpTXmsK260JNS0v8RajZDqmb/8x5Vdd1eMCGRSSgL2rDZR2C5cE9RkSjjKJy MISLFwuHW+A3sdhXQ7usUr6f5fqwc/IBwoIrCmjewO2Hhw2T9Xvmpsy6MfwxDMTt 8fr8N977c/PL41UnH4hvtldH5iys/2qb59MZkIfnkd0orUnpjzq69xbidK214/U3 BC1rNAyYJjBPOYnxU2PnRF9Lv7kCAwEAAaOCAeQwggHgMB0GA1UdDgQWBBSiMJmm e4LR5ZLN/yspdMdnFn4dCDAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw NTk3NjgzNS8xL0FTMTMyNDM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDdUIQMA0GCSqGSIb3DQEBCwUA A4IBAQAND25zilqmtj7SahK4mNn7MX32RagUqRWJYqZXLnoJb55qqfQ4/rGOGa4b 802kjkVh6v45sUi3roMhXFBXj+2gHT0ZXVmkEa4zCfZ9MzigIpLdXvIO/HmGoVgy hlcjea8StUSUSYabbNDLwFBlgGcRF3QPIpN+K82IVzHKa7jAmLBXo3jzSojuT6wq oZsrfRQe6Ux9XupThGWljU+kMoBwR2TMsF0oseOkvAKy17ivWwOVIJz38HfGOkTk DhKsbDsPL6y1/OU2AjLemp6GYT/5ra6WoodWMjm55XvaX5TVL4R+wZONvpYv+ROz 04EeCW8fMiwxyJWsc527cjyiQgAl -----END CERTIFICATE-----Generated at Sun Jun 14 06:30:59 2026 by rpki-client