$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS138570.roa File: AS138570.roa (raw, json) Hash identifier: Z0GdFA2RT3StNx6w56Ft58g3yl6c+2WNeOaTsh4Bv5I= Subject key identifier: 99:01:94:FC:75:AB:7B:E0:06:FB:F1:F1:80:11:88:99:78:2C:2E:3E Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E Certificate serial: 5371A2F9B2F8BF103A1502A0CE924FAB74705487 Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS138570.roa Signing time: Mon 01 Jun 2026 16:03:08 +0000 ROA not before: Mon 01 Jun 2026 15:58:08 +0000 ROA not after: Mon 31 May 2027 16:03:08 +0000 asID: 138570 IP address blocks: 60.171.129.0/24 maxlen: 24 117.66.24.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 12:26:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:71:a2:f9:b2:f8:bf:10:3a:15:02:a0:ce:92:4f:ab:74:70:54:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E Validity Not Before: Jun 1 15:58:08 2026 GMT Not After : May 31 16:03:08 2027 GMT Subject: CN=990194FC75AB7BE006FBF1F180118899782C2E3E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d4:e9:65:c3:d1:1a:03:e1:c4:6a:f7:98:96: 73:24:56:3e:8b:e1:1d:02:53:27:20:bd:62:c9:66: 53:23:c2:81:eb:69:d4:27:24:89:84:12:80:bd:5d: 02:84:39:56:e4:0c:16:36:ea:a3:42:14:ea:ff:c2: c1:2d:ef:b5:ec:dc:b7:51:12:49:58:ea:3d:53:8e: 66:2f:3a:9f:e8:6b:40:6c:52:39:c4:ea:34:69:5c: 8f:86:1d:d9:ea:23:eb:1c:9b:d9:1e:7a:d8:9b:ca: f8:63:c7:3e:c0:84:1c:6e:c2:e7:7e:17:04:60:91: 9a:95:bf:27:b9:eb:66:df:ec:92:64:9a:9d:48:44: e1:f7:6f:5b:07:35:64:6b:2b:f7:f7:7e:8a:8f:05: a7:97:63:c6:c0:17:a5:98:9d:78:d8:14:5d:73:c2: 0a:3f:e3:1c:ac:c9:10:11:47:b2:3e:9b:02:05:72: 4c:c5:02:4a:fb:2c:fe:a8:8a:d3:1c:81:8d:2c:19: db:3c:48:7f:8a:33:26:9c:99:a6:8e:f0:17:2c:70: 45:8a:48:51:62:0b:1a:ca:9d:de:44:95:9c:5a:d1: b1:60:f6:fc:54:f6:ab:3d:68:75:bd:83:30:7f:d5: 7f:44:af:57:da:5a:f4:76:14:79:1a:bc:3d:59:77: bd:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:01:94:FC:75:AB:7B:E0:06:FB:F1:F1:80:11:88:99:78:2C:2E:3E X509v3 Authority Key Identifier: keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS138570.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 60.171.129.0/24 117.66.24.0/21 Signature Algorithm: sha256WithRSAEncryption 54:1b:37:72:7d:3d:89:22:51:67:9c:9f:1e:c1:51:04:17:17: 10:8b:14:20:df:7f:6a:32:cb:1f:67:45:99:98:8a:06:62:0c: 67:8e:bc:c1:6e:1a:64:86:e3:49:1a:51:fb:d6:f8:4a:de:07: d3:bb:69:88:06:31:6d:2e:f3:4b:99:bc:8e:a7:02:b8:a9:f2: c8:18:00:fb:b7:c5:54:a8:e8:e9:a2:83:d8:e1:5f:d2:35:95: 8d:44:80:10:1c:90:ec:4a:c8:cf:27:1b:1a:12:ce:5c:c8:10: a5:ea:10:d7:96:71:25:b0:23:5c:c0:da:c6:c9:49:93:0e:9b: 24:e3:70:0f:5f:ba:47:3f:9d:ad:e1:26:a1:aa:d2:66:28:6f: ea:30:8b:10:b8:1d:83:aa:3b:75:34:85:0f:1b:30:62:c8:0e: 9b:1c:b9:ba:43:be:2a:a6:8b:10:20:9c:ec:fe:38:72:ca:b0: 75:9d:7f:67:d0:57:3d:ad:70:75:95:3c:e5:a1:c5:d4:b6:34: 16:04:3c:b2:19:c9:79:61:c5:29:37:de:99:87:cf:05:a1:c8: 1f:78:71:a4:4f:f3:e8:72:33:37:e7:ab:13:ff:5c:83:3b:ef: 90:ea:03:61:14:7e:30:e6:6c:2f:63:06:3b:5b:58:6b:6f:7d: b8:0b:90:be -----BEGIN CERTIFICATE----- MIIE9zCCA9+gAwIBAgIUU3Gi+bL4vxA6FQKgzpJPq3RwVIcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDYwMTE1NTgwOFoX DTI3MDUzMTE2MDMwOFowMzExMC8GA1UEAxMoOTkwMTk0RkM3NUFCN0JFMDA2RkJG MUYxODAxMTg4OTk3ODJDMkUzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7U6WXD0RoD4cRq95iWcyRWPovhHQJTJyC9YslmUyPCgetp1CckiYQSgL1d AoQ5VuQMFjbqo0IU6v/CwS3vtezct1ESSVjqPVOOZi86n+hrQGxSOcTqNGlcj4Yd 2eoj6xyb2R562JvK+GPHPsCEHG7C534XBGCRmpW/J7nrZt/skmSanUhE4fdvWwc1 ZGsr9/d+io8Fp5djxsAXpZideNgUXXPCCj/jHKzJEBFHsj6bAgVyTMUCSvss/qiK 0xyBjSwZ2zxIf4ozJpyZpo7wFyxwRYpIUWILGsqd3kSVnFrRsWD2/FT2qz1odb2D MH/Vf0SvV9pa9HYUeRq8PVl3vQsCAwEAAaOCAeowggHmMB0GA1UdDgQWBBSZAZT8 dat74Ab78fGAEYiZeCwuPjAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBeBggrBgEFBQcBCwRSMFAwTgYIKwYBBQUH MAuGQnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw NTk3NjgzNS8xL0FTMTM4NTcwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C MCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPKuBAwQDdUIYMA0GCSqGSIb3 DQEBCwUAA4IBAQBUGzdyfT2JIlFnnJ8ewVEEFxcQixQg339qMssfZ0WZmIoGYgxn jrzBbhpkhuNJGlH71vhK3gfTu2mIBjFtLvNLmbyOpwK4qfLIGAD7t8VUqOjpooPY 4V/SNZWNRIAQHJDsSsjPJxsaEs5cyBCl6hDXlnElsCNcwNrGyUmTDpsk43APX7pH P52t4SahqtJmKG/qMIsQuB2Dqjt1NIUPGzBiyA6bHLm6Q74qposQIJzs/jhyyrB1 nX9n0Fc9rXB1lTzlocXUtjQWBDyyGcl5YcUpN96Zh88FocgfeHGkT/PocjM356sT /1yDO++Q6gNhFH4w5mwvYwY7W1hrb324C5C+ -----END CERTIFICATE-----Generated at Sun Jun 14 06:30:58 2026 by rpki-client