$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1094872834095775747/0/AS23841.roa File: AS23841.roa (raw, json) Hash identifier: wEUvCNR/rKJWyrTLZUbTTDGl4gJBMRJxFsOhTzXHPL0= Subject key identifier: EE:CD:B6:A0:90:B6:2B:14:F5:DE:56:29:5D:FA:1A:97:04:0A:9B:C1 Certificate issuer: /CN=A91D5F3D0000/serialNumber=DBB23C7EE492212EA858B78E1C66BF2298E5ACD4 Certificate serial: 6EBE5A1F77DB95E02C5C3C205C2B2E42686B8366 Authority key identifier: DB:B2:3C:7E:E4:92:21:2E:A8:58:B7:8E:1C:66:BF:22:98:E5:AC:D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/27I8fuSSIS6oWLeOHGa_IpjlrNQ.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/AS23841.roa Signing time: Wed 03 Jun 2026 03:03:53 +0000 ROA not before: Wed 03 Jun 2026 02:58:53 +0000 ROA not after: Wed 02 Jun 2027 03:03:53 +0000 asID: 23841 IP address blocks: 111.31.196.0/24 maxlen: 24 111.31.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/DBB23C7EE492212EA858B78E1C66BF2298E5ACD4.crl rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/DBB23C7EE492212EA858B78E1C66BF2298E5ACD4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/27I8fuSSIS6oWLeOHGa_IpjlrNQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 15 Jun 2026 01:31:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:be:5a:1f:77:db:95:e0:2c:5c:3c:20:5c:2b:2e:42:68:6b:83:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5F3D0000, serialNumber=DBB23C7EE492212EA858B78E1C66BF2298E5ACD4 Validity Not Before: Jun 3 02:58:53 2026 GMT Not After : Jun 2 03:03:53 2027 GMT Subject: CN=EECDB6A090B62B14F5DE56295DFA1A97040A9BC1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b7:cd:44:fa:ab:b6:a9:88:2a:64:9c:a7:dc: d9:f0:45:7a:52:4f:8f:5c:1b:0f:6d:c3:17:27:f1: 06:2c:eb:d8:4f:c6:35:d2:c1:5a:5e:ac:80:df:ab: 79:4d:9d:18:aa:03:e8:2a:2b:65:09:f1:c7:b7:02: 79:64:6a:e6:a3:bb:23:95:75:b5:06:c6:e7:2c:84: a1:85:ab:71:e3:a9:58:f8:60:9f:d3:f1:f2:2f:7a: 18:c0:9d:f1:ff:15:5c:af:fa:f5:df:b6:48:4f:2d: df:3f:8a:90:21:cc:03:a9:71:2b:e9:8d:17:92:d1: be:47:76:fb:d9:d0:0e:12:0c:45:71:65:5f:ee:5a: fb:ef:bb:2d:e9:9b:8d:08:48:62:78:9f:fb:ca:60: ba:b5:c2:82:e2:43:0e:02:68:9f:98:4d:e9:f7:88: 36:67:c0:5d:e1:ba:f8:c3:70:a2:13:a5:89:bc:9c: 5e:49:10:70:69:55:ad:11:cf:b0:1c:3b:a3:da:b1: bc:86:0a:63:04:d0:45:ec:60:01:ae:f0:eb:2a:10: a1:f4:f4:7b:ae:c1:7d:5a:34:1e:36:db:56:c4:71: e5:8d:a3:c1:8a:cf:5d:48:19:c8:b8:87:70:38:70: b1:fd:6b:8c:a8:a2:34:c0:3e:16:da:4b:9e:47:5f: 21:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:CD:B6:A0:90:B6:2B:14:F5:DE:56:29:5D:FA:1A:97:04:0A:9B:C1 X509v3 Authority Key Identifier: keyid:DB:B2:3C:7E:E4:92:21:2E:A8:58:B7:8E:1C:66:BF:22:98:E5:AC:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/DBB23C7EE492212EA858B78E1C66BF2298E5ACD4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/27I8fuSSIS6oWLeOHGa_IpjlrNQ.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1094872834095775747/0/AS23841.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 111.31.196.0/24 111.31.239.0/24 Signature Algorithm: sha256WithRSAEncryption 26:5b:a8:3b:b1:42:e7:8f:e8:86:7b:8d:15:4b:d1:e6:f1:8f: eb:67:f9:1b:2f:91:cb:79:49:a5:ff:16:77:f7:26:53:61:70: c2:4d:b1:e9:f9:07:ff:04:b9:2d:0a:b7:fa:6e:ae:47:90:23: 2f:db:3b:53:fa:d1:8a:52:cd:b6:f6:bb:d7:7a:fc:44:1f:57: 3a:58:c7:4a:36:12:f0:76:05:73:bd:3f:2d:7f:f4:17:9e:59: cc:dc:78:8f:1f:c0:f9:52:36:68:d3:2e:e1:20:03:06:66:99: 20:7e:b3:f9:6c:f3:03:53:a3:86:e9:4a:97:85:b5:89:50:8e: a0:f6:79:86:60:f8:31:7b:01:b9:2d:49:28:08:e2:16:9b:fc: 09:09:70:3c:91:a9:bb:85:89:58:b9:09:bf:cf:ac:99:b9:53: 33:b1:3d:7d:ab:3a:26:dc:22:b7:d8:81:23:ef:87:fd:18:e6: 1a:66:ff:1b:0f:20:a8:4a:4a:fa:11:1c:75:94:ee:02:40:92: 99:82:d2:93:1c:31:db:c3:12:03:b0:b3:f2:db:48:55:78:f8: a5:d6:52:fd:33:e1:b5:ca:99:47:dd:45:7f:bb:5f:cd:52:cd: 96:b0:e9:d0:c7:8e:0d:35:24:05:27:9c:bc:46:25:86:06:57: 0f:30:72:e3 -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgIUbr5aH3fbleAsXDwgXCsuQmhrg2YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRDVGM0QwMDAwMTEwLwYDVQQFEyhEQkIyM0M3RUU0 OTIyMTJFQTg1OEI3OEUxQzY2QkYyMjk4RTVBQ0Q0MB4XDTI2MDYwMzAyNTg1M1oX DTI3MDYwMjAzMDM1M1owMzExMC8GA1UEAxMoRUVDREI2QTA5MEI2MkIxNEY1REU1 NjI5NURGQTFBOTcwNDBBOUJDMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALy3zUT6q7apiCpknKfc2fBFelJPj1wbD23DFyfxBizr2E/GNdLBWl6sgN+r eU2dGKoD6CorZQnxx7cCeWRq5qO7I5V1tQbG5yyEoYWrceOpWPhgn9Px8i96GMCd 8f8VXK/69d+2SE8t3z+KkCHMA6lxK+mNF5LRvkd2+9nQDhIMRXFlX+5a+++7Lemb jQhIYnif+8pgurXCguJDDgJon5hN6feINmfAXeG6+MNwohOlibycXkkQcGlVrRHP sBw7o9qxvIYKYwTQRexgAa7w6yoQofT0e67BfVo0HjbbVsRx5Y2jwYrPXUgZyLiH cDhwsf1rjKiiNMA+FtpLnkdfIa0CAwEAAaOCAekwggHlMB0GA1UdDgQWBBTuzbag kLYrFPXeVild+hqXBAqbwTAfBgNVHSMEGDAWgBTbsjx+5JIhLqhYt44cZr8imOWs 1DAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk0ODcyODM0MDk1Nzc1NzQ3LzAvREJCMjND N0VFNDkyMjEyRUE4NThCNzhFMUM2NkJGMjI5OEU1QUNENC5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvMjdJOGZ1U1NJ UzZvV0xlT0hHYV9JcGpsck5RLmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NDg3MjgzNDA5 NTc3NTc0Ny8wL0FTMjM4NDEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABvH8QDBABvH+8wDQYJKoZIhvcN AQELBQADggEBACZbqDuxQueP6IZ7jRVL0ebxj+tn+Rsvkct5SaX/Fnf3JlNhcMJN sen5B/8EuS0Kt/purkeQIy/bO1P60YpSzbb2u9d6/EQfVzpYx0o2EvB2BXO9Py1/ 9BeeWczceI8fwPlSNmjTLuEgAwZmmSB+s/ls8wNTo4bpSpeFtYlQjqD2eYZg+DF7 AbktSSgI4hab/AkJcDyRqbuFiVi5Cb/PrJm5UzOxPX2rOibcIrfYgSPvh/0Y5hpm /xsPIKhKSvoRHHWU7gJAkpmC0pMcMdvDEgOws/LbSFV4+KXWUv0z4bXKmUfdRX+7 X81SzZaw6dDHjg01JAUnnLxGJYYGVw8wcuM= -----END CERTIFICATE-----Generated at Sun Jun 14 06:30:56 2026 by rpki-client