$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096632062997168131/0/34332e3234302e3133302e302f32332d3233203d3e20313338343231.roa File: 34332e3234302e3133302e302f32332d3233203d3e20313338343231.roa (raw, json) Hash identifier: 9Xk1yquriI3yN6B+gh0BNkcDfmZSm7eK9cb3WGT6hLQ= Subject key identifier: B8:A7:15:C9:53:DC:17:45:60:FD:C6:4A:66:37:9D:7F:30:D2:4F:62 Certificate issuer: /CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Certificate serial: 11421D368E920531D6C30D61D2D29846544D2526 Authority key identifier: C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/34332e3234302e3133302e302f32332d3233203d3e20313338343231.roa Signing time: Fri 17 Apr 2026 09:42:18 +0000 ROA not before: Fri 17 Apr 2026 09:37:18 +0000 ROA not after: Fri 16 Apr 2027 09:42:18 +0000 asID: 138421 IP address blocks: 43.240.130.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 12:52:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:42:1d:36:8e:92:05:31:d6:c3:0d:61:d2:d2:98:46:54:4d:25:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Validity Not Before: Apr 17 09:37:18 2026 GMT Not After : Apr 16 09:42:18 2027 GMT Subject: CN=B8A715C953DC174560FDC64A66379D7F30D24F62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:62:d5:d9:a0:7d:e6:69:bd:ad:76:1d:d9:3a: 12:ce:f7:67:96:b3:d2:0f:72:be:6e:82:22:8e:1b: 45:30:57:07:9c:ab:5d:85:55:9f:7a:94:fb:54:50: 8e:73:a7:df:3f:f1:8c:6e:cc:c8:13:2f:84:be:82: 68:b1:bf:11:b2:4e:4f:e2:7d:05:b4:19:72:bb:09: 71:22:5e:19:81:a1:0d:fd:45:11:7b:07:6f:59:a6: 96:b3:a6:25:df:8f:1b:bc:94:13:d4:38:a2:12:43: 22:c5:dd:11:31:22:46:41:f2:4a:9b:73:1b:89:bc: b7:c4:20:d1:3d:c5:32:19:df:b0:be:00:52:a2:4e: 2f:88:d3:a0:0f:bb:33:ee:1c:fe:a0:93:9a:69:2e: 4b:ca:b3:94:57:85:3d:93:30:d2:93:be:c8:da:74: eb:a1:dc:28:5d:ac:a5:34:fb:79:ad:58:bf:f6:f3: 3e:bd:55:6e:b9:08:87:79:48:6d:fc:c9:95:2b:8f: 0a:b1:91:2a:13:23:64:67:dc:75:51:0e:a9:9a:70: fa:bc:87:71:ed:68:73:8c:a1:ca:db:d9:9c:73:99: 8a:89:ec:b6:e7:da:95:65:96:ab:ea:f1:a3:5a:9a: 99:9e:40:29:83:94:ba:4e:b5:2e:53:b4:b9:63:a4: f2:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:A7:15:C9:53:DC:17:45:60:FD:C6:4A:66:37:9D:7F:30:D2:4F:62 X509v3 Authority Key Identifier: keyid:C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/34332e3234302e3133302e302f32332d3233203d3e20313338343231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.130.0/23 Signature Algorithm: sha256WithRSAEncryption 92:8a:a6:12:e2:ca:2c:87:9a:6f:be:34:c6:32:39:9d:ef:dc: f5:a9:b2:b7:9f:ae:61:d3:0e:89:f0:8c:48:b9:8f:ed:cf:bf: 2b:f5:ae:25:f1:50:12:79:36:39:82:db:6c:5f:5d:d1:10:8d: b2:c8:93:6f:25:ed:49:29:62:3c:47:c0:72:0f:5e:2a:81:0f: c8:70:50:87:fc:43:b8:0c:8b:7c:47:d5:91:31:49:ab:72:06: 83:a7:72:e1:f9:26:c0:36:05:54:8f:41:18:c2:5d:10:f6:d7: 6f:6b:82:c7:53:ac:94:0b:a0:46:b0:3d:2c:da:f2:e8:db:64: a5:87:5b:d0:60:f3:4a:4f:83:bc:58:71:32:b4:cd:32:2c:b3: a4:00:fc:85:4d:53:90:6e:ed:c7:1a:93:75:cd:cf:13:00:b7: 25:26:ed:bc:31:66:99:fe:b9:5c:69:e2:81:57:16:8b:c1:5f: d7:0b:54:1b:1b:b4:b4:11:f1:c6:d2:86:4b:d8:b8:9d:21:47: a1:d7:d0:23:55:be:a3:a2:36:c2:5e:b7:d7:b7:b1:64:7e:46: b1:ab:87:bb:7d:22:d7:54:f6:bc:3f:96:84:d7:23:57:23:54: d4:36:6b:2c:3e:40:97:dc:72:71:b8:c2:dc:a7:b1:e3:45:db: 52:9c:96:17 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUEUIdNo6SBTHWww1h0tKYRlRNJSYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQy MjEwNjQyNjAeFw0yNjA0MTcwOTM3MThaFw0yNzA0MTYwOTQyMThaMDMxMTAvBgNV BAMTKEI4QTcxNUM5NTNEQzE3NDU2MEZEQzY0QTY2Mzc5RDdGMzBEMjRGNjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsYtXZoH3mab2tdh3ZOhLO92eW s9IPcr5ugiKOG0UwVwecq12FVZ96lPtUUI5zp98/8YxuzMgTL4S+gmixvxGyTk/i fQW0GXK7CXEiXhmBoQ39RRF7B29ZppazpiXfjxu8lBPUOKISQyLF3RExIkZB8kqb cxuJvLfEINE9xTIZ37C+AFKiTi+I06APuzPuHP6gk5ppLkvKs5RXhT2TMNKTvsja dOuh3ChdrKU0+3mtWL/28z69VW65CId5SG38yZUrjwqxkSoTI2Rn3HVRDqmacPq8 h3HtaHOMocrb2ZxzmYqJ7Lbn2pVllqvq8aNampmeQCmDlLpOtS5TtLljpPJhAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUuKcVyVPcF0Vg/cZKZjedfzDST2IwHwYDVR0j BBgwFoAUyJiBsxX34hupSM+csR0axCIQZCYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjYzMjA2Mjk5NzE2ODEzMS8wL0M4OTg4MUIzMTVGN0UyMUJBOTQ4Q0Y5Q0IxMUQx QUM0MjIxMDY0MjYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQyMjEwNjQyNi5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTY2MzIwNjI5OTcxNjgxMzEvMC8zNDMzMmUzMjM0 MzAyZTMxMzMzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMxMzMzODM0MzIzMS5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEASvwgjANBgkqhkiG9w0BAQsFAAOCAQEAkoqmEuLKLIeab740xjI5 ne/c9amyt5+uYdMOifCMSLmP7c+/K/WuJfFQEnk2OYLbbF9d0RCNssiTbyXtSSli PEfAcg9eKoEPyHBQh/xDuAyLfEfVkTFJq3IGg6dy4fkmwDYFVI9BGMJdEPbXb2uC x1OslAugRrA9LNry6NtkpYdb0GDzSk+DvFhxMrTNMiyzpAD8hU1TkG7txxqTdc3P EwC3JSbtvDFmmf65XGnigVcWi8Ff1wtUGxu0tBHxxtKGS9i4nSFHodfQI1W+o6I2 wl6317exZH5GsauHu30i11T2vD+WhNcjVyNU1DZrLD5Al9xycbjC3Kex40XbUpyW Fw== -----END CERTIFICATE-----Generated at Fri Apr 17 19:42:38 2026 by rpki-client