$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097062473040723971/0/323430373a323834303a3a2f33322d3332203d3e2030.roa File: 323430373a323834303a3a2f33322d3332203d3e2030.roa (raw, json) Hash identifier: zsGBjXcwxkrjK2vUTPfoTJ1+mSS0BV+nQCf2o4sbmDQ= Subject key identifier: 31:33:C9:BC:BC:40:B1:09:17:06:4C:7A:A2:07:89:B1:EF:99:0A:00 Certificate issuer: /CN=429F1E5B18A7A7C936E7F2A5D6F48F41416C61CE Certificate serial: 212FC47CE445474EE46E3D13FD643A54F497D336 Authority key identifier: 42:9F:1E:5B:18:A7:A7:C9:36:E7:F2:A5:D6:F4:8F:41:41:6C:61:CE Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/429F1E5B18A7A7C936E7F2A5D6F48F41416C61CE.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097062473040723971/0/323430373a323834303a3a2f33322d3332203d3e2030.roa Signing time: Thu 16 Apr 2026 08:59:53 +0000 ROA not before: Thu 16 Apr 2026 08:54:53 +0000 ROA not after: Thu 15 Apr 2027 08:59:53 +0000 asID: 0 IP address blocks: 2407:2840::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097062473040723971/0/429F1E5B18A7A7C936E7F2A5D6F48F41416C61CE.crl rsync://rpki-rps.cnnic.cn/repo/A1097062473040723971/0/429F1E5B18A7A7C936E7F2A5D6F48F41416C61CE.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/429F1E5B18A7A7C936E7F2A5D6F48F41416C61CE.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 17 Apr 2026 10:22:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:2f:c4:7c:e4:45:47:4e:e4:6e:3d:13:fd:64:3a:54:f4:97:d3:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=429F1E5B18A7A7C936E7F2A5D6F48F41416C61CE Validity Not Before: Apr 16 08:54:53 2026 GMT Not After : Apr 15 08:59:53 2027 GMT Subject: CN=3133C9BCBC40B10917064C7AA20789B1EF990A00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:89:f6:ab:dd:e2:c8:1f:2c:47:6b:3c:27:47: ff:03:06:7f:ec:a9:0b:ed:91:47:a5:5b:76:89:0c: f1:c1:ed:d2:c8:b2:d0:3f:5d:6c:e6:34:33:e2:2e: 64:c7:14:60:29:e1:cb:e8:ab:e4:73:69:85:59:5c: 76:37:4f:e5:cd:96:c5:0c:64:41:69:da:ce:e5:c5: fc:4d:62:c8:99:b6:3f:e4:b2:47:d2:1d:de:f5:03: e7:2f:a4:fc:31:30:35:ba:79:a1:4d:9a:48:1e:c2: 4c:9c:91:19:dc:1c:b6:c8:8b:d2:4c:eb:72:f3:ba: 74:24:6c:cb:7c:74:2c:d0:6d:97:2f:f2:53:2e:c8: 63:c5:71:da:fe:00:b3:9a:5a:d1:bb:15:eb:f1:6f: 79:75:0a:0e:60:e4:5f:32:d0:08:71:ef:f9:ce:56: cf:24:97:17:47:82:b0:49:eb:c2:72:2a:09:8c:ea: 50:f6:59:f1:09:b9:09:5a:b1:b2:5e:49:9c:12:cd: 19:e6:5f:d3:6d:47:a9:78:4a:ba:b7:23:17:97:ae: 6c:0a:bb:a9:e5:bb:1d:b4:25:28:2d:c8:21:cc:f8: ee:ea:fb:19:ab:3e:ee:88:02:7d:a9:bd:52:9c:da: 38:6c:43:20:0e:88:d3:8a:81:ea:d3:55:18:87:27: 4c:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:33:C9:BC:BC:40:B1:09:17:06:4C:7A:A2:07:89:B1:EF:99:0A:00 X509v3 Authority Key Identifier: keyid:42:9F:1E:5B:18:A7:A7:C9:36:E7:F2:A5:D6:F4:8F:41:41:6C:61:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097062473040723971/0/429F1E5B18A7A7C936E7F2A5D6F48F41416C61CE.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/429F1E5B18A7A7C936E7F2A5D6F48F41416C61CE.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097062473040723971/0/323430373a323834303a3a2f33322d3332203d3e2030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2407:2840::/32 Signature Algorithm: sha256WithRSAEncryption 34:67:a5:90:79:56:73:92:27:48:9b:6f:be:0a:98:fb:c9:0e: c2:e9:9d:42:3f:42:9f:f1:6f:13:c7:7b:af:10:37:3c:cc:57: b0:5c:f0:da:ed:1c:94:29:2e:e7:3e:36:aa:cf:24:3d:b5:7c: 96:40:33:7a:59:38:03:64:f8:b6:1b:20:72:f6:04:0e:4a:34: b7:5b:b0:e2:01:1e:a1:f2:1b:c7:6f:47:80:f9:8f:1d:62:91: f7:43:c9:41:89:ef:46:db:a0:f9:10:92:78:95:0a:07:8c:94: db:13:b4:51:51:06:64:45:37:4e:98:2d:31:6a:4d:51:b7:96: e2:8e:29:b2:56:b2:79:ca:a6:20:23:25:7c:ec:a0:09:aa:a4: 96:86:cd:40:c9:55:52:f9:50:bc:d7:3a:36:47:b1:92:17:4d: a0:23:81:3b:d4:71:4a:df:5c:40:2f:fe:80:2b:5c:fb:21:b8: fa:c3:b2:5b:cd:c2:6b:a5:cd:79:d4:a1:e0:ca:51:87:25:8a: 2a:cd:fd:d5:61:fd:f5:f7:1d:0a:c5:1b:f3:e2:2f:22:e4:d2: 9f:41:d6:c9:a0:e5:13:4a:51:02:2a:54:82:7b:c6:f1:bc:b9: bb:72:8b:04:4f:f4:0e:15:c4:3d:33:ea:9a:f2:ac:06:a1:70: 4b:fc:63:e0 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgIUIS/EfORFR07kbj0T/WQ6VPSX0zYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDI5RjFFNUIxOEE3QTdDOTM2RTdGMkE1RDZGNDhGNDE0 MTZDNjFDRTAeFw0yNjA0MTYwODU0NTNaFw0yNzA0MTUwODU5NTNaMDMxMTAvBgNV BAMTKDMxMzNDOUJDQkM0MEIxMDkxNzA2NEM3QUEyMDc4OUIxRUY5OTBBMDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPifar3eLIHyxHazwnR/8DBn/s qQvtkUelW3aJDPHB7dLIstA/XWzmNDPiLmTHFGAp4cvoq+RzaYVZXHY3T+XNlsUM ZEFp2s7lxfxNYsiZtj/kskfSHd71A+cvpPwxMDW6eaFNmkgewkyckRncHLbIi9JM 63LzunQkbMt8dCzQbZcv8lMuyGPFcdr+ALOaWtG7Fevxb3l1Cg5g5F8y0Ahx7/nO Vs8klxdHgrBJ68JyKgmM6lD2WfEJuQlasbJeSZwSzRnmX9NtR6l4Srq3IxeXrmwK u6nlux20JSgtyCHM+O7q+xmrPu6IAn2pvVKc2jhsQyAOiNOKgerTVRiHJ0zBAgMB AAGjggIKMIICBjAdBgNVHQ4EFgQUMTPJvLxAsQkXBkx6ogeJse+ZCgAwHwYDVR0j BBgwFoAUQp8eWxinp8k25/Kl1vSPQUFsYc4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NzA2MjQ3MzA0MDcyMzk3MS8wLzQyOUYxRTVCMThBN0E3QzkzNkU3RjJBNUQ2RjQ4 RjQxNDE2QzYxQ0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNDI5RjFFNUIxOEE3QTdDOTM2RTdGMkE1RDZGNDhGNDE0MTZDNjFDRS5jZXIw gYIGCCsGAQUFBwELBHYwdDByBggrBgEFBQcwC4ZmcnN5bmM6Ly9ycGtpLXJwcy5j bm5pYy5jbi9yZXBvL0ExMDk3MDYyNDczMDQwNzIzOTcxLzAvMzIzNDMwMzczYTMy MzgzNDMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkByhA MA0GCSqGSIb3DQEBCwUAA4IBAQA0Z6WQeVZzkidIm2++Cpj7yQ7C6Z1CP0Kf8W8T x3uvEDc8zFewXPDa7RyUKS7nPjaqzyQ9tXyWQDN6WTgDZPi2GyBy9gQOSjS3W7Di AR6h8hvHb0eA+Y8dYpH3Q8lBie9G26D5EJJ4lQoHjJTbE7RRUQZkRTdOmC0xak1R t5bijimyVrJ5yqYgIyV87KAJqqSWhs1AyVVS+VC81zo2R7GSF02gI4E71HFK31xA L/6AK1z7Ibj6w7JbzcJrpc151KHgylGHJYoqzf3VYf319x0KxRvz4i8i5NKfQdbJ oOUTSlECKlSCe8bxvLm7cosET/QOFcQ9M+qa8qwGoXBL/GPg -----END CERTIFICATE-----Generated at Thu Apr 16 22:36:05 2026 by rpki-client