$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097161405301260290/0/3232332e3235352e3233362e302f32342d3234203d3e203536303030.roa File: 3232332e3235352e3233362e302f32342d3234203d3e203536303030.roa (raw, json) Hash identifier: 5Z2RS7xTpyntFttcy8ElSigLdmkbVxoyMDpFQuVXz5s= Subject key identifier: 2C:04:AD:73:9C:56:67:05:2C:D7:7A:BA:E0:93:94:0A:5D:6F:A7:43 Certificate issuer: /CN=86543D1F2F4A32A976AD0690E9A23AA2D621AC7D Certificate serial: 33D35981CC040436D5C827053E2DC17734DD503C Authority key identifier: 86:54:3D:1F:2F:4A:32:A9:76:AD:06:90:E9:A2:3A:A2:D6:21:AC:7D Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/86543D1F2F4A32A976AD0690E9A23AA2D621AC7D.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097161405301260290/0/3232332e3235352e3233362e302f32342d3234203d3e203536303030.roa Signing time: Thu 16 Apr 2026 14:09:57 +0000 ROA not before: Thu 16 Apr 2026 14:04:57 +0000 ROA not after: Thu 15 Apr 2027 14:09:57 +0000 asID: 56000 IP address blocks: 223.255.236.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097161405301260290/0/86543D1F2F4A32A976AD0690E9A23AA2D621AC7D.crl rsync://rpki-rps.cnnic.cn/repo/A1097161405301260290/0/86543D1F2F4A32A976AD0690E9A23AA2D621AC7D.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/86543D1F2F4A32A976AD0690E9A23AA2D621AC7D.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 18 Apr 2026 11:47:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:d3:59:81:cc:04:04:36:d5:c8:27:05:3e:2d:c1:77:34:dd:50:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86543D1F2F4A32A976AD0690E9A23AA2D621AC7D Validity Not Before: Apr 16 14:04:57 2026 GMT Not After : Apr 15 14:09:57 2027 GMT Subject: CN=2C04AD739C5667052CD77ABAE093940A5D6FA743 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b0:e8:74:cc:d2:d7:76:53:b5:1c:b7:95:ed: 28:18:b0:fd:07:2b:fc:57:8b:e9:76:b2:1f:bc:4d: ad:41:e9:f4:12:72:79:65:4f:d4:1a:c2:da:6e:63: 26:d5:20:36:57:13:ed:9f:1b:dd:25:1a:de:76:f9: b2:10:1b:27:e5:f4:4e:bf:e6:c9:9b:72:74:6d:f2: d4:70:70:04:d2:0b:42:c6:a1:76:d6:1e:aa:f0:c3: 1a:d9:c7:af:0d:1f:76:84:a3:1d:a4:49:b3:87:64: 80:9f:a9:69:c0:a7:d6:ae:92:b7:24:d0:e0:97:61: 75:e0:12:05:b2:2e:6e:15:6e:35:45:96:1f:83:b9: 42:3d:1c:6b:4e:38:cc:f0:8c:5a:e2:98:94:5a:4f: 0c:ca:4c:8e:84:5a:9e:18:13:16:e6:e1:7a:4c:39: b4:b1:41:3a:2d:5a:08:fc:f8:c0:8c:6c:a3:01:8f: 6c:c7:69:ea:45:da:0c:58:2a:8f:ae:ac:bc:04:0f: 68:7c:8c:1c:f6:3a:ea:df:39:2f:01:f5:87:c6:98: 71:38:65:f7:63:28:2e:4b:40:b9:5a:d6:53:a9:6c: 56:46:38:a9:ff:b5:7c:a4:87:9b:ed:4b:b9:3c:ee: 55:5c:73:33:df:10:88:e4:0a:90:c1:f4:5d:02:80: 5e:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:04:AD:73:9C:56:67:05:2C:D7:7A:BA:E0:93:94:0A:5D:6F:A7:43 X509v3 Authority Key Identifier: keyid:86:54:3D:1F:2F:4A:32:A9:76:AD:06:90:E9:A2:3A:A2:D6:21:AC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097161405301260290/0/86543D1F2F4A32A976AD0690E9A23AA2D621AC7D.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/86543D1F2F4A32A976AD0690E9A23AA2D621AC7D.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097161405301260290/0/3232332e3235352e3233362e302f32342d3234203d3e203536303030.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.255.236.0/24 Signature Algorithm: sha256WithRSAEncryption 90:78:33:42:bb:a9:3d:cd:d8:66:99:a5:a5:75:93:a0:f0:a7: 5f:0f:ff:f1:87:08:bb:85:08:fc:15:70:d2:09:e3:3b:cd:e3: 48:50:79:ce:ae:35:9d:e2:5a:5f:ac:fe:f0:66:3e:b0:f9:43: ee:59:d5:a2:e0:f7:73:bd:77:ff:b7:60:d8:38:dc:8f:71:a1: ab:4c:11:b9:36:a5:d0:ca:55:52:e5:0f:97:b5:ca:fb:1a:c0: d9:94:59:dd:4e:52:52:df:b7:65:f4:58:66:b7:18:7d:6d:a4: 6b:53:4c:5b:41:fa:e2:39:f0:0d:f1:1f:59:9e:48:1e:7f:88: 27:ec:83:62:6f:40:b0:67:0a:19:6b:39:ad:49:49:21:f3:da: f0:2e:19:2b:47:f8:a6:bd:61:57:77:e1:4a:0f:15:6f:71:e1: 46:9b:4b:8a:a7:6a:65:9e:e4:fc:0f:df:e4:0c:c6:3c:0f:c2: f9:78:fa:18:62:d3:5a:2f:2e:89:81:d4:0b:4e:60:4d:61:a5: f3:01:9d:df:cc:06:72:16:69:27:f4:70:7c:1b:29:25:d3:09: 08:06:09:c3:f4:08:d7:c5:98:ac:d6:69:87:65:48:5d:30:e1: ed:ae:b0:1b:77:b9:d6:a5:5c:1c:42:96:93:93:46:a2:3f:ee: 8e:de:fe:5b -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUM9NZgcwEBDbVyCcFPi3BdzTdUDwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODY1NDNEMUYyRjRBMzJBOTc2QUQwNjkwRTlBMjNBQTJE NjIxQUM3RDAeFw0yNjA0MTYxNDA0NTdaFw0yNzA0MTUxNDA5NTdaMDMxMTAvBgNV BAMTKDJDMDRBRDczOUM1NjY3MDUyQ0Q3N0FCQUUwOTM5NDBBNUQ2RkE3NDMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqsOh0zNLXdlO1HLeV7SgYsP0H K/xXi+l2sh+8Ta1B6fQScnllT9QawtpuYybVIDZXE+2fG90lGt52+bIQGyfl9E6/ 5smbcnRt8tRwcATSC0LGoXbWHqrwwxrZx68NH3aEox2kSbOHZICfqWnAp9aukrck 0OCXYXXgEgWyLm4VbjVFlh+DuUI9HGtOOMzwjFrimJRaTwzKTI6EWp4YExbm4XpM ObSxQTotWgj8+MCMbKMBj2zHaepF2gxYKo+urLwED2h8jBz2OurfOS8B9YfGmHE4 ZfdjKC5LQLla1lOpbFZGOKn/tXykh5vtS7k87lVcczPfEIjkCpDB9F0CgF6nAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQULAStc5xWZwUs13q64JOUCl1vp0MwHwYDVR0j BBgwFoAUhlQ9Hy9KMql2rQaQ6aI6otYhrH0wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NzE2MTQwNTMwMTI2MDI5MC8wLzg2NTQzRDFGMkY0QTMyQTk3NkFEMDY5MEU5QTIz QUEyRDYyMUFDN0QuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvODY1NDNEMUYyRjRBMzJBOTc2QUQwNjkwRTlBMjNBQTJENjIxQUM3RC5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTcxNjE0MDUzMDEyNjAyOTAvMC8zMjMyMzMyZTMy MzUzNTJlMzIzMzM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNjMwMzAzMC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAN//7DANBgkqhkiG9w0BAQsFAAOCAQEAkHgzQrupPc3YZpmlpXWT oPCnXw//8YcIu4UI/BVw0gnjO83jSFB5zq41neJaX6z+8GY+sPlD7lnVouD3c713 /7dg2Djcj3Ghq0wRuTal0MpVUuUPl7XK+xrA2ZRZ3U5SUt+3ZfRYZrcYfW2ka1NM W0H64jnwDfEfWZ5IHn+IJ+yDYm9AsGcKGWs5rUlJIfPa8C4ZK0f4pr1hV3fhSg8V b3HhRptLiqdqZZ7k/A/f5AzGPA/C+Xj6GGLTWi8uiYHUC05gTWGl8wGd38wGchZp J/RwfBspJdMJCAYJw/QI18WYrNZph2VIXTDh7a6wG3e51qVcHEKWk5NGoj/ujt7+ Ww== -----END CERTIFICATE-----Generated at Sat Apr 18 01:20:50 2026 by rpki-client