$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS4811.roa File: AS4811.roa (raw, json) Hash identifier: 2jDjQUel0zlH7itK9s3OK0u6SFn2qOohTf9T72QlRpI= Subject key identifier: 7E:B5:6A:66:2D:F3:91:51:17:BD:F5:26:9F:71:69:34:69:99:25:21 Certificate issuer: /CN=A9EF6BDE84A8B115C80721B280C9470B3BC0D886 Certificate serial: 2355C7ED5F1537FD69D69440A601136CDF8DEC0C Authority key identifier: A9:EF:6B:DE:84:A8:B1:15:C8:07:21:B2:80:C9:47:0B:3B:C0:D8:86 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS4811.roa Signing time: Fri 05 Jun 2026 04:41:40 +0000 ROA not before: Fri 05 Jun 2026 04:36:40 +0000 ROA not after: Fri 04 Jun 2027 04:41:40 +0000 asID: 4811 IP address blocks: 110.43.128.0/21 maxlen: 21 110.43.136.0/21 maxlen: 21 110.43.144.0/21 maxlen: 21 110.43.152.0/21 maxlen: 21 120.92.128.0/21 maxlen: 21 120.92.136.0/21 maxlen: 21 120.92.144.0/21 maxlen: 21 120.92.152.0/21 maxlen: 21 120.92.160.0/21 maxlen: 21 120.92.168.0/21 maxlen: 21 120.92.176.0/21 maxlen: 21 120.92.184.0/21 maxlen: 21 120.92.184.0/23 maxlen: 23 120.92.216.0/22 maxlen: 22 120.92.224.0/23 maxlen: 23 120.92.226.0/23 maxlen: 23 120.92.228.0/23 maxlen: 23 120.92.230.0/23 maxlen: 23 120.92.232.0/23 maxlen: 23 120.92.234.0/23 maxlen: 23 120.92.236.0/23 maxlen: 23 120.92.238.0/23 maxlen: 23 2401:1d40:2000::/48 maxlen: 48 2401:1d40:2001::/48 maxlen: 48 2401:1d40:2100::/48 maxlen: 48 2401:1d40:2f00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.crl rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 14 Jun 2026 16:02:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:55:c7:ed:5f:15:37:fd:69:d6:94:40:a6:01:13:6c:df:8d:ec:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9EF6BDE84A8B115C80721B280C9470B3BC0D886 Validity Not Before: Jun 5 04:36:40 2026 GMT Not After : Jun 4 04:41:40 2027 GMT Subject: CN=7EB56A662DF3915117BDF5269F71693469992521 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4b:64:73:76:08:08:1c:17:71:0b:d6:46:f6: ac:df:fb:97:28:fc:2c:f7:81:c7:6e:1e:d2:f1:aa: 49:8e:76:5d:86:a4:01:50:3a:8d:f4:9d:7a:cf:45: ac:8c:50:c4:c9:db:c8:ca:2b:bc:6c:bd:97:38:01: 90:01:f4:58:b8:69:0d:cb:02:e4:61:84:33:5a:45: 03:00:c6:13:d8:8d:9c:42:3a:14:22:4d:0b:8e:5f: be:10:9a:a9:39:67:38:2d:4b:15:a2:10:8d:01:10: e6:d7:2c:a3:6b:9f:98:c9:9b:95:9b:ec:a6:40:ed: b3:3f:54:71:92:c6:23:60:fc:16:f4:e8:c9:43:08: 06:07:3e:b6:07:b1:02:08:10:43:29:49:ad:56:08: e7:65:d6:87:0f:74:a1:d3:8c:46:05:b0:32:10:92: 94:ac:bf:21:d9:1a:a0:7e:11:c1:81:24:57:5f:d2: 39:88:61:03:a7:d4:bb:c5:5b:18:56:f0:c4:80:71: be:ed:ed:67:c2:8c:3d:8b:d8:da:c3:23:c8:90:4a: ec:82:ee:55:38:6d:5c:2b:8b:c4:22:07:03:cd:b6: b7:38:8f:f5:a1:ae:e4:26:2e:f0:f1:80:29:7e:dc: 83:b2:ed:2d:46:c8:cb:6c:33:e3:d4:d2:fc:35:ce: a7:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:B5:6A:66:2D:F3:91:51:17:BD:F5:26:9F:71:69:34:69:99:25:21 X509v3 Authority Key Identifier: keyid:A9:EF:6B:DE:84:A8:B1:15:C8:07:21:B2:80:C9:47:0B:3B:C0:D8:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A9EF6BDE84A8B115C80721B280C9470B3BC0D886.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1105044324229316617/0/AS4811.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 110.43.128.0/19 120.92.128.0/18 120.92.216.0/22 120.92.224.0/20 IPv6: 2401:1d40:2000::/47 2401:1d40:2100::/48 2401:1d40:2f00::/48 Signature Algorithm: sha256WithRSAEncryption 46:ed:05:d1:73:3f:b0:31:38:68:a6:2b:79:d5:57:0f:4f:a9: 53:6d:fa:94:8f:6c:1c:4f:24:d8:4d:59:99:ba:cc:2f:ed:50: 55:97:99:6d:0f:e6:d1:5b:28:f2:f5:8f:c9:0f:58:ff:83:84: 91:7c:a6:80:bf:dd:90:76:aa:20:7c:dc:c9:e9:84:ef:00:cf: a9:48:02:a8:c3:96:67:51:0d:f5:ef:f9:20:2c:78:23:8c:96: d5:e3:8c:3f:e5:29:3b:f2:fe:cd:c0:8f:18:37:d4:f7:33:31: a9:a7:fb:c1:05:53:db:24:16:5e:a7:11:e1:90:a5:c9:76:9b: 25:3d:a9:9b:a9:63:02:ec:d7:af:0e:03:74:87:e4:74:1f:bd: 3d:8e:8b:18:04:89:a9:45:5c:72:91:db:81:b6:00:b5:0c:b2: 76:f3:76:9b:6c:1f:7c:6d:02:ac:d3:eb:96:c9:21:17:dc:44: 73:71:f4:f5:e3:6c:a2:60:d8:95:77:1f:7f:9c:96:7d:0e:4d: 65:fa:6e:d5:ac:a8:3c:66:7a:b6:13:3a:82:e2:0c:d3:dd:97: d5:a6:b3:f0:6a:f2:8a:45:fd:e3:0b:50:da:ee:61:95:d6:d9: 2c:bd:6f:10:36:3a:04:89:1b:34:7c:e2:c7:38:32:b1:40:fb: 99:4d:d5:7c -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUI1XH7V8VN/1p1pRApgETbN+N7AwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQTlFRjZCREU4NEE4QjExNUM4MDcyMUIyODBDOTQ3MEIz QkMwRDg4NjAeFw0yNjA2MDUwNDM2NDBaFw0yNzA2MDQwNDQxNDBaMDMxMTAvBgNV BAMTKDdFQjU2QTY2MkRGMzkxNTExN0JERjUyNjlGNzE2OTM0Njk5OTI1MjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0S2RzdggIHBdxC9ZG9qzf+5co /Cz3gcduHtLxqkmOdl2GpAFQOo30nXrPRayMUMTJ28jKK7xsvZc4AZAB9Fi4aQ3L AuRhhDNaRQMAxhPYjZxCOhQiTQuOX74Qmqk5ZzgtSxWiEI0BEObXLKNrn5jJm5Wb 7KZA7bM/VHGSxiNg/Bb06MlDCAYHPrYHsQIIEEMpSa1WCOdl1ocPdKHTjEYFsDIQ kpSsvyHZGqB+EcGBJFdf0jmIYQOn1LvFWxhW8MSAcb7t7WfCjD2L2NrDI8iQSuyC 7lU4bVwri8QiBwPNtrc4j/WhruQmLvDxgCl+3IOy7S1GyMtsM+PU0vw1zqczAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUfrVqZi3zkVEXvfUmn3FpNGmZJSEwHwYDVR0j BBgwFoAUqe9r3oSosRXIByGygMlHCzvA2IYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw NTA0NDMyNDIyOTMxNjYxNy8wL0E5RUY2QkRFODRBOEIxMTVDODA3MjFCMjgwQzk0 NzBCM0JDMEQ4ODYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQTlFRjZCREU4NEE4QjExNUM4MDcyMUIyODBDOTQ3MEIzQkMwRDg4Ni5jZXIw XAYIKwYBBQUHAQsEUDBOMEwGCCsGAQUFBzALhkByc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTExMDUwNDQzMjQyMjkzMTY2MTcvMC9BUzQ4MTEucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwVAYIKwYBBQUHAQcBAf8ERTBDMB4EAgAB MBgDBAVuK4ADBAZ4XIADBAJ4XNgDBAR4XOAwIQQCAAIwGwMHASQBHUAgAAMHACQB HUAhAAMHACQBHUAvADANBgkqhkiG9w0BAQsFAAOCAQEARu0F0XM/sDE4aKYredVX D0+pU236lI9sHE8k2E1ZmbrML+1QVZeZbQ/m0Vso8vWPyQ9Y/4OEkXymgL/dkHaq IHzcyemE7wDPqUgCqMOWZ1EN9e/5ICx4I4yW1eOMP+UpO/L+zcCPGDfU9zMxqaf7 wQVT2yQWXqcR4ZClyXabJT2pm6ljAuzXrw4DdIfkdB+9PY6LGASJqUVccpHbgbYA tQyydvN2m2wffG0CrNPrlskhF9xEc3H09eNsomDYlXcff5yWfQ5NZfpu1ayoPGZ6 thM6guIM092X1aaz8GryikX94wtQ2u5hldbZLL1vEDY6BIkbNHzixzgysUD7mU3V fA== -----END CERTIFICATE-----Generated at Sat Jun 13 22:38:53 2026 by rpki-client