$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065574560142786561/0/3232332e3136312e3232382e302f32322d3234203d3e2039383038.roa File: 3232332e3136312e3232382e302f32322d3234203d3e2039383038.roa (raw, json) Hash identifier: XDCS2daLYtXKFvp0xpsT26WdCPM/9HCQVWKOwtqJTaE= Subject key identifier: D2:96:7F:C0:3A:92:D9:C6:EE:FE:41:65:CA:B3:A2:B5:E2:AF:87:A0 Certificate issuer: /CN=CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7 Certificate serial: 3B1A29ECB043522BED55320E6DD79DFD8ABB075F Authority key identifier: CD:D5:5F:3D:78:FC:75:75:3F:F9:C6:C8:26:A7:D8:1A:A5:EB:EE:B7 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/3232332e3136312e3232382e302f32322d3234203d3e2039383038.roa Signing time: Wed 27 May 2026 07:34:55 +0000 ROA not before: Wed 27 May 2026 07:29:55 +0000 ROA not after: Wed 26 May 2027 07:34:55 +0000 asID: 9808 IP address blocks: 223.161.228.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.crl rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 May 2026 14:42:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:1a:29:ec:b0:43:52:2b:ed:55:32:0e:6d:d7:9d:fd:8a:bb:07:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7 Validity Not Before: May 27 07:29:55 2026 GMT Not After : May 26 07:34:55 2027 GMT Subject: CN=D2967FC03A92D9C6EEFE4165CAB3A2B5E2AF87A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:8f:cc:ac:ee:2d:23:dc:0e:bb:07:53:c3:95: 0f:a9:0e:8e:c2:4b:d5:c8:42:76:0b:bd:4f:8c:0b: e0:d6:cd:12:e2:53:d9:7b:12:5b:d4:5b:38:ab:9f: a3:09:a9:8b:20:95:db:e3:fd:19:6a:3d:1b:8b:95: c3:24:46:42:23:86:29:12:42:38:df:b9:ca:e9:74: 03:e2:69:b9:57:79:61:a4:79:07:96:f0:f4:65:2a: 0c:a8:14:89:34:30:1b:cd:a6:36:ef:d1:65:8e:15: 35:d3:62:a1:76:28:bd:62:a2:78:72:7f:19:57:51: 57:c6:51:b6:ef:fe:a2:44:36:f8:86:f1:58:1d:0e: 3e:f1:2c:55:b8:c6:b8:f3:70:ff:72:aa:a9:cc:2e: 5b:41:39:22:7e:fd:15:df:35:87:7f:88:d9:96:e2: 96:12:f9:4f:8b:e2:4f:e3:16:ba:2e:9d:ac:57:58: 91:ff:95:99:11:12:e9:05:4d:bd:d4:49:73:ec:f9: 00:dc:18:44:0a:b9:75:80:83:27:c2:27:4a:19:a6: 8c:f1:fd:f6:ab:38:cd:85:df:4a:1c:9f:9e:62:f6: 8b:29:cf:fc:f7:50:53:0c:d4:c6:3b:83:70:69:dd: fc:a2:e8:a0:7a:92:97:52:a0:c7:34:5e:c9:70:e0: 05:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:96:7F:C0:3A:92:D9:C6:EE:FE:41:65:CA:B3:A2:B5:E2:AF:87:A0 X509v3 Authority Key Identifier: keyid:CD:D5:5F:3D:78:FC:75:75:3F:F9:C6:C8:26:A7:D8:1A:A5:EB:EE:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CDD55F3D78FC75753FF9C6C826A7D81AA5EBEEB7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065574560142786561/0/3232332e3136312e3232382e302f32322d3234203d3e2039383038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 223.161.228.0/22 Signature Algorithm: sha256WithRSAEncryption 5d:0e:4d:16:57:9e:69:03:8f:e3:f2:7f:2b:b6:a2:cb:f8:22: 97:62:7b:9a:aa:2c:97:ea:a3:5b:e1:2e:13:93:27:66:dc:c9: 40:94:c2:6c:77:58:e1:98:f5:26:8a:5b:25:76:13:66:23:13: 8a:9a:dc:db:ab:8f:6f:9a:d2:1d:45:0d:29:2e:ad:b9:ba:b6: 0d:9a:b7:41:b9:cc:30:f4:5c:c3:d0:00:0a:ae:92:3d:cc:9f: 0d:03:75:88:ea:31:68:8d:7c:06:66:6e:66:a6:39:16:59:b5: ab:e3:ee:97:bd:6e:32:39:77:b9:33:54:da:66:28:fa:63:04: b9:79:58:6e:c3:e5:36:fe:dd:01:00:7b:2d:01:1f:2e:22:d4: 5d:ce:7e:08:f2:7a:36:05:21:6e:49:49:64:fe:ba:05:20:f3: 2e:7c:42:f0:49:58:ad:6d:80:c0:96:e5:58:5a:ad:fc:93:8a: 28:f8:c2:7f:fe:38:40:7f:37:0b:e8:9f:48:8a:f3:84:c7:b2: 70:1c:21:e6:ab:a5:f4:de:8d:9e:aa:64:14:5a:b2:65:30:72: ed:da:c7:a7:fe:7e:18:67:23:15:28:23:fc:92:d2:02:9c:68: f9:fd:b2:61:52:a0:a5:d2:cf:9f:b0:00:4c:70:b5:2e:5f:e5: 0e:11:3d:ae -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgIUOxop7LBDUivtVTIObded/Yq7B18wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0RENTVGM0Q3OEZDNzU3NTNGRjlDNkM4MjZBN0Q4MUFB NUVCRUVCNzAeFw0yNjA1MjcwNzI5NTVaFw0yNzA1MjYwNzM0NTVaMDMxMTAvBgNV BAMTKEQyOTY3RkMwM0E5MkQ5QzZFRUZFNDE2NUNBQjNBMkI1RTJBRjg3QTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDij8ys7i0j3A67B1PDlQ+pDo7C S9XIQnYLvU+MC+DWzRLiU9l7ElvUWzirn6MJqYsgldvj/RlqPRuLlcMkRkIjhikS QjjfucrpdAPiablXeWGkeQeW8PRlKgyoFIk0MBvNpjbv0WWOFTXTYqF2KL1ionhy fxlXUVfGUbbv/qJENviG8VgdDj7xLFW4xrjzcP9yqqnMLltBOSJ+/RXfNYd/iNmW 4pYS+U+L4k/jFrounaxXWJH/lZkREukFTb3USXPs+QDcGEQKuXWAgyfCJ0oZpozx /farOM2F30ocn55i9ospz/z3UFMM1MY7g3Bp3fyi6KB6kpdSoMc0Xslw4AXvAgMB AAGjggIUMIICEDAdBgNVHQ4EFgQU0pZ/wDqS2cbu/kFlyrOiteKvh6AwHwYDVR0j BBgwFoAUzdVfPXj8dXU/+cbIJqfYGqXr7rcwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NDU2MDE0Mjc4NjU2MS8wL0NERDU1RjNENzhGQzc1NzUzRkY5QzZDODI2QTdE ODFBQTVFQkVFQjcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQ0RENTVGM0Q3OEZDNzU3NTNGRjlDNkM4MjZBN0Q4MUFBNUVCRUVCNy5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS1ycHMu Y25uaWMuY24vcmVwby9BMTA2NTU3NDU2MDE0Mjc4NjU2MS8wLzMyMzIzMzJlMzEz NjMxMmUzMjMyMzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzOTM4MzAzOC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEAt+h5DANBgkqhkiG9w0BAQsFAAOCAQEAXQ5NFleeaQOP4/J/K7aiy/gi l2J7mqosl+qjW+EuE5MnZtzJQJTCbHdY4Zj1JopbJXYTZiMTiprc26uPb5rSHUUN KS6tubq2DZq3QbnMMPRcw9AACq6SPcyfDQN1iOoxaI18BmZuZqY5Flm1q+Pul71u Mjl3uTNU2mYo+mMEuXlYbsPlNv7dAQB7LQEfLiLUXc5+CPJ6NgUhbklJZP66BSDz LnxC8ElYrW2AwJblWFqt/JOKKPjCf/44QH83C+ifSIrzhMeycBwh5qul9N6Nnqpk FFqyZTBy7drHp/5+GGcjFSgj/JLSApxo+f2yYVKgpdLPn7AATHC1Ll/lDhE9rg== -----END CERTIFICATE-----Generated at Sat May 30 00:03:03 2026 by rpki-client