$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065576199947943939/0/3231382e3234392e3134342e302f32312d3231203d3e2034383038.roa File: 3231382e3234392e3134342e302f32312d3231203d3e2034383038.roa (raw, json) Hash identifier: 9efa0FfQVbswqYv6PbvoQbeLjxREFtG+cBI3w5yTTL8= Subject key identifier: A3:A7:69:D5:FC:7B:C4:4E:B1:CF:A4:3E:48:FD:D7:9B:64:5D:B6:D7 Certificate issuer: /CN=AE487B72C4F38EA548F6721BB60B773705BD9515 Certificate serial: 27C11A0B605A32E1FF03CD846D8C53FDBDE15748 Authority key identifier: AE:48:7B:72:C4:F3:8E:A5:48:F6:72:1B:B6:0B:77:37:05:BD:95:15 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/AE487B72C4F38EA548F6721BB60B773705BD9515.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065576199947943939/0/3231382e3234392e3134342e302f32312d3231203d3e2034383038.roa Signing time: Tue 21 Apr 2026 06:26:41 +0000 ROA not before: Tue 21 Apr 2026 06:21:41 +0000 ROA not after: Tue 20 Apr 2027 06:26:41 +0000 asID: 4808 IP address blocks: 218.249.144.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065576199947943939/0/AE487B72C4F38EA548F6721BB60B773705BD9515.crl rsync://rpki-rps.cnnic.cn/repo/A1065576199947943939/0/AE487B72C4F38EA548F6721BB60B773705BD9515.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/AE487B72C4F38EA548F6721BB60B773705BD9515.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 00:03:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:c1:1a:0b:60:5a:32:e1:ff:03:cd:84:6d:8c:53:fd:bd:e1:57:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AE487B72C4F38EA548F6721BB60B773705BD9515 Validity Not Before: Apr 21 06:21:41 2026 GMT Not After : Apr 20 06:26:41 2027 GMT Subject: CN=A3A769D5FC7BC44EB1CFA43E48FDD79B645DB6D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:eb:d3:de:40:4f:21:4d:14:98:64:63:d1:d4: 49:3f:d9:6f:09:c8:ea:39:9d:40:a2:38:87:b1:31: 26:0c:56:ad:e2:1e:ee:97:4f:8b:d4:09:82:9b:8e: ad:20:48:ac:e8:00:62:84:12:1d:c2:48:8b:3a:00: e3:64:d9:ac:5e:61:c4:8e:3d:c8:c7:f7:58:02:7d: 3c:96:18:a3:53:d8:6f:36:fe:25:31:33:05:97:20: b2:36:22:ca:84:c3:d2:5b:30:4c:4a:4e:19:ee:4f: 3e:c1:c8:47:a2:4a:61:dc:8d:bd:eb:0a:e6:ca:10: 9b:fd:d8:e7:eb:b6:74:e0:85:47:b5:45:67:c3:40: 6d:11:96:a5:ca:47:70:1e:c8:b4:ff:44:32:2f:15: eb:1d:dd:20:8c:46:9b:04:2e:ca:b6:3a:60:d3:a6: ed:e3:96:ac:b4:69:e4:fb:ee:9e:87:77:32:b6:c2: ca:44:9c:a0:7d:0f:26:09:3f:5d:3c:a2:b5:49:b6: 2d:d2:fa:6e:6c:ba:27:94:33:5d:fa:4f:fe:8d:d0: 58:36:a0:be:27:b3:9a:95:43:84:b2:0d:e0:10:ea: 1c:aa:7c:c2:3c:d3:7a:1c:b7:41:58:79:27:8f:18: f1:dd:ac:94:89:a6:cc:6d:51:7f:81:1c:62:e0:1d: d0:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:A7:69:D5:FC:7B:C4:4E:B1:CF:A4:3E:48:FD:D7:9B:64:5D:B6:D7 X509v3 Authority Key Identifier: keyid:AE:48:7B:72:C4:F3:8E:A5:48:F6:72:1B:B6:0B:77:37:05:BD:95:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065576199947943939/0/AE487B72C4F38EA548F6721BB60B773705BD9515.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/AE487B72C4F38EA548F6721BB60B773705BD9515.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065576199947943939/0/3231382e3234392e3134342e302f32312d3231203d3e2034383038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 218.249.144.0/21 Signature Algorithm: sha256WithRSAEncryption 3d:b9:c9:cc:d8:c1:8d:8a:a5:d6:8f:7c:fa:64:ac:30:f4:d3: bc:60:50:19:14:70:e7:e9:8e:3a:a8:14:35:31:a7:f8:20:b6: 8b:a8:1a:c7:37:1a:0d:c5:06:ac:5b:ac:95:17:94:a4:78:c4: 86:39:0e:b9:c8:2d:0f:48:48:65:bc:ac:34:84:09:7f:1c:a9: 69:a2:5d:02:84:2b:c7:ff:00:c2:4d:ed:55:54:5e:ae:f3:7c: 78:d6:f2:fb:e3:6b:ea:c4:fe:0f:42:f3:97:54:4b:7d:1c:a2: eb:d6:5e:d4:a6:71:65:b5:ff:d4:fc:b9:2c:01:6d:86:bf:bb: 1f:a5:b8:fd:04:aa:b4:3f:36:75:22:f3:7b:05:12:c2:06:96: 14:c1:e9:71:eb:a5:4d:20:3b:54:61:29:5d:22:e9:69:f0:8e: 4c:a1:18:38:aa:8d:65:4c:8b:a1:f4:89:f0:b0:d9:f7:21:aa: 78:78:bf:ed:db:d3:af:93:81:89:b8:2e:31:36:a1:8d:53:5c: eb:7b:dc:ff:6b:0b:63:ed:8e:77:7d:b0:63:11:64:34:a2:f8: d4:42:8c:dc:72:ad:e4:75:ef:68:ee:c4:3f:cd:92:1a:57:45: 37:9f:c0:b1:70:02:45:fb:e1:9d:b3:10:6f:5a:8d:7a:fa:f6: bb:80:fb:5b -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgIUJ8EaC2BaMuH/A82EbYxT/b3hV0gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQUU0ODdCNzJDNEYzOEVBNTQ4RjY3MjFCQjYwQjc3Mzcw NUJEOTUxNTAeFw0yNjA0MjEwNjIxNDFaFw0yNzA0MjAwNjI2NDFaMDMxMTAvBgNV BAMTKEEzQTc2OUQ1RkM3QkM0NEVCMUNGQTQzRTQ4RkRENzlCNjQ1REI2RDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC69PeQE8hTRSYZGPR1Ek/2W8J yOo5nUCiOIexMSYMVq3iHu6XT4vUCYKbjq0gSKzoAGKEEh3CSIs6AONk2axeYcSO PcjH91gCfTyWGKNT2G82/iUxMwWXILI2IsqEw9JbMExKThnuTz7ByEeiSmHcjb3r CubKEJv92OfrtnTghUe1RWfDQG0RlqXKR3AeyLT/RDIvFesd3SCMRpsELsq2OmDT pu3jlqy0aeT77p6HdzK2wspEnKB9DyYJP108orVJti3S+m5suieUM136T/6N0Fg2 oL4ns5qVQ4SyDeAQ6hyqfMI803oct0FYeSePGPHdrJSJpsxtUX+BHGLgHdA/AgMB AAGjggIUMIICEDAdBgNVHQ4EFgQUo6dp1fx7xE6xz6Q+SP3Xm2RdttcwHwYDVR0j BBgwFoAUrkh7csTzjqVI9nIbtgt3NwW9lRUwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NjE5OTk0Nzk0MzkzOS8wL0FFNDg3QjcyQzRGMzhFQTU0OEY2NzIxQkI2MEI3 NzM3MDVCRDk1MTUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQUU0ODdCNzJDNEYzOEVBNTQ4RjY3MjFCQjYwQjc3MzcwNUJEOTUxNS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS1ycHMu Y25uaWMuY24vcmVwby9BMTA2NTU3NjE5OTk0Nzk0MzkzOS8wLzMyMzEzODJlMzIz NDM5MmUzMTM0MzQyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNDM4MzAzOC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEA9r5kDANBgkqhkiG9w0BAQsFAAOCAQEAPbnJzNjBjYql1o98+mSsMPTT vGBQGRRw5+mOOqgUNTGn+CC2i6gaxzcaDcUGrFuslReUpHjEhjkOucgtD0hIZbys NIQJfxypaaJdAoQrx/8Awk3tVVRervN8eNby++Nr6sT+D0Lzl1RLfRyi69Ze1KZx ZbX/1Py5LAFthr+7H6W4/QSqtD82dSLzewUSwgaWFMHpceulTSA7VGEpXSLpafCO TKEYOKqNZUyLofSJ8LDZ9yGqeHi/7dvTr5OBibguMTahjVNc63vc/2sLY+2Od32w YxFkNKL41EKM3HKt5HXvaO7EP82SGldFN5/AsXACRfvhnbMQb1qNevr2u4D7Ww== -----END CERTIFICATE-----Generated at Mon Apr 27 14:21:45 2026 by rpki-client