$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3132302e3133362e3134342e302f32312d3234203d3e203233383533.roa File: 3132302e3133362e3134342e302f32312d3234203d3e203233383533.roa (raw, json) Hash identifier: E24J4lCzhRkOqJW0ZJR5Sy9+c+JL4dSoESoQ2DvI8xM= Subject key identifier: 3B:D7:CC:F9:78:AE:14:D2:5D:FD:2D:C6:D5:93:77:A7:71:5D:B9:F0 Certificate issuer: /CN=3EC2D884A54E878D848EDE42517466153F747434 Certificate serial: 12856E5FB0DC67064F8DD07ABC59442EA651A83F Authority key identifier: 3E:C2:D8:84:A5:4E:87:8D:84:8E:DE:42:51:74:66:15:3F:74:74:34 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3EC2D884A54E878D848EDE42517466153F747434.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3132302e3133362e3134342e302f32312d3234203d3e203233383533.roa Signing time: Sat 18 Apr 2026 10:18:31 +0000 ROA not before: Sat 18 Apr 2026 10:13:31 +0000 ROA not after: Sat 17 Apr 2027 10:18:31 +0000 asID: 23853 IP address blocks: 120.136.144.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3EC2D884A54E878D848EDE42517466153F747434.crl rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3EC2D884A54E878D848EDE42517466153F747434.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3EC2D884A54E878D848EDE42517466153F747434.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 09:25:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:85:6e:5f:b0:dc:67:06:4f:8d:d0:7a:bc:59:44:2e:a6:51:a8:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3EC2D884A54E878D848EDE42517466153F747434 Validity Not Before: Apr 18 10:13:31 2026 GMT Not After : Apr 17 10:18:31 2027 GMT Subject: CN=3BD7CCF978AE14D25DFD2DC6D59377A7715DB9F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:54:37:d0:c4:28:a8:20:1a:fa:82:fd:75:37: a8:16:b9:aa:46:de:07:1a:6e:fc:23:f3:97:14:e9: e2:d6:c7:58:9c:c4:fb:dc:54:33:c7:58:6a:ac:24: 42:e8:09:c6:72:48:51:e5:5d:2d:f1:59:1e:6d:83: 8d:fe:d7:81:8d:dd:67:6e:cc:94:e2:3e:86:22:6c: 13:86:3b:ab:7a:81:f8:ff:20:c6:79:08:ca:77:f2: a0:46:79:a8:87:dc:4d:43:8f:f1:bc:2e:31:94:1e: b3:1e:cd:7c:39:f3:85:a2:91:09:e3:52:a7:00:50: c4:ac:88:5b:3c:bb:2f:72:2c:44:f0:52:cc:1e:c9: a2:71:36:8e:5f:c2:00:00:ed:e6:6a:a8:87:ee:a1: 16:4d:63:74:cc:b8:2e:f7:de:1d:10:fd:08:72:76: c3:c4:e7:ba:49:3b:1d:01:4d:27:bb:66:f1:00:4d: 15:36:f3:7d:34:14:87:14:20:eb:97:26:b0:a2:a5: 2b:24:93:25:ea:4c:8c:41:39:29:dc:2a:bb:47:4d: 8d:5a:99:b6:22:48:95:cd:d0:de:3f:ba:33:2f:34: b9:00:4d:e6:db:9b:87:da:72:a0:aa:35:4c:3f:0c: 47:fd:3b:03:63:0c:0e:92:b0:be:06:da:7c:fe:bc: 9b:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:D7:CC:F9:78:AE:14:D2:5D:FD:2D:C6:D5:93:77:A7:71:5D:B9:F0 X509v3 Authority Key Identifier: keyid:3E:C2:D8:84:A5:4E:87:8D:84:8E:DE:42:51:74:66:15:3F:74:74:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3EC2D884A54E878D848EDE42517466153F747434.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3EC2D884A54E878D848EDE42517466153F747434.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3132302e3133362e3134342e302f32312d3234203d3e203233383533.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.136.144.0/21 Signature Algorithm: sha256WithRSAEncryption 6c:36:09:df:bb:a5:1d:bc:f6:05:65:89:7e:68:39:3a:fa:27: 53:f7:d3:d5:cd:47:e5:86:6a:33:b1:1b:72:a2:04:31:4b:63: f2:f6:b7:ef:9a:8c:34:6b:d8:d5:04:7d:56:84:74:c2:57:80: 32:32:15:92:ad:50:9a:bf:a3:33:70:f2:0a:d7:1f:66:e3:6a: 08:96:b4:e0:2c:89:0d:9d:a8:02:81:f8:ca:4b:47:21:7f:fd: c1:94:64:28:10:e7:7c:75:38:93:f8:66:a0:2a:4c:f7:32:68: 4a:e7:1f:c2:85:03:0c:72:2a:7a:fc:64:f3:87:80:76:c7:e5: 1e:1c:54:bd:52:63:49:9c:ed:f4:bf:c0:63:30:c3:60:f2:c9: 2e:69:74:57:f2:5d:d8:16:a9:a7:ff:f9:4b:35:d2:ca:57:7d: 5c:8d:c2:20:f8:84:11:8a:37:05:09:7d:06:db:26:b7:9e:ff: f0:a0:70:8d:f5:dc:33:0b:e5:95:0d:8a:78:ca:92:17:71:51: 7d:9d:12:9a:43:95:6a:d2:86:91:86:b1:f4:b3:3c:2b:5a:18: 41:71:49:57:a1:94:fe:cd:f0:65:d0:0a:0d:fc:38:db:09:93: b2:aa:6c:55:0c:15:69:b7:93:b4:9d:94:40:e9:4c:2e:1f:68: 34:c0:a5:bb -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUEoVuX7DcZwZPjdB6vFlELqZRqD8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0VDMkQ4ODRBNTRFODc4RDg0OEVERTQyNTE3NDY2MTUz Rjc0NzQzNDAeFw0yNjA0MTgxMDEzMzFaFw0yNzA0MTcxMDE4MzFaMDMxMTAvBgNV BAMTKDNCRDdDQ0Y5NzhBRTE0RDI1REZEMkRDNkQ1OTM3N0E3NzE1REI5RjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLVDfQxCioIBr6gv11N6gWuapG 3gcabvwj85cU6eLWx1icxPvcVDPHWGqsJELoCcZySFHlXS3xWR5tg43+14GN3Wdu zJTiPoYibBOGO6t6gfj/IMZ5CMp38qBGeaiH3E1Dj/G8LjGUHrMezXw584WikQnj UqcAUMSsiFs8uy9yLETwUsweyaJxNo5fwgAA7eZqqIfuoRZNY3TMuC733h0Q/Qhy dsPE57pJOx0BTSe7ZvEATRU28300FIcUIOuXJrCipSskkyXqTIxBOSncKrtHTY1a mbYiSJXN0N4/ujMvNLkATebbm4facqCqNUw/DEf9OwNjDA6SsL4G2nz+vJvRAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUO9fM+XiuFNJd/S3G1ZN3p3FdufAwHwYDVR0j BBgwFoAUPsLYhKVOh42Ejt5CUXRmFT90dDQwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NjcyMzM3MTc4NjI0Mi8wLzNFQzJEODg0QTU0RTg3OEQ4NDhFREU0MjUxNzQ2 NjE1M0Y3NDc0MzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvM0VDMkQ4ODRBNTRFODc4RDg0OEVERTQyNTE3NDY2MTUzRjc0NzQzNC5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwNjU1NzY3MjMzNzE3ODYyNDIvMC8zMTMyMzAyZTMx MzMzNjJlMzEzNDM0MmUzMDJmMzIzMTJkMzIzNDIwM2QzZTIwMzIzMzM4MzUzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEA3iIkDANBgkqhkiG9w0BAQsFAAOCAQEAbDYJ37ulHbz2BWWJfmg5 OvonU/fT1c1H5YZqM7EbcqIEMUtj8va375qMNGvY1QR9VoR0wleAMjIVkq1Qmr+j M3DyCtcfZuNqCJa04CyJDZ2oAoH4yktHIX/9wZRkKBDnfHU4k/hmoCpM9zJoSucf woUDDHIqevxk84eAdsflHhxUvVJjSZzt9L/AYzDDYPLJLml0V/Jd2Bapp//5SzXS yld9XI3CIPiEEYo3BQl9Btsmt57/8KBwjfXcMwvllQ2KeMqSF3FRfZ0SmkOVatKG kYax9LM8K1oYQXFJV6GU/s3wZdAKDfw42wmTsqpsVQwVabeTtJ2UQOlMLh9oNMCl uw== -----END CERTIFICATE-----Generated at Mon Apr 27 11:16:21 2026 by rpki-client