$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3132302e3133362e3135322e302f32322d3234203d3e203233383533.roa File: 3132302e3133362e3135322e302f32322d3234203d3e203233383533.roa (raw, json) Hash identifier: erIblciMvEQNpFoiI29fK8Db0M3ixaF8v4DyoPNB8/8= Subject key identifier: 87:0C:A9:31:14:F6:BA:AA:AB:73:7B:EF:11:32:16:DF:93:A4:65:DB Certificate issuer: /CN=3EC2D884A54E878D848EDE42517466153F747434 Certificate serial: 3B4924FC2B2E7838D6B2C5AB73A716768E914CB1 Authority key identifier: 3E:C2:D8:84:A5:4E:87:8D:84:8E:DE:42:51:74:66:15:3F:74:74:34 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3EC2D884A54E878D848EDE42517466153F747434.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3132302e3133362e3135322e302f32322d3234203d3e203233383533.roa Signing time: Sat 18 Apr 2026 10:18:32 +0000 ROA not before: Sat 18 Apr 2026 10:13:32 +0000 ROA not after: Sat 17 Apr 2027 10:18:32 +0000 asID: 23853 IP address blocks: 120.136.152.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3EC2D884A54E878D848EDE42517466153F747434.crl rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3EC2D884A54E878D848EDE42517466153F747434.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3EC2D884A54E878D848EDE42517466153F747434.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 09:25:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:49:24:fc:2b:2e:78:38:d6:b2:c5:ab:73:a7:16:76:8e:91:4c:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3EC2D884A54E878D848EDE42517466153F747434 Validity Not Before: Apr 18 10:13:32 2026 GMT Not After : Apr 17 10:18:32 2027 GMT Subject: CN=870CA93114F6BAAAAB737BEF113216DF93A465DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:4c:81:44:29:28:ce:0a:e2:ab:74:c0:d1:ee: c1:33:3b:0b:76:98:98:e5:e2:55:1d:81:c8:8f:61: ca:90:53:e6:2f:87:77:b8:4c:e0:f0:91:ba:57:9e: 2e:50:a3:4e:f9:c3:fc:91:65:70:9e:7b:f4:f3:36: 16:39:ba:71:e4:2f:c0:99:df:9a:c7:5b:4c:66:af: 36:7f:0d:0a:8a:d8:45:d2:c4:ec:dd:53:cf:5a:93: ff:59:de:fc:94:e8:84:62:15:f3:a7:96:88:65:d1: f6:61:48:3d:9b:b6:7d:7e:62:58:75:eb:4d:93:25: dd:98:0e:3b:3e:12:ad:e1:fc:fc:a0:91:21:58:f4: a7:24:5a:01:48:b6:6e:4f:cd:60:17:bf:fb:38:3e: 75:14:bb:77:d5:b0:31:30:87:36:d7:eb:09:bb:e4: 23:ac:36:fc:67:77:da:5e:70:48:fa:d3:c2:83:16: 03:96:70:a3:df:06:ea:a3:ad:e0:45:02:b1:9b:4d: 89:9d:86:f8:53:e1:3f:16:a6:fc:d9:16:f7:e2:e6: b7:d4:99:52:54:b6:dc:4a:20:44:6c:f9:2c:d6:7a: cb:e4:90:6f:6a:67:d2:4c:46:66:0f:c7:b6:cf:73: bf:d8:32:56:ea:57:38:8a:58:0f:8b:74:cd:0b:b0: d3:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:0C:A9:31:14:F6:BA:AA:AB:73:7B:EF:11:32:16:DF:93:A4:65:DB X509v3 Authority Key Identifier: keyid:3E:C2:D8:84:A5:4E:87:8D:84:8E:DE:42:51:74:66:15:3F:74:74:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3EC2D884A54E878D848EDE42517466153F747434.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3EC2D884A54E878D848EDE42517466153F747434.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723371786242/0/3132302e3133362e3135322e302f32322d3234203d3e203233383533.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.136.152.0/22 Signature Algorithm: sha256WithRSAEncryption 07:04:72:17:26:f0:b4:d3:00:dd:98:72:95:d9:97:84:e7:ef: 62:36:ee:24:e6:7e:42:01:47:74:1b:5c:9e:ba:ac:3c:fd:93: e9:52:c6:d5:43:24:c4:6c:e2:48:ca:92:80:ad:d2:e4:17:e3: f0:e0:bd:4b:be:75:0c:08:7a:35:1f:e7:95:fb:c3:27:99:89: 70:3c:48:2d:b9:51:54:51:fd:65:f6:4f:f6:2a:4a:d1:01:b9: 2a:a8:51:42:5f:ea:19:ff:c8:53:08:94:0e:6d:c5:ef:28:ce: a5:73:b2:03:ea:7f:01:2f:c1:13:73:71:09:1e:18:72:90:17: 1d:26:ef:15:19:3d:32:83:db:df:a4:f5:ec:25:38:d3:2f:5a: 09:ee:fc:8b:1e:46:00:bf:ab:5a:94:01:3f:06:df:67:4b:6e: 84:50:bf:9f:51:86:e4:c6:13:3b:b5:49:d2:7a:90:83:30:dd: e7:91:cc:ce:52:f2:30:0f:57:eb:2a:ef:d4:58:9d:79:97:71: c1:2e:57:d4:bc:6d:a6:1c:25:96:00:ea:d7:29:7d:cc:cf:67: e9:4e:7b:85:9e:2e:cb:c9:6c:a6:ff:23:50:4c:58:b5:9c:19: 2a:2c:3d:84:d7:86:4a:b2:39:0b:18:2f:e9:5b:c0:d9:30:59: e2:5c:31:24 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUO0kk/CsueDjWssWrc6cWdo6RTLEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM0VDMkQ4ODRBNTRFODc4RDg0OEVERTQyNTE3NDY2MTUz Rjc0NzQzNDAeFw0yNjA0MTgxMDEzMzJaFw0yNzA0MTcxMDE4MzJaMDMxMTAvBgNV BAMTKDg3MENBOTMxMTRGNkJBQUFBQjczN0JFRjExMzIxNkRGOTNBNDY1REIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3TIFEKSjOCuKrdMDR7sEzOwt2 mJjl4lUdgciPYcqQU+Yvh3e4TODwkbpXni5Qo075w/yRZXCee/TzNhY5unHkL8CZ 35rHW0xmrzZ/DQqK2EXSxOzdU89ak/9Z3vyU6IRiFfOnlohl0fZhSD2btn1+Ylh1 602TJd2YDjs+Eq3h/PygkSFY9KckWgFItm5PzWAXv/s4PnUUu3fVsDEwhzbX6wm7 5COsNvxnd9pecEj608KDFgOWcKPfBuqjreBFArGbTYmdhvhT4T8WpvzZFvfi5rfU mVJUttxKIERs+SzWesvkkG9qZ9JMRmYPx7bPc7/YMlbqVziKWA+LdM0LsNMbAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUhwypMRT2uqqrc3vvETIW35OkZdswHwYDVR0j BBgwFoAUPsLYhKVOh42Ejt5CUXRmFT90dDQwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NjcyMzM3MTc4NjI0Mi8wLzNFQzJEODg0QTU0RTg3OEQ4NDhFREU0MjUxNzQ2 NjE1M0Y3NDc0MzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvM0VDMkQ4ODRBNTRFODc4RDg0OEVERTQyNTE3NDY2MTUzRjc0NzQzNC5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwNjU1NzY3MjMzNzE3ODYyNDIvMC8zMTMyMzAyZTMx MzMzNjJlMzEzNTMyMmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMzM4MzUzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAniImDANBgkqhkiG9w0BAQsFAAOCAQEABwRyFybwtNMA3ZhyldmX hOfvYjbuJOZ+QgFHdBtcnrqsPP2T6VLG1UMkxGziSMqSgK3S5Bfj8OC9S751DAh6 NR/nlfvDJ5mJcDxILblRVFH9ZfZP9ipK0QG5KqhRQl/qGf/IUwiUDm3F7yjOpXOy A+p/AS/BE3NxCR4YcpAXHSbvFRk9MoPb36T17CU40y9aCe78ix5GAL+rWpQBPwbf Z0tuhFC/n1GG5MYTO7VJ0nqQgzDd55HMzlLyMA9X6yrv1FideZdxwS5X1Lxtphwl lgDq1yl9zM9n6U57hZ4uy8lspv8jUExYtZwZKiw9hNeGSrI5Cxgv6VvA2TBZ4lwx JA== -----END CERTIFICATE-----Generated at Mon Apr 27 11:16:21 2026 by rpki-client