$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS17621.roa File: AS17621.roa (raw, json) Hash identifier: zRljjb52XHiNdSxfLLqrAwWf7soP3ZXOA6q8cDNDNRw= Subject key identifier: 2E:8A:12:92:CB:1D:A1:9C:BA:71:F9:98:63:EB:F4:B4:29:71:0E:79 Certificate issuer: /CN=1FFF263C64163BC58514B539C10375CCB553D75E Certificate serial: 4167CA13AD002ED42D30E4D89D51F6D01F161549 Authority key identifier: 1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS17621.roa Signing time: Tue 21 Apr 2026 02:06:53 +0000 ROA not before: Tue 21 Apr 2026 02:01:53 +0000 ROA not after: Tue 20 Apr 2027 02:06:53 +0000 asID: 17621 IP address blocks: 103.5.192.0/23 maxlen: 24 103.5.194.0/24 maxlen: 24 103.5.195.0/24 maxlen: 24 103.24.116.0/24 maxlen: 24 103.24.118.0/23 maxlen: 24 150.242.238.0/23 maxlen: 24 202.89.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:67:ca:13:ad:00:2e:d4:2d:30:e4:d8:9d:51:f6:d0:1f:16:15:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FFF263C64163BC58514B539C10375CCB553D75E Validity Not Before: Apr 21 02:01:53 2026 GMT Not After : Apr 20 02:06:53 2027 GMT Subject: CN=2E8A1292CB1DA19CBA71F99863EBF4B429710E79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:34:44:89:e0:57:70:20:32:3b:4f:89:b5:06: 0e:33:c8:ab:9e:8e:00:da:48:3e:a8:91:b8:f0:40: 1d:79:9b:1c:c8:22:bb:50:4d:e9:8c:86:85:fc:2f: ea:8e:c2:d5:96:8d:a3:0e:6a:91:f1:aa:3b:56:96: fe:c3:0c:fb:e4:49:18:d5:16:74:a4:3c:37:6e:e2: 30:12:73:4f:7b:76:fa:65:e4:2f:39:4b:26:d6:e6: 8d:90:3c:73:4f:fd:53:af:31:49:31:c4:b4:81:e6: 78:71:78:be:c5:16:ae:5b:68:86:29:52:2e:f4:59: ac:3c:7c:46:cb:c8:be:c6:26:20:cb:86:cc:ad:c3: 90:42:be:52:25:d3:44:31:06:44:ff:0d:b3:08:aa: 2d:ee:6c:7d:de:ca:23:96:73:16:cb:a0:d8:0c:9c: 3d:8b:3e:c8:2f:7d:0d:63:22:2e:a8:65:bc:a7:ba: 17:ad:74:48:9a:88:32:52:39:ff:97:3e:b0:eb:7d: 05:e8:f0:b3:4b:ef:b2:f8:4d:64:31:ba:14:e6:ed: a0:7a:81:e6:a3:7f:57:8d:66:03:6e:07:b9:a0:d2: 79:a0:55:b6:3b:7d:68:ea:70:40:23:2f:b6:4e:e8: 97:2f:b1:5e:13:2b:c9:23:0c:60:b7:f8:5a:ad:07: a2:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:8A:12:92:CB:1D:A1:9C:BA:71:F9:98:63:EB:F4:B4:29:71:0E:79 X509v3 Authority Key Identifier: keyid:1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS17621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.5.192.0/22 103.24.116.0/24 103.24.118.0/23 150.242.238.0/23 202.89.96.0/24 Signature Algorithm: sha256WithRSAEncryption 80:3a:84:25:80:6b:94:4d:f1:16:25:8b:ac:36:14:30:1f:9f: 2d:b1:d3:c8:32:58:03:df:b3:27:81:1b:15:ae:14:03:17:97: 1c:a9:b4:34:04:2d:04:84:b0:cb:e9:a7:30:73:0b:23:d6:c6: c8:68:57:17:79:bb:39:6d:68:5c:92:f8:a4:8d:23:c7:1a:a0: 45:ab:08:15:b5:1c:5a:55:6c:d5:c7:d0:10:34:26:96:f3:7e: df:7c:88:ee:8e:08:1b:0d:ea:81:f9:5b:d7:b9:2b:1d:3a:22: f9:d9:48:07:93:0a:c3:ea:e6:f8:11:b7:dc:ae:09:65:a9:89: bb:44:5f:9c:69:2e:a7:05:30:74:5f:66:e4:06:6d:3e:da:62: 76:37:05:aa:d3:02:ad:eb:1d:f8:5b:2c:58:46:4f:76:c6:b9: 7e:12:28:6c:71:2b:ac:d8:f3:7a:43:98:84:65:3a:af:b8:8a: 72:c1:2a:da:b5:db:77:99:c3:3a:a2:5e:00:0b:bf:a4:f0:1a: 10:d1:1e:a0:a8:a8:15:53:76:68:d0:b3:40:86:b4:b2:0d:a3: bf:3d:03:84:a3:64:0f:9e:6f:b7:8c:35:7e:5f:12:52:35:23: da:76:ed:9f:e5:e2:83:25:d1:70:c7:75:c2:6b:bd:5d:89:a3: 44:88:17:92 -----BEGIN CERTIFICATE----- MIIE8TCCA9mgAwIBAgIUQWfKE60ALtQtMOTYnVH20B8WFUkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NC NTUzRDc1RTAeFw0yNjA0MjEwMjAxNTNaFw0yNzA0MjAwMjA2NTNaMDMxMTAvBgNV BAMTKDJFOEExMjkyQ0IxREExOUNCQTcxRjk5ODYzRUJGNEI0Mjk3MTBFNzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbNESJ4FdwIDI7T4m1Bg4zyKue jgDaSD6okbjwQB15mxzIIrtQTemMhoX8L+qOwtWWjaMOapHxqjtWlv7DDPvkSRjV FnSkPDdu4jASc097dvpl5C85SybW5o2QPHNP/VOvMUkxxLSB5nhxeL7FFq5baIYp Ui70Waw8fEbLyL7GJiDLhsytw5BCvlIl00QxBkT/DbMIqi3ubH3eyiOWcxbLoNgM nD2LPsgvfQ1jIi6oZbynuhetdEiaiDJSOf+XPrDrfQXo8LNL77L4TWQxuhTm7aB6 geajf1eNZgNuB7mg0nmgVbY7fWjqcEAjL7ZO6JcvsV4TK8kjDGC3+FqtB6IhAgMB AAGjggH7MIIB9zAdBgNVHQ4EFgQULooSkssdoZy6cfmYY+v0tClxDnkwHwYDVR0j BBgwFoAUH/8mPGQWO8WFFLU5wQN1zLVT114wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDMyNzA0My8wLzFGRkYyNjNDNjQxNjNCQzU4NTE0QjUzOUMxMDM3 NUNDQjU1M0Q3NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NCNTUzRDc1RS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQzMjcwNDMvMC9BUzE3NjIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIA ATAeAwQCZwXAAwQAZxh0AwQBZxh2AwQBlvLuAwQAyllgMA0GCSqGSIb3DQEBCwUA A4IBAQCAOoQlgGuUTfEWJYusNhQwH58tsdPIMlgD37MngRsVrhQDF5ccqbQ0BC0E hLDL6acwcwsj1sbIaFcXebs5bWhckvikjSPHGqBFqwgVtRxaVWzVx9AQNCaW837f fIjujggbDeqB+VvXuSsdOiL52UgHkwrD6ub4EbfcrgllqYm7RF+caS6nBTB0X2bk Bm0+2mJ2NwWq0wKt6x34WyxYRk92xrl+EihscSus2PN6Q5iEZTqvuIpywSratdt3 mcM6ol4AC7+k8BoQ0R6gqKgVU3Zo0LNAhrSyDaO/PQOEo2QPnm+3jDV+XxJSNSPa du2f5eKDJdFwx3XCa71diaNEiBeS -----END CERTIFICATE-----Generated at Wed Apr 22 03:06:26 2026 by rpki-client