$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa File: AS24373.roa (raw, json) Hash identifier: lHZo1qqYvvZtMBDB0UDEySpVRejGte3tz9NgBR7e3to= Subject key identifier: AD:9B:39:73:F7:41:F3:F0:90:A7:A5:16:42:9A:E3:66:9A:B4:9D:9F Certificate issuer: /CN=1FFF263C64163BC58514B539C10375CCB553D75E Certificate serial: 1AD91EA77CD83740E6003A59F885D98EF43EBBDD Authority key identifier: 1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa Signing time: Thu 28 May 2026 08:31:47 +0000 ROA not before: Thu 28 May 2026 08:26:47 +0000 ROA not after: Thu 27 May 2027 08:31:47 +0000 asID: 24373 IP address blocks: 45.252.8.0/22 maxlen: 24 45.252.12.0/22 maxlen: 24 45.252.16.0/22 maxlen: 24 45.252.20.0/22 maxlen: 24 45.252.24.0/22 maxlen: 24 45.252.28.0/22 maxlen: 24 45.252.32.0/22 maxlen: 24 45.252.36.0/22 maxlen: 24 45.252.40.0/22 maxlen: 24 45.252.44.0/22 maxlen: 24 45.252.48.0/22 maxlen: 24 45.252.102.0/24 maxlen: 24 103.6.228.0/24 maxlen: 24 103.221.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Jun 2026 23:56:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:d9:1e:a7:7c:d8:37:40:e6:00:3a:59:f8:85:d9:8e:f4:3e:bb:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FFF263C64163BC58514B539C10375CCB553D75E Validity Not Before: May 28 08:26:47 2026 GMT Not After : May 27 08:31:47 2027 GMT Subject: CN=AD9B3973F741F3F090A7A516429AE3669AB49D9F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b9:ce:d4:3f:9f:3f:d9:58:ba:fd:ba:37:b9: c2:77:4e:58:02:5b:c2:ce:6a:fc:5d:80:b4:38:a4: b4:64:1c:13:e1:1e:99:85:ea:c4:56:56:68:cd:74: e9:25:c1:2a:39:2f:ba:48:82:97:a4:b5:e2:be:41: fb:3a:ab:8b:0a:33:5c:59:bf:85:b3:7d:ff:f5:86: f4:53:ed:cc:9a:0c:1c:65:ce:63:d1:ec:a0:e6:91: 2b:98:9d:ca:d7:f3:0a:8a:76:6c:e2:00:4b:4c:18: ea:05:c2:36:ba:41:8c:ef:5d:27:ea:4e:d4:c9:7a: 06:69:5f:d3:11:ae:1b:7b:ae:a7:83:e6:5b:02:28: 35:c2:3d:b5:d8:8e:b3:ad:47:96:fa:08:65:d2:a1: bf:71:73:ac:42:8b:e1:58:af:54:0b:18:24:a6:7f: f4:a7:f1:25:d9:f4:e7:24:d6:ea:e3:85:b0:2a:5e: 7d:b6:e4:21:f0:41:3d:99:f4:23:09:34:d4:34:39: ec:fc:f5:57:14:a1:3a:c7:a5:c0:3c:fa:72:53:3a: 18:66:6d:67:a2:01:37:52:30:bd:67:27:d7:95:f7: 18:76:fe:33:5e:ee:b8:b9:80:f5:97:72:c1:45:d2: 8e:3e:a8:cb:a5:59:32:0d:ff:f0:c3:d9:7c:dd:0c: 2c:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:9B:39:73:F7:41:F3:F0:90:A7:A5:16:42:9A:E3:66:9A:B4:9D:9F X509v3 Authority Key Identifier: keyid:1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.252.8.0-45.252.51.255 45.252.102.0/24 103.6.228.0/24 103.221.40.0/22 Signature Algorithm: sha256WithRSAEncryption 73:08:c9:c7:81:b1:7f:ab:d6:0e:d7:64:3d:8e:bd:33:60:71: a9:19:d8:28:bc:fe:64:28:fd:7f:70:3e:19:5c:fa:c1:a6:b0: f3:f1:14:b2:4c:c7:89:ba:db:0f:f7:7c:8f:05:35:23:62:4d: 07:ca:a8:09:16:b7:31:3c:f9:c1:b3:cc:7f:c9:b2:d5:2e:99: 97:e5:f8:04:9d:1f:77:72:cd:68:16:4b:d1:09:44:d6:89:7f: ef:cc:ed:63:cc:11:22:c7:5a:36:60:97:a7:a0:b1:89:fb:8b: 47:e7:db:3c:21:e0:fe:11:22:b5:be:25:4e:92:c3:c7:7c:62: af:cc:e9:ad:8d:84:53:80:a3:7f:8a:c7:35:25:e2:37:19:82: 82:6c:66:c6:bb:a1:7c:16:5b:46:a5:6d:50:26:94:25:44:be: 45:21:12:21:fb:ab:ff:73:fd:e3:50:75:7f:fb:8d:0f:48:13: 8a:47:b0:fc:43:f4:e2:91:56:5a:11:3d:4b:95:39:79:37:ce: a4:da:c4:3a:e0:96:4a:7c:e3:d9:4c:13:4c:ce:04:77:6f:2f: 6f:b4:da:65:dc:e9:9f:bc:49:7b:51:86:7a:19:24:e2:82:45: 23:c2:e8:f7:a8:a2:8e:14:98:4a:10:ad:19:22:2d:b0:96:98: 7b:67:49:fe -----BEGIN CERTIFICATE----- MIIE8zCCA9ugAwIBAgIUGtkep3zYN0DmADpZ+IXZjvQ+u90wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NC NTUzRDc1RTAeFw0yNjA1MjgwODI2NDdaFw0yNzA1MjcwODMxNDdaMDMxMTAvBgNV BAMTKEFEOUIzOTczRjc0MUYzRjA5MEE3QTUxNjQyOUFFMzY2OUFCNDlEOUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCguc7UP58/2Vi6/bo3ucJ3TlgC W8LOavxdgLQ4pLRkHBPhHpmF6sRWVmjNdOklwSo5L7pIgpekteK+Qfs6q4sKM1xZ v4Wzff/1hvRT7cyaDBxlzmPR7KDmkSuYncrX8wqKdmziAEtMGOoFwja6QYzvXSfq TtTJegZpX9MRrht7rqeD5lsCKDXCPbXYjrOtR5b6CGXSob9xc6xCi+FYr1QLGCSm f/Sn8SXZ9Ock1urjhbAqXn225CHwQT2Z9CMJNNQ0Oez89VcUoTrHpcA8+nJTOhhm bWeiATdSML1nJ9eV9xh2/jNe7ri5gPWXcsFF0o4+qMulWTIN//DD2XzdDCxvAgMB AAGjggH9MIIB+TAdBgNVHQ4EFgQUrZs5c/dB8/CQp6UWQprjZpq0nZ8wHwYDVR0j BBgwFoAUH/8mPGQWO8WFFLU5wQN1zLVT114wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDMyNzA0My8wLzFGRkYyNjNDNjQxNjNCQzU4NTE0QjUzOUMxMDM3 NUNDQjU1M0Q3NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NCNTUzRDc1RS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQzMjcwNDMvMC9BUzI0MzczLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIA ATAgMAwDBAMt/AgDBAIt/DADBAAt/GYDBABnBuQDBAJn3SgwDQYJKoZIhvcNAQEL BQADggEBAHMIyceBsX+r1g7XZD2OvTNgcakZ2Ci8/mQo/X9wPhlc+sGmsPPxFLJM x4m62w/3fI8FNSNiTQfKqAkWtzE8+cGzzH/JstUumZfl+ASdH3dyzWgWS9EJRNaJ f+/M7WPMESLHWjZgl6egsYn7i0fn2zwh4P4RIrW+JU6Sw8d8Yq/M6a2NhFOAo3+K xzUl4jcZgoJsZsa7oXwWW0albVAmlCVEvkUhEiH7q/9z/eNQdX/7jQ9IE4pHsPxD 9OKRVloRPUuVOXk3zqTaxDrglkp849lME0zOBHdvL2+02mXc6Z+8SXtRhnoZJOKC RSPC6Peooo4UmEoQrRkiLbCWmHtnSf4= -----END CERTIFICATE-----Generated at Sat Jun 6 16:09:45 2026 by rpki-client