$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa File: AS24373.roa (raw, json) Hash identifier: hlIQUZSJiHKeWe4jytAbPMNqL6Aj0WP8SNTJosmJcsk= Subject key identifier: BA:57:01:C2:74:7B:7C:14:00:25:6B:E3:1C:8D:60:77:EA:D6:78:58 Certificate issuer: /CN=1FFF263C64163BC58514B539C10375CCB553D75E Certificate serial: 181D2766C64265C0892D4553960F8DB648DCEE11 Authority key identifier: 1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa Signing time: Tue 21 Apr 2026 06:39:15 +0000 ROA not before: Tue 21 Apr 2026 06:34:15 +0000 ROA not after: Tue 20 Apr 2027 06:39:15 +0000 asID: 24373 IP address blocks: 45.252.8.0/22 maxlen: 24 45.252.12.0/22 maxlen: 24 45.252.16.0/22 maxlen: 24 45.252.20.0/22 maxlen: 24 45.252.24.0/22 maxlen: 24 45.252.28.0/22 maxlen: 24 45.252.32.0/22 maxlen: 24 45.252.36.0/22 maxlen: 24 45.252.40.0/22 maxlen: 24 45.252.44.0/22 maxlen: 24 45.252.48.0/22 maxlen: 24 45.252.100.0/22 maxlen: 24 45.252.144.0/22 maxlen: 24 103.6.228.0/24 maxlen: 24 103.220.248.0/22 maxlen: 24 103.220.252.0/22 maxlen: 24 103.221.0.0/22 maxlen: 24 103.221.4.0/22 maxlen: 24 103.221.8.0/22 maxlen: 24 103.221.12.0/22 maxlen: 24 103.221.16.0/22 maxlen: 24 103.221.20.0/22 maxlen: 24 103.221.24.0/22 maxlen: 24 103.221.28.0/22 maxlen: 24 103.221.32.0/22 maxlen: 24 103.221.36.0/22 maxlen: 24 103.221.40.0/22 maxlen: 24 103.221.44.0/22 maxlen: 24 103.221.48.0/22 maxlen: 24 103.221.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:1d:27:66:c6:42:65:c0:89:2d:45:53:96:0f:8d:b6:48:dc:ee:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FFF263C64163BC58514B539C10375CCB553D75E Validity Not Before: Apr 21 06:34:15 2026 GMT Not After : Apr 20 06:39:15 2027 GMT Subject: CN=BA5701C2747B7C1400256BE31C8D6077EAD67858 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:d2:b7:b9:f8:aa:c9:9f:e2:73:f7:ed:c2:3d: ba:0b:b1:ef:23:92:aa:34:8c:24:a7:dd:50:46:ab: 47:5e:13:06:0a:d3:8a:68:7a:34:e2:1b:b4:42:ba: 67:50:e1:c1:0f:a1:30:fb:bc:56:2e:d5:e4:63:e4: 33:0b:34:bd:ea:74:8b:4b:e2:d8:bf:3b:2d:0c:7a: f2:7a:1b:7c:ab:c2:df:49:91:06:a6:88:d4:2a:18: fe:79:cf:57:50:79:37:8d:84:9f:21:38:c4:a8:59: 36:27:e2:65:0d:be:80:d0:0e:eb:a1:84:23:05:eb: 90:3a:8d:ac:d4:55:e9:94:17:b5:00:28:60:e6:70: 9e:7d:68:f7:1c:7e:11:01:50:4a:64:9b:c2:8f:89: fe:58:16:5d:c8:d9:f5:08:7b:6e:1a:a4:95:f5:89: 82:da:c9:59:3e:7a:98:47:f0:3f:98:07:e1:a8:27: 34:ef:92:eb:08:89:5f:01:9b:6a:74:e5:90:87:ce: 0f:98:0a:e8:06:30:d9:4f:d7:49:68:9e:95:43:ee: 8b:e2:e2:e7:f1:2a:ec:44:f8:c6:de:38:69:95:a5: c4:ee:0a:1c:ff:93:c1:c0:72:5c:13:a9:2d:98:ab: 4b:c1:11:c8:32:95:40:6b:46:44:9a:73:3d:67:2e: e0:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:57:01:C2:74:7B:7C:14:00:25:6B:E3:1C:8D:60:77:EA:D6:78:58 X509v3 Authority Key Identifier: keyid:1F:FF:26:3C:64:16:3B:C5:85:14:B5:39:C1:03:75:CC:B5:53:D7:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/1FFF263C64163BC58514B539C10375CCB553D75E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1FFF263C64163BC58514B539C10375CCB553D75E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394327043/0/AS24373.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.252.8.0-45.252.51.255 45.252.100.0/22 45.252.144.0/22 103.6.228.0/24 103.220.248.0-103.221.51.255 103.221.92.0/22 Signature Algorithm: sha256WithRSAEncryption 15:8c:5a:a1:3e:82:7c:45:f0:7c:6f:8d:96:70:45:f5:e7:d4: 9b:75:42:68:f6:2b:57:6a:4d:f3:78:e8:e8:55:3c:32:e4:ed: f1:e1:d8:b0:d5:b3:84:a5:12:90:15:d5:60:27:4b:2e:a6:41: 0d:fb:45:6b:f5:ac:36:99:c5:05:d3:cd:e2:51:23:18:7a:c6: ed:9c:db:ba:b9:9d:72:2c:1b:64:1c:bc:6d:33:03:fd:6c:9d: 08:48:e6:bd:33:3c:43:e6:1d:71:44:7e:a8:84:a1:36:9f:91: 2c:61:b3:a3:c0:4d:b0:7b:aa:86:e3:d9:55:2e:89:36:4b:ce: 3c:7a:76:32:0a:cd:ea:97:ed:ca:b0:8d:d7:3a:dc:38:3a:ce: 8c:8d:73:ce:2b:18:dd:a9:65:54:d9:8f:a6:21:f9:4c:6b:3d: cd:ba:c8:68:2f:4f:00:b6:72:4d:17:94:e6:91:ae:17:fd:98: 25:eb:eb:0b:2d:51:ae:9d:dd:c7:d1:04:41:58:fc:8a:b6:19: 28:86:87:8d:be:53:7b:28:b3:8d:99:25:8d:14:23:8c:d4:57: 79:27:61:5c:e0:99:66:ba:da:05:90:af:01:c9:70:1d:7e:7e: 00:a8:16:52:c1:3d:41:a4:e3:f2:d8:0c:63:f5:ba:d4:03:f9: 4d:40:d2:33 -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgIUGB0nZsZCZcCJLUVTlg+Ntkjc7hEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NC NTUzRDc1RTAeFw0yNjA0MjEwNjM0MTVaFw0yNzA0MjAwNjM5MTVaMDMxMTAvBgNV BAMTKEJBNTcwMUMyNzQ3QjdDMTQwMDI1NkJFMzFDOEQ2MDc3RUFENjc4NTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX0re5+KrJn+Jz9+3CPboLse8j kqo0jCSn3VBGq0deEwYK04poejTiG7RCumdQ4cEPoTD7vFYu1eRj5DMLNL3qdItL 4ti/Oy0MevJ6G3yrwt9JkQamiNQqGP55z1dQeTeNhJ8hOMSoWTYn4mUNvoDQDuuh hCMF65A6jazUVemUF7UAKGDmcJ59aPccfhEBUEpkm8KPif5YFl3I2fUIe24apJX1 iYLayVk+ephH8D+YB+GoJzTvkusIiV8Bm2p05ZCHzg+YCugGMNlP10lonpVD7ovi 4ufxKuxE+MbeOGmVpcTuChz/k8HAclwTqS2Yq0vBEcgylUBrRkSacz1nLuCVAgMB AAGjggIRMIICDTAdBgNVHQ4EFgQUulcBwnR7fBQAJWvjHI1gd+rWeFgwHwYDVR0j BBgwFoAUH/8mPGQWO8WFFLU5wQN1zLVT114wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDMyNzA0My8wLzFGRkYyNjNDNjQxNjNCQzU4NTE0QjUzOUMxMDM3 NUNDQjU1M0Q3NUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUZGRjI2M0M2NDE2M0JDNTg1MTRCNTM5QzEwMzc1Q0NCNTUzRDc1RS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQzMjcwNDMvMC9BUzI0MzczLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIA ATA0MAwDBAMt/AgDBAIt/DADBAIt/GQDBAIt/JADBABnBuQwDAMEA2fc+AMEAmfd MAMEAmfdXDANBgkqhkiG9w0BAQsFAAOCAQEAFYxaoT6CfEXwfG+NlnBF9efUm3VC aPYrV2pN83jo6FU8MuTt8eHYsNWzhKUSkBXVYCdLLqZBDftFa/WsNpnFBdPN4lEj GHrG7ZzburmdciwbZBy8bTMD/WydCEjmvTM8Q+YdcUR+qIShNp+RLGGzo8BNsHuq huPZVS6JNkvOPHp2MgrN6pftyrCN1zrcODrOjI1zzisY3allVNmPpiH5TGs9zbrI aC9PALZyTReU5pGuF/2YJevrCy1Rrp3dx9EEQVj8irYZKIaHjb5TeyizjZkljRQj jNRXeSdhXOCZZrraBZCvAclwHX5+AKgWUsE9QaTj8tgMY/W61AP5TUDSMw== -----END CERTIFICATE-----Generated at Wed Apr 22 03:07:01 2026 by rpki-client