$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394720259/0/34332e3235352e3232382e302f32342d3234203d3e203536303430.roa File: 34332e3235352e3232382e302f32342d3234203d3e203536303430.roa (raw, json) Hash identifier: Fs/eVoDJxkSsdZZd/m+oGJow8E6PdhJkbqz+BcdMJ5I= Subject key identifier: 96:C0:F4:3B:06:6E:8C:4A:FC:DF:79:42:83:36:8F:2B:81:5D:69:21 Certificate issuer: /CN=2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A Certificate serial: 0960FECAAAFAB14DF4B8F2AAD3F3A181A132A8E1 Authority key identifier: 2D:0B:C1:65:5D:17:A3:AB:09:C9:1E:43:A3:2D:E8:D8:AB:21:35:1A Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/34332e3235352e3232382e302f32342d3234203d3e203536303430.roa Signing time: Mon 13 Apr 2026 03:57:51 +0000 ROA not before: Mon 13 Apr 2026 03:52:51 +0000 ROA not after: Mon 12 Apr 2027 03:57:51 +0000 asID: 56040 IP address blocks: 43.255.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 14 Apr 2026 09:53:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:60:fe:ca:aa:fa:b1:4d:f4:b8:f2:aa:d3:f3:a1:81:a1:32:a8:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A Validity Not Before: Apr 13 03:52:51 2026 GMT Not After : Apr 12 03:57:51 2027 GMT Subject: CN=96C0F43B066E8C4AFCDF794283368F2B815D6921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ed:34:ee:6e:79:7a:24:f5:81:a1:5f:fa:a0: 96:06:1d:09:dd:63:03:30:84:dd:b7:0e:e5:5f:4d: 8b:b8:98:20:27:4c:d1:e4:44:e0:6e:32:a7:23:d0: bb:38:5a:5a:e4:94:18:e9:53:0b:19:a8:76:60:2b: 4c:4b:37:a1:f0:f6:55:16:79:23:06:ef:0d:3b:39: c7:4b:af:54:c4:c2:44:d0:c1:74:a0:32:51:39:a0: 32:c8:ff:33:36:0a:b6:c9:c4:02:9f:3e:be:11:dc: 2e:2e:7e:35:6e:35:96:53:9d:33:e4:f1:c5:ed:4d: 47:d6:54:1f:bf:48:3c:1a:e1:5d:2d:50:9b:ad:22: 09:f3:39:8d:15:5e:f7:29:f1:5b:90:f9:d3:73:9c: 9c:33:df:9b:41:50:7f:15:06:db:dd:54:07:e9:11: 4b:14:37:2b:50:87:86:fe:7e:e4:97:8c:dd:20:35: b3:04:3d:b5:63:6c:cb:72:62:11:b5:ab:52:23:39: fd:cf:23:33:d3:f6:b1:f9:ff:7f:35:6e:8f:e4:36: b0:11:ea:27:69:94:2d:99:9b:13:50:30:9f:75:a1: d9:17:8b:98:a8:1c:ef:9c:2a:c3:d2:46:1d:6b:8a: 74:09:18:bd:b2:83:d4:9f:59:19:2d:6c:68:37:a7: 7a:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:C0:F4:3B:06:6E:8C:4A:FC:DF:79:42:83:36:8F:2B:81:5D:69:21 X509v3 Authority Key Identifier: keyid:2D:0B:C1:65:5D:17:A3:AB:09:C9:1E:43:A3:2D:E8:D8:AB:21:35:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/2D0BC1655D17A3AB09C91E43A32DE8D8AB21351A.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394720259/0/34332e3235352e3232382e302f32342d3234203d3e203536303430.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.255.228.0/24 Signature Algorithm: sha256WithRSAEncryption 14:fa:52:87:ca:8b:0d:fd:79:5e:ff:2d:bc:54:21:4b:fd:02: 25:e7:91:1e:a6:d2:28:47:dc:30:8a:4b:42:ad:79:7d:dd:15: 90:a5:53:7b:a6:40:2f:9f:7f:87:81:66:f3:ef:98:1b:2b:9f: a4:7c:75:ac:e8:aa:b7:7b:2c:d3:13:13:c9:08:0f:c4:4b:96: 51:c0:10:f5:95:8d:3c:c7:56:13:1e:cd:31:1c:db:68:57:30: 5c:43:cd:e8:01:5d:1c:43:d0:ba:c8:3f:36:f6:95:1c:d8:ed: 61:dc:a1:19:44:79:6c:ac:ab:7f:51:c1:21:c0:5a:9b:c4:ff: 11:bc:4b:a5:61:4f:14:d8:18:68:e6:3b:72:57:c4:63:33:29: 69:fb:35:6f:e0:e1:ea:56:5d:83:8b:48:ab:42:6c:f3:94:c4: d7:75:53:01:10:c5:a0:49:e2:44:b2:5f:ac:e5:96:e4:0a:b2: 52:e8:86:2a:9b:49:63:54:69:0f:9d:66:3b:88:4f:7f:af:cb: 2e:14:07:4d:0f:51:9b:13:40:17:45:d9:13:a0:a7:38:70:e4: af:45:60:75:7d:77:70:85:69:9a:90:b8:e2:3b:51:93:5b:e8: a5:b2:35:56:68:85:e9:a3:a6:10:23:b8:3d:27:65:e8:56:7c: 61:96:d3:97 -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgIUCWD+yqr6sU30uPKq0/OhgaEyqOEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMkQwQkMxNjU1RDE3QTNBQjA5QzkxRTQzQTMyREU4RDhB QjIxMzUxQTAeFw0yNjA0MTMwMzUyNTFaFw0yNzA0MTIwMzU3NTFaMDMxMTAvBgNV BAMTKDk2QzBGNDNCMDY2RThDNEFGQ0RGNzk0MjgzMzY4RjJCODE1RDY5MjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo7TTubnl6JPWBoV/6oJYGHQnd YwMwhN23DuVfTYu4mCAnTNHkROBuMqcj0Ls4WlrklBjpUwsZqHZgK0xLN6Hw9lUW eSMG7w07OcdLr1TEwkTQwXSgMlE5oDLI/zM2CrbJxAKfPr4R3C4ufjVuNZZTnTPk 8cXtTUfWVB+/SDwa4V0tUJutIgnzOY0VXvcp8VuQ+dNznJwz35tBUH8VBtvdVAfp EUsUNytQh4b+fuSXjN0gNbMEPbVjbMtyYhG1q1IjOf3PIzPT9rH5/381bo/kNrAR 6idplC2ZmxNQMJ91odkXi5ioHO+cKsPSRh1rinQJGL2yg9SfWRktbGg3p3p5AgMB AAGjggIUMIICEDAdBgNVHQ4EFgQUlsD0OwZujEr833lCgzaPK4FdaSEwHwYDVR0j BBgwFoAULQvBZV0Xo6sJyR5Doy3o2KshNRowDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDcyMDI1OS8wLzJEMEJDMTY1NUQxN0EzQUIwOUM5MUU0M0EzMkRF OEQ4QUIyMTM1MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMkQwQkMxNjU1RDE3QTNBQjA5QzkxRTQzQTMyREU4RDhBQjIxMzUxQS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS1ycHMu Y25uaWMuY24vcmVwby9BMTA2NTU3OTUzNDM5NDcyMDI1OS8wLzM0MzMyZTMyMzUz NTJlMzIzMjM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNjMwMzQzMC5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEACv/5DANBgkqhkiG9w0BAQsFAAOCAQEAFPpSh8qLDf15Xv8tvFQhS/0C JeeRHqbSKEfcMIpLQq15fd0VkKVTe6ZAL59/h4Fm8++YGyufpHx1rOiqt3ss0xMT yQgPxEuWUcAQ9ZWNPMdWEx7NMRzbaFcwXEPN6AFdHEPQusg/NvaVHNjtYdyhGUR5 bKyrf1HBIcBam8T/EbxLpWFPFNgYaOY7clfEYzMpafs1b+Dh6lZdg4tIq0Js85TE 13VTARDFoEniRLJfrOWW5AqyUuiGKptJY1RpD51mO4hPf6/LLhQHTQ9RmxNAF0XZ E6CnOHDkr0VgdX13cIVpmpC44jtRk1vopbI1VmiF6aOmECO4PSdl6FZ8YZbTlw== -----END CERTIFICATE-----Generated at Mon Apr 13 15:31:42 2026 by rpki-client