$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394785795/0/34332e3234302e302e302f32322d3234203d3e2034313334.roa File: 34332e3234302e302e302f32322d3234203d3e2034313334.roa (raw, json) Hash identifier: lza0XsbT0YZluC6kk46YqcvV0ATpcIK93dpyIT5f1Ko= Subject key identifier: D3:B9:CF:9F:6C:0E:46:32:B3:A2:6E:13:A4:71:E9:C7:B3:60:58:D1 Certificate issuer: /CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Certificate serial: 1DC3900CE8F7676553A4E4948B4AA8E814897A1A Authority key identifier: 71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/34332e3234302e302e302f32322d3234203d3e2034313334.roa Signing time: Fri 17 Apr 2026 01:39:19 +0000 ROA not before: Fri 17 Apr 2026 01:34:19 +0000 ROA not after: Fri 16 Apr 2027 01:39:19 +0000 asID: 4134 IP address blocks: 43.240.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 11:12:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:c3:90:0c:e8:f7:67:65:53:a4:e4:94:8b:4a:a8:e8:14:89:7a:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Validity Not Before: Apr 17 01:34:19 2026 GMT Not After : Apr 16 01:39:19 2027 GMT Subject: CN=D3B9CF9F6C0E4632B3A26E13A471E9C7B36058D1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:02:65:bd:34:5a:54:62:92:a0:96:5f:3a:01: 1f:35:84:5d:33:6d:00:a4:d5:5d:c3:08:2c:81:0d: ab:73:ef:bb:7a:6e:0c:26:09:6f:f8:8e:44:18:ac: 93:41:33:e3:ae:cd:3b:af:91:51:be:e6:ce:40:a8: ed:c5:c6:d3:d7:1b:96:70:45:aa:da:1c:cb:5c:2e: 6f:e8:ca:7a:02:87:7f:ed:ad:1a:67:e1:09:89:41: 22:78:b3:e2:02:ed:ac:d9:41:1e:04:e9:cc:63:3c: cd:e8:45:3f:14:fc:99:7d:4f:a0:38:d0:70:19:54: 77:dd:1e:96:a3:c0:71:53:a7:57:22:83:d1:3e:78: da:35:92:00:e3:25:44:a1:46:06:d5:d9:eb:45:3b: d6:ac:6b:07:6e:d6:ef:47:1c:05:81:bc:38:e7:00: 5b:e1:09:dd:c2:b6:bf:8e:72:be:d5:c6:9f:19:71: cb:dc:76:4f:08:6c:d2:6d:a8:29:7e:6f:5c:e3:df: 74:33:73:c2:4c:42:d2:30:49:96:f0:43:c6:fa:09: a8:3e:cd:e4:e2:1c:24:c3:26:5c:24:30:af:bd:b6: 96:53:13:42:61:17:e4:90:21:a2:89:f3:0f:22:7b: 3a:f6:75:8f:60:cf:c3:73:aa:9f:9f:de:5a:98:ff: 20:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:B9:CF:9F:6C:0E:46:32:B3:A2:6E:13:A4:71:E9:C7:B3:60:58:D1 X509v3 Authority Key Identifier: keyid:71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/34332e3234302e302e302f32322d3234203d3e2034313334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.0.0/22 Signature Algorithm: sha256WithRSAEncryption 26:89:e2:20:0e:16:d0:a6:47:47:e5:33:e2:91:a6:34:a7:7f: da:6a:e1:90:af:af:99:67:29:d4:d6:b4:a3:43:49:52:11:22: 41:c7:93:d0:ea:f2:ce:ae:45:10:64:95:11:79:f6:ee:ca:84: 8c:36:fa:ee:68:59:ab:76:03:f1:2e:43:85:f2:1b:ae:b6:d5: e6:9e:3c:8f:33:dc:29:81:4b:04:46:10:72:0f:aa:d9:39:c7: 24:70:63:42:d6:d4:f5:f5:46:24:15:2b:69:bd:99:c9:30:f9: 8a:0e:cd:ee:40:f9:58:26:57:a1:04:d3:5c:c6:c3:7e:21:f5: 72:8a:45:e3:79:06:be:12:c1:ca:f0:4f:1c:67:4c:18:f5:cb: 61:9f:df:9d:7f:2f:cb:f7:16:c8:5b:b0:b9:72:cd:ba:e1:42: ef:3b:f1:39:9c:7b:41:2a:bf:22:47:1e:28:4f:61:20:1e:41: 0a:46:fc:96:dc:96:4f:ef:f1:b7:91:a4:cf:50:0a:ac:a2:1b: 03:b7:e6:15:a8:63:d7:30:63:f2:c2:e4:dd:23:eb:fa:b9:94: c6:a1:99:b1:e2:22:79:a8:a2:e4:53:2e:ee:0d:96:64:69:c7: d5:53:24:97:f8:d2:b3:5e:90:c8:a8:dd:5e:10:a3:6a:e5:75: 39:b1:74:08 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIUHcOQDOj3Z2VTpOSUi0qo6BSJehowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FD MjlBMjU0RTAeFw0yNjA0MTcwMTM0MTlaFw0yNzA0MTYwMTM5MTlaMDMxMTAvBgNV BAMTKEQzQjlDRjlGNkMwRTQ2MzJCM0EyNkUxM0E0NzFFOUM3QjM2MDU4RDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyAmW9NFpUYpKgll86AR81hF0z bQCk1V3DCCyBDatz77t6bgwmCW/4jkQYrJNBM+OuzTuvkVG+5s5AqO3FxtPXG5Zw RaraHMtcLm/oynoCh3/trRpn4QmJQSJ4s+IC7azZQR4E6cxjPM3oRT8U/Jl9T6A4 0HAZVHfdHpajwHFTp1cig9E+eNo1kgDjJUShRgbV2etFO9asawdu1u9HHAWBvDjn AFvhCd3Ctr+Ocr7Vxp8Zccvcdk8IbNJtqCl+b1zj33Qzc8JMQtIwSZbwQ8b6Cag+ zeTiHCTDJlwkMK+9tpZTE0JhF+SQIaKJ8w8iezr2dY9gz8Nzqp+f3lqY/yAbAgMB AAGjggINMIICCTAdBgNVHQ4EFgQU07nPn2wORjKzom4TpHHpx7NgWNEwHwYDVR0j BBgwFoAUccm/5Mj9fnd6HJ5V36YKOsKaJU4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDc4NTc5NS8wLzcxQzlCRkU0QzhGRDdFNzc3QTFDOUU1NURGQTYw QTNBQzI5QTI1NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FDMjlBMjU0RS5jZXIw gYYGCCsGAQUFBwELBHoweDB2BggrBgEFBQcwC4ZqcnN5bmM6Ly9ycGtpLXJwcy5j bm5pYy5jbi9yZXBvL0ExMDY1NTc5NTM0Mzk0Nzg1Nzk1LzAvMzQzMzJlMzIzNDMw MmUzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzEzMzM0LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC K/AAMA0GCSqGSIb3DQEBCwUAA4IBAQAmieIgDhbQpkdH5TPikaY0p3/aauGQr6+Z ZynU1rSjQ0lSESJBx5PQ6vLOrkUQZJURefbuyoSMNvruaFmrdgPxLkOF8huuttXm njyPM9wpgUsERhByD6rZOcckcGNC1tT19UYkFStpvZnJMPmKDs3uQPlYJlehBNNc xsN+IfVyikXjeQa+EsHK8E8cZ0wY9cthn9+dfy/L9xbIW7C5cs264ULvO/E5nHtB Kr8iRx4oT2EgHkEKRvyW3JZP7/G3kaTPUAqsohsDt+YVqGPXMGPywuTdI+v6uZTG oZmx4iJ5qKLkUy7uDZZkacfVUySX+NKzXpDIqN1eEKNq5XU5sXQI -----END CERTIFICATE-----Generated at Mon Apr 27 13:50:50 2026 by rpki-client