$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394785795/0/AS23650.roa File: AS23650.roa (raw, json) Hash identifier: VALlQJwjNOg8bDEnUEf1pM1KwzCi0dpBAy70p4EimUU= Subject key identifier: 65:F1:9A:41:78:67:31:54:D4:AF:6F:8E:94:76:22:5C:F6:35:4A:E3 Certificate issuer: /CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Certificate serial: 5BAD96785D613F535938C6C63AE1F11316EE6154 Authority key identifier: 71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/AS23650.roa Signing time: Thu 11 Jun 2026 07:36:00 +0000 ROA not before: Thu 11 Jun 2026 07:31:00 +0000 ROA not after: Thu 10 Jun 2027 07:36:00 +0000 asID: 23650 IP address blocks: 43.240.0.0/22 maxlen: 24 43.240.1.0/24 maxlen: 24 43.240.2.0/24 maxlen: 24 43.240.3.0/24 maxlen: 24 43.241.48.0/22 maxlen: 24 43.241.48.0/24 maxlen: 24 43.241.49.0/24 maxlen: 24 43.241.50.0/24 maxlen: 24 43.241.51.0/24 maxlen: 24 43.248.184.0/21 maxlen: 24 43.248.196.0/22 maxlen: 22 103.37.44.0/24 maxlen: 24 103.37.45.0/24 maxlen: 24 103.37.46.0/24 maxlen: 24 103.37.47.0/24 maxlen: 24 103.40.12.0/22 maxlen: 22 103.45.160.0/22 maxlen: 24 103.205.252.0/22 maxlen: 24 103.239.244.0/22 maxlen: 24 111.223.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Jun 2026 10:47:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:ad:96:78:5d:61:3f:53:59:38:c6:c6:3a:e1:f1:13:16:ee:61:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Validity Not Before: Jun 11 07:31:00 2026 GMT Not After : Jun 10 07:36:00 2027 GMT Subject: CN=65F19A4178673154D4AF6F8E9476225CF6354AE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:80:8d:75:b4:3d:47:3c:cf:63:c1:fd:55:6d: 4d:16:13:ce:39:86:3f:d3:bb:4f:2f:54:16:c3:fc: 27:97:23:ac:76:69:94:f2:47:39:b6:e9:6c:3f:0c: 95:c0:a4:91:6d:ba:38:02:b8:4f:25:79:f4:36:c7: f4:9e:71:08:68:7b:d8:9d:21:6c:46:f8:55:e0:d8: 39:e1:41:98:e1:32:db:f0:c9:bd:0f:a9:ed:1f:46: da:8f:54:94:4a:a5:27:85:d4:aa:4c:85:6b:39:63: af:62:c8:82:c9:bb:dc:c8:bd:27:23:05:d3:3b:2b: 1b:34:21:a0:04:44:f8:9c:47:02:5c:58:32:c2:a0: e4:57:44:26:71:b5:f1:7d:fd:e5:b7:39:f9:29:ed: f2:ad:3e:eb:01:2f:0d:ed:aa:88:86:62:19:08:ce: a2:39:24:b4:73:a9:84:d2:9a:05:13:fa:86:6d:78: db:18:a9:a9:08:3f:eb:c7:87:91:2e:99:18:b3:9f: 20:2f:dc:7b:de:9c:df:b9:55:d0:c6:26:ee:49:90: cb:1a:f9:d7:f4:36:63:c3:ab:ad:bc:19:1b:98:ae: 30:2d:ca:a6:90:9b:a0:d3:1c:b9:9d:cf:a0:40:ab: 05:35:20:bb:5b:37:76:83:93:d9:57:a7:ea:da:5a: df:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:F1:9A:41:78:67:31:54:D4:AF:6F:8E:94:76:22:5C:F6:35:4A:E3 X509v3 Authority Key Identifier: keyid:71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/AS23650.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.0.0/22 43.241.48.0/22 43.248.184.0/21 43.248.196.0/22 103.37.44.0/22 103.40.12.0/22 103.45.160.0/22 103.205.252.0/22 103.239.244.0/22 111.223.12.0/22 Signature Algorithm: sha256WithRSAEncryption 17:0b:f0:e0:ea:12:ee:26:f6:6f:c3:82:6d:c9:fc:53:0c:d6: 3b:2b:64:4c:68:05:35:60:fd:da:41:a8:d5:f1:21:ee:f7:15: 45:f5:1e:8b:6a:11:52:c4:a2:01:9a:6c:1f:dc:aa:fd:d5:ad: a7:9f:93:6a:9f:82:c7:96:6f:83:34:5b:73:75:7f:f5:c7:3c: e8:35:9a:c6:f3:c9:84:70:5a:7c:96:fd:03:05:1b:71:98:3f: 83:cd:0c:e2:0e:50:1e:66:69:a7:b6:42:c5:51:d8:e1:15:d4: 45:be:86:19:40:f3:eb:b5:fc:cc:ca:13:08:ff:9b:18:d4:28: 7c:b2:32:50:6d:c1:7b:59:d4:69:8c:fa:5b:fc:59:19:e8:54: 12:3f:83:d6:c9:2e:1b:b6:17:5d:c3:3b:6d:36:6d:50:1c:73: 78:f9:cb:19:d8:60:e6:9e:4c:62:43:9b:9d:5d:29:22:40:7c: 7c:cf:59:c7:a6:35:44:f8:f8:39:0a:3b:61:42:0b:0b:d3:a4: 3e:70:0d:30:7e:ee:b5:ce:2c:c1:b3:e0:9b:2e:58:d4:2c:65: 5e:be:70:45:80:18:04:9c:02:06:ee:bd:f9:d6:55:24:a9:f4: dd:9f:ff:aa:b7:0f:55:39:35:5a:a5:4b:e7:61:78:50:eb:5b: 26:e4:3e:94 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgIUW62WeF1hP1NZOMbGOuHxExbuYVQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FD MjlBMjU0RTAeFw0yNjA2MTEwNzMxMDBaFw0yNzA2MTAwNzM2MDBaMDMxMTAvBgNV BAMTKDY1RjE5QTQxNzg2NzMxNTRENEFGNkY4RTk0NzYyMjVDRjYzNTRBRTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCggI11tD1HPM9jwf1VbU0WE845 hj/Tu08vVBbD/CeXI6x2aZTyRzm26Ww/DJXApJFtujgCuE8lefQ2x/SecQhoe9id IWxG+FXg2DnhQZjhMtvwyb0Pqe0fRtqPVJRKpSeF1KpMhWs5Y69iyILJu9zIvScj BdM7Kxs0IaAERPicRwJcWDLCoORXRCZxtfF9/eW3Ofkp7fKtPusBLw3tqoiGYhkI zqI5JLRzqYTSmgUT+oZteNsYqakIP+vHh5EumRiznyAv3HvenN+5VdDGJu5JkMsa +df0NmPDq628GRuYrjAtyqaQm6DTHLmdz6BAqwU1ILtbN3aDk9lXp+raWt+FAgMB AAGjggIZMIICFTAdBgNVHQ4EFgQUZfGaQXhnMVTUr2+OlHYiXPY1SuMwHwYDVR0j BBgwFoAUccm/5Mj9fnd6HJ5V36YKOsKaJU4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDc4NTc5NS8wLzcxQzlCRkU0QzhGRDdFNzc3QTFDOUU1NURGQTYw QTNBQzI5QTI1NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FDMjlBMjU0RS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ3ODU3OTUvMC9BUzIzNjUwLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIA ATA8AwQCK/AAAwQCK/EwAwQDK/i4AwQCK/jEAwQCZyUsAwQCZygMAwQCZy2gAwQC Z838AwQCZ+/0AwQCb98MMA0GCSqGSIb3DQEBCwUAA4IBAQAXC/Dg6hLuJvZvw4Jt yfxTDNY7K2RMaAU1YP3aQajV8SHu9xVF9R6LahFSxKIBmmwf3Kr91a2nn5Nqn4LH lm+DNFtzdX/1xzzoNZrG88mEcFp8lv0DBRtxmD+DzQziDlAeZmmntkLFUdjhFdRF voYZQPPrtfzMyhMI/5sY1Ch8sjJQbcF7WdRpjPpb/FkZ6FQSP4PWyS4bthddwztt Nm1QHHN4+csZ2GDmnkxiQ5udXSkiQHx8z1nHpjVE+Pg5CjthQgsL06Q+cA0wfu61 zizBs+CbLljULGVevnBFgBgEnAIG7r351lUkqfTdn/+qtw9VOTVapUvnYXhQ61sm 5D6U -----END CERTIFICATE-----Generated at Fri Jun 12 02:23:44 2026 by rpki-client