$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394785795/0/AS56046.roa File: AS56046.roa (raw, json) Hash identifier: /FgQyFs5lRTbt2+GG8YcnktQBhLM69HXDzn61suONbY= Subject key identifier: C6:2E:DE:24:D9:C2:1B:C3:2F:24:91:D7:BA:7A:11:3C:9D:B9:0D:28 Certificate issuer: /CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Certificate serial: 10E37939F01D5B794611E9B8CC10939E50566914 Authority key identifier: 71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/AS56046.roa Signing time: Sat 16 May 2026 05:08:20 +0000 ROA not before: Sat 16 May 2026 05:03:20 +0000 ROA not after: Sat 15 May 2027 05:08:20 +0000 asID: 56046 IP address blocks: 43.240.0.0/24 maxlen: 24 43.240.1.0/24 maxlen: 24 43.240.2.0/24 maxlen: 24 43.240.3.0/24 maxlen: 24 43.241.48.0/24 maxlen: 24 43.241.49.0/24 maxlen: 24 43.241.50.0/24 maxlen: 24 43.241.51.0/24 maxlen: 24 43.248.184.0/21 maxlen: 21 43.248.192.0/20 maxlen: 20 43.248.200.0/22 maxlen: 22 43.248.200.0/23 maxlen: 23 43.248.202.0/23 maxlen: 23 43.248.204.0/22 maxlen: 22 103.37.44.0/24 maxlen: 24 103.37.45.0/24 maxlen: 24 103.37.46.0/24 maxlen: 24 103.37.47.0/24 maxlen: 24 103.40.12.0/22 maxlen: 22 103.45.160.0/22 maxlen: 24 103.83.72.0/22 maxlen: 22 103.87.180.0/22 maxlen: 22 103.205.252.0/22 maxlen: 22 103.239.244.0/22 maxlen: 24 111.223.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Jun 2026 23:56:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:e3:79:39:f0:1d:5b:79:46:11:e9:b8:cc:10:93:9e:50:56:69:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Validity Not Before: May 16 05:03:20 2026 GMT Not After : May 15 05:08:20 2027 GMT Subject: CN=C62EDE24D9C21BC32F2491D7BA7A113C9DB90D28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:6c:c1:31:10:e5:52:bf:c1:c7:07:3f:f2:ae: 5b:55:6f:05:91:9c:03:fa:95:a3:37:79:53:04:c3: bc:da:1d:cb:90:06:12:8d:7b:9c:8e:91:e8:7c:b7: 04:2c:0b:b4:6b:ae:b2:95:35:d8:6b:17:4d:48:ee: e2:c3:38:7c:5f:a3:cb:3c:dd:d1:ec:69:97:4a:8c: 22:cf:c6:78:a2:25:2e:ec:01:0e:f4:2a:71:56:bc: 5e:64:ea:cb:dc:31:61:90:31:e9:88:41:30:85:e2: fb:fb:cc:29:8f:5c:fd:ce:ff:b2:f8:43:58:86:83: c2:a4:b9:de:8c:55:9a:c1:45:92:57:2d:a0:c5:c1: 5f:ca:4f:f8:64:23:75:6c:0c:b5:bc:29:c7:cf:11: d7:0a:55:c1:4c:ca:45:54:80:6d:8b:d5:38:36:92: 30:be:75:0f:63:6c:2b:71:5e:12:1f:87:c7:87:7b: 84:2d:7e:9a:1b:c2:ac:52:0b:ee:a2:33:50:d1:c0: f2:6d:94:af:d3:c1:18:18:d4:00:73:fe:8b:b4:cc: 2f:fb:3f:eb:8f:7d:7c:be:18:18:6b:02:6b:c8:91: 61:ed:7c:49:0e:1b:67:98:da:32:be:71:4a:d0:79: c8:f4:a8:cc:13:f8:ff:c3:fa:e2:c2:aa:b3:17:46: 97:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:2E:DE:24:D9:C2:1B:C3:2F:24:91:D7:BA:7A:11:3C:9D:B9:0D:28 X509v3 Authority Key Identifier: keyid:71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/AS56046.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.0.0/22 43.241.48.0/22 43.248.184.0-43.248.207.255 103.37.44.0/22 103.40.12.0/22 103.45.160.0/22 103.83.72.0/22 103.87.180.0/22 103.205.252.0/22 103.239.244.0/22 111.223.12.0/22 Signature Algorithm: sha256WithRSAEncryption 8e:2b:f1:35:b3:60:55:3a:90:f2:50:98:cb:66:ed:11:04:47: 8c:e6:43:fd:3e:a8:ce:f0:66:ee:23:8a:ea:b2:ab:81:2d:9a: 59:bd:71:05:85:e0:86:5b:ee:e2:7b:27:0e:c9:93:40:51:6e: 8a:f4:94:2d:e2:6d:04:eb:e0:3f:c2:73:0e:46:a9:fb:00:2f: 36:84:8a:bb:05:9c:79:ec:57:06:cc:7a:64:8a:bc:17:81:d8: c1:03:c7:68:25:2b:22:85:f9:74:fe:d4:45:0a:1d:9d:ac:c6: 80:a1:6a:41:28:85:1f:7e:90:2f:06:83:22:78:ad:91:b8:5f: 67:a3:d6:a7:3e:66:80:df:dd:f9:54:f2:56:c2:75:01:1f:cd: dc:25:8a:76:3a:29:6f:56:66:e3:73:fe:11:a9:29:b1:29:5f: ca:84:f1:c5:47:b3:ed:b5:d3:98:4d:70:3a:9e:2d:d4:3f:39: 7e:9c:3a:22:12:2f:6d:74:50:ec:6e:5a:78:43:14:75:bf:90: 29:8e:45:a3:b1:ff:f6:36:40:b2:63:6c:43:7f:68:bb:35:05: 31:9a:11:30:ba:35:bf:6c:b5:1f:6c:f8:4d:e0:f9:aa:27:f4: c0:45:3c:47:38:07:37:2a:b1:bb:48:ec:21:47:e0:da:e2:bd: fe:5f:b0:63 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgIUEON5OfAdW3lGEem4zBCTnlBWaRQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FD MjlBMjU0RTAeFw0yNjA1MTYwNTAzMjBaFw0yNzA1MTUwNTA4MjBaMDMxMTAvBgNV BAMTKEM2MkVERTI0RDlDMjFCQzMyRjI0OTFEN0JBN0ExMTNDOURCOTBEMjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUbMExEOVSv8HHBz/yrltVbwWR nAP6laM3eVMEw7zaHcuQBhKNe5yOkeh8twQsC7RrrrKVNdhrF01I7uLDOHxfo8s8 3dHsaZdKjCLPxniiJS7sAQ70KnFWvF5k6svcMWGQMemIQTCF4vv7zCmPXP3O/7L4 Q1iGg8Kkud6MVZrBRZJXLaDFwV/KT/hkI3VsDLW8KcfPEdcKVcFMykVUgG2L1Tg2 kjC+dQ9jbCtxXhIfh8eHe4QtfpobwqxSC+6iM1DRwPJtlK/TwRgY1ABz/ou0zC/7 P+uPfXy+GBhrAmvIkWHtfEkOG2eY2jK+cUrQecj0qMwT+P/D+uLCqrMXRpeRAgMB AAGjggInMIICIzAdBgNVHQ4EFgQUxi7eJNnCG8MvJJHXunoRPJ25DSgwHwYDVR0j BBgwFoAUccm/5Mj9fnd6HJ5V36YKOsKaJU4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDc4NTc5NS8wLzcxQzlCRkU0QzhGRDdFNzc3QTFDOUU1NURGQTYw QTNBQzI5QTI1NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FDMjlBMjU0RS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ3ODU3OTUvMC9BUzU2MDQ2LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIA ATBKAwQCK/AAAwQCK/EwMAwDBAMr+LgDBAQr+MADBAJnJSwDBAJnKAwDBAJnLaAD BAJnU0gDBAJnV7QDBAJnzfwDBAJn7/QDBAJv3wwwDQYJKoZIhvcNAQELBQADggEB AI4r8TWzYFU6kPJQmMtm7REER4zmQ/0+qM7wZu4jiuqyq4Etmlm9cQWF4IZb7uJ7 Jw7Jk0BRbor0lC3ibQTr4D/Ccw5GqfsALzaEirsFnHnsVwbMemSKvBeB2MEDx2gl KyKF+XT+1EUKHZ2sxoChakEohR9+kC8GgyJ4rZG4X2ej1qc+ZoDf3flU8lbCdQEf zdwlinY6KW9WZuNz/hGpKbEpX8qE8cVHs+2105hNcDqeLdQ/OX6cOiISL210UOxu WnhDFHW/kCmORaOx//Y2QLJjbEN/aLs1BTGaETC6Nb9stR9s+E3g+aon9MBFPEc4 BzcqsbtI7CFH4Nrivf5fsGM= -----END CERTIFICATE-----Generated at Sat Jun 6 16:46:05 2026 by rpki-client