$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS17621.roa File: AS17621.roa (raw, json) Hash identifier: nahdGimnu/0MkhQvX4dEgqzTzP3nDR2/FfUJ8y5zdRk= Subject key identifier: 4C:47:54:32:BA:4D:55:1F:D8:BC:0A:E8:96:55:5A:45:46:DE:17:11 Certificate issuer: /CN=1B27C26F8F7ECE53972D80933F503C09222E8F9F Certificate serial: 71C8642D3F218B991AE869BAF6A0161753720E34 Authority key identifier: 1B:27:C2:6F:8F:7E:CE:53:97:2D:80:93:3F:50:3C:09:22:2E:8F:9F Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS17621.roa Signing time: Mon 20 Apr 2026 08:45:03 +0000 ROA not before: Mon 20 Apr 2026 08:40:03 +0000 ROA not after: Mon 19 Apr 2027 08:45:03 +0000 asID: 17621 IP address blocks: 43.243.148.0/22 maxlen: 22 43.243.148.0/23 maxlen: 23 43.243.150.0/23 maxlen: 23 103.38.232.0/22 maxlen: 22 103.38.232.0/23 maxlen: 23 103.38.234.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.crl rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Apr 2026 06:07:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:c8:64:2d:3f:21:8b:99:1a:e8:69:ba:f6:a0:16:17:53:72:0e:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1B27C26F8F7ECE53972D80933F503C09222E8F9F Validity Not Before: Apr 20 08:40:03 2026 GMT Not After : Apr 19 08:45:03 2027 GMT Subject: CN=4C475432BA4D551FD8BC0AE896555A4546DE1711 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:b1:c2:15:65:2b:1a:af:88:08:af:59:80:88: 62:55:5c:fd:4b:92:e1:97:2b:f6:d1:10:da:94:5e: 96:49:bc:ce:64:c3:53:db:bc:63:e3:4c:c4:8a:ef: 35:db:1c:7c:2e:07:a9:54:4c:1e:20:54:2d:35:d7: 7e:f6:89:c0:d5:5d:6e:88:83:33:f3:c4:3d:9e:21: 9f:d9:bd:9e:4f:58:a5:6c:83:71:fc:33:ae:81:16: dd:38:6f:3c:eb:8e:24:ef:b4:a7:9c:d1:32:75:6c: 13:71:93:87:d1:ce:4f:f5:c4:0f:8e:37:59:5d:34: 74:dc:01:44:d0:a5:ee:0e:75:74:19:01:4b:03:61: e5:fb:f9:3e:4e:d9:69:b0:9e:de:86:c8:8c:c9:bd: 18:f0:b5:7a:62:a8:9a:5f:f2:e7:0c:52:6d:b2:7e: 36:31:58:7b:df:02:03:5b:c4:62:5e:08:ea:02:41: 56:a7:39:6e:0a:a7:f0:70:8e:b0:2b:20:b4:be:0d: 46:81:c6:93:39:94:f8:ca:46:bd:7d:09:64:07:25: 63:81:1c:ab:4e:99:82:0e:ee:73:9c:ff:5f:36:c4: ef:f4:cd:cd:78:c8:54:0a:9a:53:ab:5d:22:fb:99: 9d:6f:f1:6c:cd:5b:26:ca:01:22:51:fa:9a:92:86: d1:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:47:54:32:BA:4D:55:1F:D8:BC:0A:E8:96:55:5A:45:46:DE:17:11 X509v3 Authority Key Identifier: keyid:1B:27:C2:6F:8F:7E:CE:53:97:2D:80:93:3F:50:3C:09:22:2E:8F:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/1B27C26F8F7ECE53972D80933F503C09222E8F9F.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1B27C26F8F7ECE53972D80933F503C09222E8F9F.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1070955924073545731/0/AS17621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.243.148.0/22 103.38.232.0/22 Signature Algorithm: sha256WithRSAEncryption 21:3d:fe:28:ba:fc:ca:6b:08:e6:1b:e9:f0:9c:58:b6:d8:49: 1d:79:1f:da:f0:f7:e4:24:38:57:bc:e2:ee:39:b7:db:91:07: 7e:56:33:0b:cf:fa:14:a6:4d:70:23:f6:75:f2:21:38:17:df: da:76:dd:91:95:8a:68:06:d5:96:6b:62:59:a7:6e:e0:34:b8: 11:c4:be:01:b9:fe:ca:a4:ec:2a:e4:2c:9f:28:b1:79:16:d0: 46:32:f8:34:be:93:06:ca:42:77:db:18:05:5a:b1:a4:b8:0e: d9:d6:73:e7:b7:54:b6:70:63:0b:c5:98:e9:32:bf:c2:50:43: d5:c7:4d:e1:74:76:7e:de:d8:00:33:ec:47:5c:0f:45:24:d5: ad:1a:01:ca:9d:a5:56:53:72:7e:22:a4:2f:f6:d7:c2:e4:4f: be:d1:6f:7e:c4:2f:b6:f2:9d:ae:66:85:54:8a:a3:53:b1:98: d9:dc:50:6b:9c:9c:5b:11:f2:b5:bc:6a:ef:06:4b:0c:21:76: 3f:4c:1c:42:dc:93:12:5e:6c:9c:78:23:51:7b:78:ae:7f:49: 66:1d:82:e7:86:d4:29:4f:31:38:ae:64:c2:dd:25:a8:90:85: 31:b6:4c:4e:37:8a:34:11:45:9e:28:e5:15:a7:5d:c8:ee:35: 0c:bd:49:cb -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIUcchkLT8hi5ka6Gm69qAWF1NyDjQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUIyN0MyNkY4RjdFQ0U1Mzk3MkQ4MDkzM0Y1MDNDMDky MjJFOEY5RjAeFw0yNjA0MjAwODQwMDNaFw0yNzA0MTkwODQ1MDNaMDMxMTAvBgNV BAMTKDRDNDc1NDMyQkE0RDU1MUZEOEJDMEFFODk2NTU1QTQ1NDZERTE3MTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYscIVZSsar4gIr1mAiGJVXP1L kuGXK/bRENqUXpZJvM5kw1PbvGPjTMSK7zXbHHwuB6lUTB4gVC011372icDVXW6I gzPzxD2eIZ/ZvZ5PWKVsg3H8M66BFt04bzzrjiTvtKec0TJ1bBNxk4fRzk/1xA+O N1ldNHTcAUTQpe4OdXQZAUsDYeX7+T5O2Wmwnt6GyIzJvRjwtXpiqJpf8ucMUm2y fjYxWHvfAgNbxGJeCOoCQVanOW4Kp/BwjrArILS+DUaBxpM5lPjKRr19CWQHJWOB HKtOmYIO7nOc/182xO/0zc14yFQKmlOrXSL7mZ1v8WzNWybKASJR+pqShtGLAgMB AAGjggHpMIIB5TAdBgNVHQ4EFgQUTEdUMrpNVR/YvArollVaRUbeFxEwHwYDVR0j BBgwFoAUGyfCb49+zlOXLYCTP1A8CSIuj58wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA3 MDk1NTkyNDA3MzU0NTczMS8wLzFCMjdDMjZGOEY3RUNFNTM5NzJEODA5MzNGNTAz QzA5MjIyRThGOUYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUIyN0MyNkY4RjdFQ0U1Mzk3MkQ4MDkzM0Y1MDNDMDkyMjJFOEY5Ri5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNzA5NTU5MjQwNzM1NDU3MzEvMC9BUzE3NjIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIA ATAMAwQCK/OUAwQCZyboMA0GCSqGSIb3DQEBCwUAA4IBAQAhPf4ouvzKawjmG+nw nFi22EkdeR/a8PfkJDhXvOLuObfbkQd+VjMLz/oUpk1wI/Z18iE4F9/adt2RlYpo BtWWa2JZp27gNLgRxL4Buf7KpOwq5CyfKLF5FtBGMvg0vpMGykJ32xgFWrGkuA7Z 1nPnt1S2cGMLxZjpMr/CUEPVx03hdHZ+3tgAM+xHXA9FJNWtGgHKnaVWU3J+IqQv 9tfC5E++0W9+xC+28p2uZoVUiqNTsZjZ3FBrnJxbEfK1vGrvBksMIXY/TBxC3JMS XmyceCNRe3iuf0lmHYLnhtQpTzE4rmTC3SWokIUxtkxON4o0EUWeKOUVp13I7jUM vUnL -----END CERTIFICATE-----Generated at Mon Apr 27 13:33:47 2026 by rpki-client