$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS17428.roa File: AS17428.roa (raw, json) Hash identifier: e/ULKElOqavWoA242IT/ZZxzH9PHsVAXBwW95iPT/jU= Subject key identifier: BA:D8:E1:22:81:49:70:09:B3:4A:66:9B:F9:E5:1E:08:58:DE:0E:B3 Certificate issuer: /CN=1C519CD1C415925E7FCE92FDA20FF18EC544C74B Certificate serial: 25CF9002885522E749FD1E09D8CE0432ABB4C43C Authority key identifier: 1C:51:9C:D1:C4:15:92:5E:7F:CE:92:FD:A2:0F:F1:8E:C5:44:C7:4B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS17428.roa Signing time: Mon 08 Jun 2026 02:23:34 +0000 ROA not before: Mon 08 Jun 2026 02:18:34 +0000 ROA not after: Mon 07 Jun 2027 02:23:34 +0000 asID: 17428 IP address blocks: 42.158.0.0/16 maxlen: 32 58.83.128.0/17 maxlen: 32 59.151.0.0/17 maxlen: 32 59.191.0.0/17 maxlen: 32 103.247.168.0/22 maxlen: 32 120.132.128.0/17 maxlen: 32 120.133.0.0/17 maxlen: 32 120.133.128.0/18 maxlen: 32 120.133.192.0/19 maxlen: 32 120.133.224.0/20 maxlen: 32 120.133.240.0/20 maxlen: 32 120.134.0.0/15 maxlen: 32 124.250.0.0/16 maxlen: 32 124.251.0.0/16 maxlen: 32 182.174.0.0/16 maxlen: 32 182.175.0.0/17 maxlen: 32 182.175.128.0/18 maxlen: 32 182.175.192.0/19 maxlen: 32 182.175.224.0/20 maxlen: 32 182.175.240.0/23 maxlen: 32 182.175.242.0/23 maxlen: 32 183.84.0.0/15 maxlen: 32 210.77.128.0/19 maxlen: 32 211.99.160.0/19 maxlen: 32 211.99.192.0/19 maxlen: 32 211.148.17.0/24 maxlen: 32 211.148.18.0/23 maxlen: 32 211.148.20.0/22 maxlen: 32 211.148.24.0/23 maxlen: 32 211.148.27.0/24 maxlen: 32 211.148.28.0/22 maxlen: 32 211.151.0.0/16 maxlen: 32 211.152.0.0/19 maxlen: 32 211.152.64.0/18 maxlen: 32 2403:a200::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.crl rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Jun 2026 19:59:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:cf:90:02:88:55:22:e7:49:fd:1e:09:d8:ce:04:32:ab:b4:c4:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1C519CD1C415925E7FCE92FDA20FF18EC544C74B Validity Not Before: Jun 8 02:18:34 2026 GMT Not After : Jun 7 02:23:34 2027 GMT Subject: CN=BAD8E12281497009B34A669BF9E51E0858DE0EB3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:13:c5:5d:69:dc:13:64:02:00:2f:e6:3a:ea: e5:08:2a:36:c4:49:43:73:ec:76:ba:3e:16:a4:90: 20:e2:e4:55:bd:9a:4a:c3:20:d1:07:1c:3a:f9:85: 4a:8d:39:09:e9:18:62:e2:f7:94:4a:9d:e8:34:3f: e3:68:33:5d:c4:c1:72:31:d2:8d:b8:98:28:86:22: 43:e8:f6:11:7d:2e:84:cf:38:8a:76:1f:12:86:00: ec:de:8a:8b:7e:5e:f6:bb:77:d9:8f:97:7c:e9:f0: d9:b4:a5:a9:f7:1d:87:41:74:da:cc:96:8e:1f:8a: a0:22:fa:73:f4:c4:55:8e:83:fe:e6:ae:9c:22:5b: e2:3f:cc:83:ec:90:e4:4d:9d:9f:a1:65:ab:17:14: 94:36:63:15:c0:cc:ec:20:51:c0:94:9e:54:6f:41: 85:a8:b7:ed:bf:e1:03:05:67:6b:c1:ff:88:16:96: 95:ed:22:c5:a8:41:62:bd:81:e1:85:8c:7d:6c:65: d1:c5:97:16:13:49:6f:02:37:ed:fd:f8:76:8b:c2: e5:10:50:15:86:68:58:41:c9:99:e0:d7:dc:60:7a: 70:d5:4a:f4:71:61:10:38:be:2a:3f:ea:05:82:62: 9f:ad:f4:be:b4:f9:5a:63:49:fb:54:c3:03:02:d8: 6d:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:D8:E1:22:81:49:70:09:B3:4A:66:9B:F9:E5:1E:08:58:DE:0E:B3 X509v3 Authority Key Identifier: keyid:1C:51:9C:D1:C4:15:92:5E:7F:CE:92:FD:A2:0F:F1:8E:C5:44:C7:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1C519CD1C415925E7FCE92FDA20FF18EC544C74B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096265459348537346/1/AS17428.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 42.158.0.0/16 58.83.128.0/17 59.151.0.0/17 59.191.0.0/17 103.247.168.0/22 120.132.128.0-120.135.255.255 124.250.0.0/15 182.174.0.0-182.175.243.255 183.84.0.0/15 210.77.128.0/19 211.99.160.0-211.99.223.255 211.148.17.0-211.148.25.255 211.148.27.0-211.148.31.255 211.151.0.0-211.152.31.255 211.152.64.0/18 IPv6: 2403:a200::/32 Signature Algorithm: sha256WithRSAEncryption 42:22:7d:b7:65:b8:65:fa:79:22:cd:9b:b4:5a:23:94:7c:c9: f8:a2:61:bf:d6:9f:eb:bd:dd:ee:2d:d6:9d:7b:96:88:3e:12: 83:10:41:49:1b:47:4e:04:2a:bb:85:2f:be:8b:f2:3d:c2:9a: 0e:55:4c:00:a1:15:1c:0c:8a:24:5b:2a:f3:b0:c8:fe:30:b7: c1:1a:d2:ae:e0:9b:56:30:5c:f8:47:19:fa:3a:ca:04:9f:1d: 0e:75:25:97:c2:4e:d4:e5:e0:ed:f1:0b:51:6c:de:38:6f:8f: 16:ae:f3:e6:6e:95:02:6b:fd:da:46:3d:c3:cb:9b:9a:f9:35: d9:e8:a4:db:15:e0:9f:7f:eb:3b:14:a1:9f:4f:03:aa:fa:71: b9:b3:7a:18:f5:ff:92:56:fa:f9:03:57:9c:40:e7:57:c9:b4: 9f:f5:9f:3e:9b:79:6b:bc:78:e5:01:ae:13:67:e6:e7:1a:71: 88:93:94:fb:60:87:85:a6:87:ef:cb:95:a8:c7:55:f2:c5:f6: a8:44:98:3a:f0:40:9f:7c:c0:0e:4b:c6:10:2a:e2:31:d7:8c: 6d:b7:09:43:24:a3:60:14:a8:55:ea:54:c3:20:9b:f9:85:ee: 0a:e4:f8:05:f5:69:c0:1d:ad:8a:8c:39:cb:30:4c:e8:ef:06: 39:1e:38:22 -----BEGIN CERTIFICATE----- MIIFazCCBFOgAwIBAgIUJc+QAohVIudJ/R4J2M4EMqu0xDwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMUM1MTlDRDFDNDE1OTI1RTdGQ0U5MkZEQTIwRkYxOEVD NTQ0Qzc0QjAeFw0yNjA2MDgwMjE4MzRaFw0yNzA2MDcwMjIzMzRaMDMxMTAvBgNV BAMTKEJBRDhFMTIyODE0OTcwMDlCMzRBNjY5QkY5RTUxRTA4NThERTBFQjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrE8VdadwTZAIAL+Y66uUIKjbE SUNz7Ha6PhakkCDi5FW9mkrDINEHHDr5hUqNOQnpGGLi95RKneg0P+NoM13EwXIx 0o24mCiGIkPo9hF9LoTPOIp2HxKGAOzeiot+Xva7d9mPl3zp8Nm0pan3HYdBdNrM lo4fiqAi+nP0xFWOg/7mrpwiW+I/zIPskORNnZ+hZasXFJQ2YxXAzOwgUcCUnlRv QYWot+2/4QMFZ2vB/4gWlpXtIsWoQWK9geGFjH1sZdHFlxYTSW8CN+39+HaLwuUQ UBWGaFhByZng19xgenDVSvRxYRA4vio/6gWCYp+t9L60+VpjSftUwwMC2G2NAgMB AAGjggJ1MIICcTAdBgNVHQ4EFgQUutjhIoFJcAmzSmab+eUeCFjeDrMwHwYDVR0j BBgwFoAUHFGc0cQVkl5/zpL9og/xjsVEx0swDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjI2NTQ1OTM0ODUzNzM0Ni8xLzFDNTE5Q0QxQzQxNTkyNUU3RkNFOTJGREEyMEZG MThFQzU0NEM3NEIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMUM1MTlDRDFDNDE1OTI1RTdGQ0U5MkZEQTIwRkYxOEVDNTQ0Qzc0Qi5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTYyNjU0NTkzNDg1MzczNDYvMS9BUzE3NDI4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCB iwQCAAEwgYQDAwAqngMEBzpTgAMEBzuXAAMEBzu/AAMEAmf3qDALAwQHeISAAwMD eIADAwF8+jALAwMBtq4DBAK2r/ADAwG3VAMEBdJNgDAMAwQF02OgAwQF02PAMAwD BADTlBEDBAHTlBgwDAMEANOUGwMEBdOUADALAwMA05cDBAXTmAADBAbTmEAwDQQC AAIwBwMFACQDogAwDQYJKoZIhvcNAQELBQADggEBAEIifbdluGX6eSLNm7RaI5R8 yfiiYb/Wn+u93e4t1p17log+EoMQQUkbR04EKruFL76L8j3Cmg5VTAChFRwMiiRb KvOwyP4wt8Ea0q7gm1YwXPhHGfo6ygSfHQ51JZfCTtTl4O3xC1Fs3jhvjxau8+Zu lQJr/dpGPcPLm5r5NdnopNsV4J9/6zsUoZ9PA6r6cbmzehj1/5JW+vkDV5xA51fJ tJ/1nz6beWu8eOUBrhNn5ucacYiTlPtgh4Wmh+/LlajHVfLF9qhEmDrwQJ98wA5L xhAq4jHXjG23CUMko2AUqFXqVMMgm/mF7grk+AX1acAdrYqMOcswTOjvBjkeOCI= -----END CERTIFICATE-----Generated at Fri Jun 12 04:32:41 2026 by rpki-client