$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4811.roa File: AS4811.roa (raw, json) Hash identifier: yMoj7PxfBaSOZK1slJuYK11svJr6BItX+yIgQmO9cac= Subject key identifier: 39:17:FE:5D:FF:D9:5D:E5:93:28:66:35:87:C3:23:5B:59:92:F8:1B Certificate issuer: /CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Certificate serial: 7C1F2518AA14D1A1041D4C198AA6A342E30C842E Authority key identifier: C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4811.roa Signing time: Tue 26 May 2026 06:00:37 +0000 ROA not before: Tue 26 May 2026 05:55:37 +0000 ROA not after: Tue 25 May 2027 06:00:37 +0000 asID: 4811 IP address blocks: 43.240.126.0/23 maxlen: 23 43.254.44.0/23 maxlen: 23 43.254.46.0/23 maxlen: 23 103.6.220.0/24 maxlen: 24 103.6.221.0/24 maxlen: 24 103.6.222.0/24 maxlen: 24 103.6.223.0/24 maxlen: 24 103.20.250.0/24 maxlen: 24 103.20.251.0/24 maxlen: 24 103.36.132.0/23 maxlen: 23 103.36.134.0/23 maxlen: 23 103.36.136.0/24 maxlen: 24 103.36.137.0/24 maxlen: 24 103.36.138.0/24 maxlen: 24 103.36.139.0/24 maxlen: 24 103.36.168.0/24 maxlen: 24 103.36.172.0/24 maxlen: 24 103.36.173.0/24 maxlen: 24 103.238.140.0/24 maxlen: 24 103.238.141.0/24 maxlen: 24 103.238.142.0/24 maxlen: 24 103.238.143.0/24 maxlen: 24 103.238.184.0/24 maxlen: 24 103.238.186.0/23 maxlen: 23 2403:a100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 05 Jun 2026 07:12:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:1f:25:18:aa:14:d1:a1:04:1d:4c:19:8a:a6:a3:42:e3:0c:84:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Validity Not Before: May 26 05:55:37 2026 GMT Not After : May 25 06:00:37 2027 GMT Subject: CN=3917FE5DFFD95DE59328663587C3235B5992F81B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b5:76:2f:12:f5:c9:d4:3b:be:43:83:39:16: 48:9a:2c:31:86:e6:a8:88:53:1b:5d:97:93:55:0b: b5:fb:3a:de:01:fc:15:82:1e:c2:6f:de:e2:f7:4a: 88:d8:9f:1c:d7:48:1e:fb:e9:83:4a:99:32:ac:d1: 3e:be:21:7a:ec:7c:68:ee:b4:73:d7:87:23:cb:fe: 37:d0:76:4f:c5:52:19:12:f2:7f:ec:d8:75:36:6a: 97:36:b4:cd:36:d0:9a:fc:75:10:f0:c5:b0:bf:d5: 16:4d:36:9c:28:66:60:c6:25:ea:0b:b6:98:25:52: 75:76:81:79:d5:82:92:bd:d9:86:8a:40:81:e1:af: b1:de:54:4c:14:b9:b5:20:d0:72:e6:d4:00:78:9e: 71:27:9b:62:21:30:f5:c3:58:a4:46:34:52:ef:e6: 09:09:78:fe:43:53:f6:e4:d2:d6:52:66:ae:92:6c: 69:f0:bf:90:d4:18:9b:99:fd:d4:d5:b3:94:0f:45: fc:18:a9:8b:8f:db:e0:9b:7b:a3:0a:1a:7b:b0:fa: db:b1:83:f4:cc:61:e5:e5:aa:c0:bf:65:86:59:cf: 45:8c:bb:50:6a:c6:86:6a:f0:67:da:f6:40:1d:18: 0a:b0:27:98:58:76:5d:a1:f2:4d:c7:74:a5:d9:13: f4:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:17:FE:5D:FF:D9:5D:E5:93:28:66:35:87:C3:23:5B:59:92:F8:1B X509v3 Authority Key Identifier: keyid:C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4811.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.126.0/23 43.254.44.0/22 103.6.220.0/22 103.20.250.0/23 103.36.132.0-103.36.139.255 103.36.168.0/24 103.36.172.0/23 103.238.140.0/22 103.238.184.0/24 103.238.186.0/23 IPv6: 2403:a100::/48 Signature Algorithm: sha256WithRSAEncryption a6:dc:66:dd:8e:4d:d9:ae:07:f6:3e:fc:df:06:b3:60:70:f7: ed:02:53:89:0d:87:77:43:fa:c7:ff:0f:41:4c:d8:cf:79:d6: 48:80:ce:fc:57:d2:c2:32:01:72:65:d8:62:14:c9:64:20:69: 23:a6:9d:43:aa:ab:34:61:32:ad:79:0c:56:6f:b0:98:d2:38: 02:4f:be:2a:1b:4e:bd:df:8c:1e:c1:1c:53:3d:7b:19:24:51: 3e:b3:ce:f7:b1:fe:30:9d:c6:b0:3e:81:5c:cc:49:1b:08:0d: c8:75:e5:db:9f:7a:06:77:82:f6:74:54:95:7c:ec:52:b2:b8: 4a:df:a0:52:d3:10:c6:37:47:15:da:7e:47:0c:b8:f2:9d:f0: 7b:42:9f:12:99:1a:bc:a7:8b:9e:0d:2d:8a:45:4c:c1:55:35: 27:bd:7c:d6:90:47:1d:32:0c:95:27:f1:6c:92:85:0c:84:01: c0:56:62:de:83:96:34:d9:90:0a:46:7d:0a:e9:14:1b:04:0a: 85:66:b0:16:bc:83:ab:21:9f:06:17:c0:e2:91:61:cb:83:a9: 70:73:ee:36:d2:6b:c1:5e:68:27:41:c3:72:81:eb:c8:1b:7b: cb:ed:bb:91:aa:b7:bb:dc:92:6b:75:68:30:ed:91:47:a9:a5: 38:5d:38:af -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgIUfB8lGKoU0aEEHUwZiqajQuMMhC4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQy MjEwNjQyNjAeFw0yNjA1MjYwNTU1MzdaFw0yNzA1MjUwNjAwMzdaMDMxMTAvBgNV BAMTKDM5MTdGRTVERkZEOTVERTU5MzI4NjYzNTg3QzMyMzVCNTk5MkY4MUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChtXYvEvXJ1Du+Q4M5FkiaLDGG 5qiIUxtdl5NVC7X7Ot4B/BWCHsJv3uL3SojYnxzXSB776YNKmTKs0T6+IXrsfGju tHPXhyPL/jfQdk/FUhkS8n/s2HU2apc2tM020Jr8dRDwxbC/1RZNNpwoZmDGJeoL tpglUnV2gXnVgpK92YaKQIHhr7HeVEwUubUg0HLm1AB4nnEnm2IhMPXDWKRGNFLv 5gkJeP5DU/bk0tZSZq6SbGnwv5DUGJuZ/dTVs5QPRfwYqYuP2+Cbe6MKGnuw+tux g/TMYeXlqsC/ZYZZz0WMu1BqxoZq8Gfa9kAdGAqwJ5hYdl2h8k3HdKXZE/StAgMB AAGjggIxMIICLTAdBgNVHQ4EFgQUORf+Xf/ZXeWTKGY1h8MjW1mS+BswHwYDVR0j BBgwFoAUyJiBsxX34hupSM+csR0axCIQZCYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjYzMjA2Mjk5NzE2ODEzMS8wL0M4OTg4MUIzMTVGN0UyMUJBOTQ4Q0Y5Q0IxMUQx QUM0MjIxMDY0MjYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQyMjEwNjQyNi5jZXIw XAYIKwYBBQUHAQsEUDBOMEwGCCsGAQUFBzALhkByc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTY2MzIwNjI5OTcxNjgxMzEvMC9BUzQ4MTEucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwbgYIKwYBBQUHAQcBAf8EXzBdMEoEAgAB MEQDBAEr8H4DBAIr/iwDBAJnBtwDBAFnFPowDAMEAmckhAMEAmckiAMEAGckqAME AWckrAMEAmfujAMEAGfuuAMEAWfuujAPBAIAAjAJAwcAJAOhAAAAMA0GCSqGSIb3 DQEBCwUAA4IBAQCm3Gbdjk3Zrgf2PvzfBrNgcPftAlOJDYd3Q/rH/w9BTNjPedZI gM78V9LCMgFyZdhiFMlkIGkjpp1Dqqs0YTKteQxWb7CY0jgCT74qG06934wewRxT PXsZJFE+s873sf4wncawPoFczEkbCA3IdeXbn3oGd4L2dFSVfOxSsrhK36BS0xDG N0cV2n5HDLjynfB7Qp8SmRq8p4ueDS2KRUzBVTUnvXzWkEcdMgyVJ/FskoUMhAHA VmLeg5Y02ZAKRn0K6RQbBAqFZrAWvIOrIZ8GF8DikWHLg6lwc+420mvBXmgnQcNy gevIG3vL7buRqre73JJrdWgw7ZFHqaU4XTiv -----END CERTIFICATE-----Generated at Thu Jun 4 18:15:43 2026 by rpki-client