$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4811.roa File: AS4811.roa (raw, json) Hash identifier: La8pyBLohCLOnHuC7bKjsqecZGznH+d59D+6nUVy/2k= Subject key identifier: 56:61:B4:B6:10:FC:3C:07:30:65:E1:23:E6:C9:E1:89:FB:46:75:DB Certificate issuer: /CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Certificate serial: 0517BEAFD42771F1A861800794E645E23513743F Authority key identifier: C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4811.roa Signing time: Mon 20 Apr 2026 05:08:23 +0000 ROA not before: Mon 20 Apr 2026 05:03:23 +0000 ROA not after: Mon 19 Apr 2027 05:08:23 +0000 asID: 4811 IP address blocks: 43.240.126.0/23 maxlen: 23 43.254.44.0/23 maxlen: 23 43.254.46.0/23 maxlen: 23 103.6.220.0/24 maxlen: 24 103.6.221.0/24 maxlen: 24 103.6.222.0/24 maxlen: 24 103.6.223.0/24 maxlen: 24 103.20.250.0/24 maxlen: 24 103.20.251.0/24 maxlen: 24 103.36.132.0/23 maxlen: 23 103.36.134.0/23 maxlen: 23 103.36.136.0/24 maxlen: 24 103.36.137.0/24 maxlen: 24 103.36.138.0/24 maxlen: 24 103.36.139.0/24 maxlen: 24 103.36.168.0/24 maxlen: 24 103.36.172.0/24 maxlen: 24 103.36.173.0/24 maxlen: 24 103.238.184.0/24 maxlen: 24 103.238.186.0/23 maxlen: 23 2403:a100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 05:32:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:17:be:af:d4:27:71:f1:a8:61:80:07:94:e6:45:e2:35:13:74:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Validity Not Before: Apr 20 05:03:23 2026 GMT Not After : Apr 19 05:08:23 2027 GMT Subject: CN=5661B4B610FC3C073065E123E6C9E189FB4675DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:20:78:c1:58:4c:4e:83:bf:e7:73:e1:65:2a: 7d:d4:27:8c:6a:2d:36:7c:27:56:91:68:1d:f6:02: 38:dd:72:be:c6:4b:8b:09:71:c0:99:3c:c2:14:52: 31:6a:99:2c:9b:2e:1c:2b:ae:e1:1f:e0:2b:03:59: b1:26:09:76:7b:b0:96:86:5f:c2:03:62:e8:2e:ce: de:c7:c3:4b:a9:96:1f:74:2c:22:62:b6:5c:0d:9c: 69:9b:3b:a2:25:c1:96:3b:5c:7f:67:83:41:5e:9e: e6:50:d2:f3:e3:49:52:88:ad:c2:54:e5:20:8a:ed: 6a:d2:d2:fa:34:bf:5e:80:c5:42:02:b5:fb:71:55: 42:b8:db:ac:9c:23:14:4e:c6:6f:7f:2f:01:9d:52: 84:0c:df:1c:db:15:82:cc:52:6d:98:52:04:da:4f: 6f:e5:9a:d0:5f:58:3a:93:b6:f2:e6:0f:c8:45:3c: 95:20:db:46:bc:85:6a:40:c3:f7:a3:57:fa:0d:43: 8a:fa:4f:ba:2a:55:c4:be:74:61:56:a3:e0:2e:c1: 84:7d:4c:2e:e5:c0:2c:f5:e2:0d:f5:e3:76:22:f1: e6:2a:f7:ad:05:99:26:1d:5e:72:4f:89:8d:a4:63: e5:1b:e2:50:42:90:1a:77:0e:05:cf:b9:f0:be:42: 80:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:61:B4:B6:10:FC:3C:07:30:65:E1:23:E6:C9:E1:89:FB:46:75:DB X509v3 Authority Key Identifier: keyid:C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4811.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.126.0/23 43.254.44.0/22 103.6.220.0/22 103.20.250.0/23 103.36.132.0-103.36.139.255 103.36.168.0/24 103.36.172.0/23 103.238.184.0/24 103.238.186.0/23 IPv6: 2403:a100::/48 Signature Algorithm: sha256WithRSAEncryption 3a:40:2e:bc:e4:4d:17:5f:1b:93:2e:a8:10:d8:6d:aa:05:fa: ad:cd:ed:73:7b:15:23:a2:93:47:21:3c:87:f9:2c:21:c1:ac: 56:a9:6e:e8:6d:ae:26:fd:2d:49:5f:90:ad:93:9b:6f:08:a4: a3:ad:c0:3f:cd:d1:fb:2f:8b:4a:00:93:43:de:2c:51:cf:58: 6b:6e:ba:67:48:a1:df:a0:f5:81:cc:aa:29:81:2b:81:5a:9a: 91:6e:70:7e:1f:77:77:9f:a3:24:90:d4:45:91:1f:64:25:1f: ed:e3:be:e0:c2:30:68:db:78:ea:14:e4:66:32:6e:a8:53:e4: 67:40:5e:08:b0:fe:4b:be:d2:ac:d1:0d:e5:2f:10:c6:3d:36: 29:dd:27:f2:49:c5:96:90:8e:cc:86:a4:37:a1:dc:01:db:5c: 3e:80:9f:6a:4f:aa:ed:f6:b0:e9:d2:6e:b7:28:a3:d6:3f:dd: 8a:ac:54:ef:87:83:0a:49:f9:f1:f8:d1:c9:fc:e8:5b:b7:e6: 0b:1e:15:ba:46:b1:24:21:33:6b:ee:43:00:56:a6:1e:35:1e: c8:81:7d:2c:2f:86:49:4f:93:7b:30:79:04:91:4d:09:ae:6c: 9d:b8:c2:30:a4:02:43:8a:35:43:d8:82:d9:b4:14:bf:a6:d0: da:7f:0c:a3 -----BEGIN CERTIFICATE----- MIIFITCCBAmgAwIBAgIUBRe+r9QncfGoYYAHlOZF4jUTdD8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQy MjEwNjQyNjAeFw0yNjA0MjAwNTAzMjNaFw0yNzA0MTkwNTA4MjNaMDMxMTAvBgNV BAMTKDU2NjFCNEI2MTBGQzNDMDczMDY1RTEyM0U2QzlFMTg5RkI0Njc1REIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgIHjBWExOg7/nc+FlKn3UJ4xq LTZ8J1aRaB32Ajjdcr7GS4sJccCZPMIUUjFqmSybLhwrruEf4CsDWbEmCXZ7sJaG X8IDYuguzt7Hw0uplh90LCJitlwNnGmbO6IlwZY7XH9ng0FenuZQ0vPjSVKIrcJU 5SCK7WrS0vo0v16AxUICtftxVUK426ycIxROxm9/LwGdUoQM3xzbFYLMUm2YUgTa T2/lmtBfWDqTtvLmD8hFPJUg20a8hWpAw/ejV/oNQ4r6T7oqVcS+dGFWo+AuwYR9 TC7lwCz14g3143Yi8eYq960FmSYdXnJPiY2kY+Ub4lBCkBp3DgXPufC+QoBDAgMB AAGjggIrMIICJzAdBgNVHQ4EFgQUVmG0thD8PAcwZeEj5snhiftGddswHwYDVR0j BBgwFoAUyJiBsxX34hupSM+csR0axCIQZCYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjYzMjA2Mjk5NzE2ODEzMS8wL0M4OTg4MUIzMTVGN0UyMUJBOTQ4Q0Y5Q0IxMUQx QUM0MjIxMDY0MjYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQyMjEwNjQyNi5jZXIw XAYIKwYBBQUHAQsEUDBOMEwGCCsGAQUFBzALhkByc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTY2MzIwNjI5OTcxNjgxMzEvMC9BUzQ4MTEucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwaAYIKwYBBQUHAQcBAf8EWTBXMEQEAgAB MD4DBAEr8H4DBAIr/iwDBAJnBtwDBAFnFPowDAMEAmckhAMEAmckiAMEAGckqAME AWckrAMEAGfuuAMEAWfuujAPBAIAAjAJAwcAJAOhAAAAMA0GCSqGSIb3DQEBCwUA A4IBAQA6QC685E0XXxuTLqgQ2G2qBfqtze1zexUjopNHITyH+SwhwaxWqW7oba4m /S1JX5Ctk5tvCKSjrcA/zdH7L4tKAJND3ixRz1hrbrpnSKHfoPWBzKopgSuBWpqR bnB+H3d3n6MkkNRFkR9kJR/t477gwjBo23jqFORmMm6oU+RnQF4IsP5LvtKs0Q3l LxDGPTYp3SfyScWWkI7MhqQ3odwB21w+gJ9qT6rt9rDp0m63KKPWP92KrFTvh4MK Sfnx+NHJ/Ohbt+YLHhW6RrEkITNr7kMAVqYeNR7IgX0sL4ZJT5N7MHkEkU0Jrmyd uMIwpAJDijVD2ILZtBS/ptDafwyj -----END CERTIFICATE-----Generated at Mon Apr 20 15:01:54 2026 by rpki-client