$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4812.roa File: AS4812.roa (raw, json) Hash identifier: JwArBKR9c9+eUcjjt41E6DRfeYOE5WTHhxmuraNcBBU= Subject key identifier: 91:E2:A9:29:88:C6:34:91:9B:61:06:8B:D4:87:7C:7F:90:BF:8D:8D Certificate issuer: /CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Certificate serial: 69D096649D42FBD50FD34B33C25841018859D74D Authority key identifier: C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4812.roa Signing time: Mon 20 Apr 2026 05:02:12 +0000 ROA not before: Mon 20 Apr 2026 04:57:12 +0000 ROA not after: Mon 19 Apr 2027 05:02:12 +0000 asID: 4812 IP address blocks: 43.240.124.0/24 maxlen: 24 43.240.192.0/22 maxlen: 22 43.240.196.0/22 maxlen: 22 43.254.44.0/22 maxlen: 22 43.254.106.0/24 maxlen: 24 43.254.148.0/22 maxlen: 22 103.6.220.0/22 maxlen: 22 103.20.248.0/23 maxlen: 23 103.36.132.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 05:32:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:d0:96:64:9d:42:fb:d5:0f:d3:4b:33:c2:58:41:01:88:59:d7:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Validity Not Before: Apr 20 04:57:12 2026 GMT Not After : Apr 19 05:02:12 2027 GMT Subject: CN=91E2A92988C634919B61068BD4877C7F90BF8D8D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:e5:fc:ec:15:3b:1c:2f:6a:e0:88:60:ad:7f: 6d:75:a4:2a:6e:f5:22:a3:a7:9c:6b:c6:72:b7:6e: 30:83:11:ab:42:b9:8a:73:78:ce:bd:49:0f:c1:5e: 55:58:1c:69:08:5d:ed:9e:46:7a:d5:e2:ba:67:56: 72:90:fb:d9:de:39:87:87:ff:dc:9c:d9:66:5d:27: 7f:25:ed:29:6a:05:81:e9:c8:04:b2:e6:06:bb:29: 3e:30:7c:0f:c5:a7:71:74:e0:05:85:56:69:08:3e: 5c:ad:5a:a0:53:1c:5e:30:49:21:f4:b7:2e:e0:b5: ce:e6:ad:b7:4f:8b:e5:3b:28:86:56:e2:09:3d:4f: 85:5a:51:7e:9a:8d:ab:b6:3e:1d:6e:36:78:e3:c1: a9:35:46:fe:83:42:65:ff:b0:0c:83:57:b7:48:1f: 82:11:39:64:9f:f5:98:3a:24:ad:b2:f7:ea:6d:ac: 02:02:39:15:4a:fb:73:9b:73:aa:af:a8:73:e4:a8: 38:6e:e4:16:05:19:2b:ba:96:28:df:fc:20:71:36: ad:a6:ba:20:ef:83:67:6f:ba:0a:82:5c:5d:8f:8c: ac:08:c2:8b:44:86:61:69:c7:56:3a:a2:eb:1d:d1: 30:d4:51:b0:4f:60:c3:ea:47:3c:e9:32:83:dc:90: a8:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:E2:A9:29:88:C6:34:91:9B:61:06:8B:D4:87:7C:7F:90:BF:8D:8D X509v3 Authority Key Identifier: keyid:C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS4812.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.124.0/24 43.240.192.0/21 43.254.44.0/22 43.254.106.0/24 43.254.148.0/22 103.6.220.0/22 103.20.248.0/23 103.36.132.0/22 Signature Algorithm: sha256WithRSAEncryption ad:e6:9e:73:58:70:cc:6c:4f:bf:10:0f:89:6e:b4:65:9b:d0: 48:71:d3:87:d2:e4:46:c5:4f:5b:00:08:8d:79:cd:86:93:87: c1:5b:46:9c:83:de:da:1a:73:93:2c:21:de:2d:fe:fd:a7:43: a0:d4:28:07:6b:4c:8f:ee:4b:73:37:77:cf:18:cc:5c:db:7f: 31:74:54:61:41:a5:37:7a:39:61:02:29:e3:e5:f0:05:cc:93: b0:98:73:81:c4:d6:c5:e0:72:7d:2c:64:17:f0:cf:e0:4a:11: a5:bd:02:6c:43:85:b7:db:4f:62:29:5c:60:f3:c5:b3:9c:36: 53:7d:92:f8:13:7b:3d:43:30:ee:36:da:57:d3:13:35:e5:a8: ed:a2:09:89:f7:09:5d:55:f2:50:b9:7f:64:fe:f1:47:34:5b: bc:fa:5d:88:bc:ef:d2:f4:ec:ff:7f:76:10:08:52:32:77:62: a1:03:d5:f3:8b:c6:33:83:53:98:06:33:8d:63:dc:e2:92:1c: 57:06:07:4c:41:70:db:dc:ad:d1:ab:74:c8:d0:a6:06:a8:83: cb:a0:df:33:80:1b:1b:f5:da:68:7f:cb:f9:6e:62:13:72:6a: 94:cc:66:e4:b5:db:09:60:ca:92:55:56:4e:4b:fa:eb:3b:8b: f7:8b:51:57 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUadCWZJ1C+9UP00szwlhBAYhZ100wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQy MjEwNjQyNjAeFw0yNjA0MjAwNDU3MTJaFw0yNzA0MTkwNTAyMTJaMDMxMTAvBgNV BAMTKDkxRTJBOTI5ODhDNjM0OTE5QjYxMDY4QkQ0ODc3QzdGOTBCRjhEOEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj5fzsFTscL2rgiGCtf211pCpu 9SKjp5xrxnK3bjCDEatCuYpzeM69SQ/BXlVYHGkIXe2eRnrV4rpnVnKQ+9neOYeH /9yc2WZdJ38l7SlqBYHpyASy5ga7KT4wfA/Fp3F04AWFVmkIPlytWqBTHF4wSSH0 ty7gtc7mrbdPi+U7KIZW4gk9T4VaUX6ajau2Ph1uNnjjwak1Rv6DQmX/sAyDV7dI H4IROWSf9Zg6JK2y9+ptrAICORVK+3Obc6qvqHPkqDhu5BYFGSu6lijf/CBxNq2m uiDvg2dvugqCXF2PjKwIwotEhmFpx1Y6ousd0TDUUbBPYMPqRzzpMoPckKh5AgMB AAGjggIMMIICCDAdBgNVHQ4EFgQUkeKpKYjGNJGbYQaL1Id8f5C/jY0wHwYDVR0j BBgwFoAUyJiBsxX34hupSM+csR0axCIQZCYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjYzMjA2Mjk5NzE2ODEzMS8wL0M4OTg4MUIzMTVGN0UyMUJBOTQ4Q0Y5Q0IxMUQx QUM0MjIxMDY0MjYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQyMjEwNjQyNi5jZXIw XAYIKwYBBQUHAQsEUDBOMEwGCCsGAQUFBzALhkByc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTY2MzIwNjI5OTcxNjgxMzEvMC9BUzQ4MTIucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgAB MDADBAAr8HwDBAMr8MADBAIr/iwDBAAr/moDBAIr/pQDBAJnBtwDBAFnFPgDBAJn JIQwDQYJKoZIhvcNAQELBQADggEBAK3mnnNYcMxsT78QD4lutGWb0Ehx04fS5EbF T1sACI15zYaTh8FbRpyD3toac5MsId4t/v2nQ6DUKAdrTI/uS3M3d88YzFzbfzF0 VGFBpTd6OWECKePl8AXMk7CYc4HE1sXgcn0sZBfwz+BKEaW9AmxDhbfbT2IpXGDz xbOcNlN9kvgTez1DMO422lfTEzXlqO2iCYn3CV1V8lC5f2T+8Uc0W7z6XYi879L0 7P9/dhAIUjJ3YqED1fOLxjODU5gGM41j3OKSHFcGB0xBcNvcrdGrdMjQpgaog8ug 3zOAGxv12mh/y/luYhNyapTMZuS12wlgypJVVk5L+us7i/eLUVc= -----END CERTIFICATE-----Generated at Mon Apr 20 15:04:15 2026 by rpki-client