$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096727752351940609/0/34332e3232352e3132332e302f32342d3234203d3e20313339313732.roa File: 34332e3232352e3132332e302f32342d3234203d3e20313339313732.roa (raw, json) Hash identifier: 3rQdMoMH/usFIBOw6CpAJ7sN7d+nv+Y3aHWgFOpVNVg= Subject key identifier: 9B:64:54:46:FD:F8:0C:26:76:B1:00:D3:DC:97:FE:9F:6E:AF:63:13 Certificate issuer: /CN=1065E9E54D1C1537CE34B5EE445B93476EFDD00F Certificate serial: 3D501628E2857C5544AAE9670BA3C74FCEA93B4B Authority key identifier: 10:65:E9:E5:4D:1C:15:37:CE:34:B5:EE:44:5B:93:47:6E:FD:D0:0F Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1065E9E54D1C1537CE34B5EE445B93476EFDD00F.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096727752351940609/0/34332e3232352e3132332e302f32342d3234203d3e20313339313732.roa Signing time: Mon 01 Jun 2026 07:26:08 +0000 ROA not before: Mon 01 Jun 2026 07:21:08 +0000 ROA not after: Mon 31 May 2027 07:26:08 +0000 asID: 139172 IP address blocks: 43.225.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096727752351940609/0/1065E9E54D1C1537CE34B5EE445B93476EFDD00F.crl rsync://rpki-rps.cnnic.cn/repo/A1096727752351940609/0/1065E9E54D1C1537CE34B5EE445B93476EFDD00F.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1065E9E54D1C1537CE34B5EE445B93476EFDD00F.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 12 Jun 2026 23:13:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:50:16:28:e2:85:7c:55:44:aa:e9:67:0b:a3:c7:4f:ce:a9:3b:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1065E9E54D1C1537CE34B5EE445B93476EFDD00F Validity Not Before: Jun 1 07:21:08 2026 GMT Not After : May 31 07:26:08 2027 GMT Subject: CN=9B645446FDF80C2676B100D3DC97FE9F6EAF6313 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:89:c7:f9:48:ba:65:07:a5:17:74:7f:d2:41: fc:55:ee:cd:b3:ab:1c:a8:e5:81:02:71:12:dc:ca: c1:b5:d2:77:2a:aa:f0:40:86:c4:df:15:21:70:83: 4d:af:94:07:4f:e6:19:d9:ee:3c:9d:d7:9a:11:28: ce:8c:16:13:3b:0e:30:0f:e5:d8:b7:8f:8a:55:ce: 72:cd:fe:2d:96:d3:a6:53:36:cf:d2:71:be:d6:07: 03:07:bc:0a:37:11:d8:bb:4e:99:18:38:58:26:0a: 07:93:34:e3:e3:87:f5:75:a9:53:8c:a0:3f:d7:01: 2a:f7:7b:94:5f:f0:fb:8c:54:24:dc:ed:79:f3:7c: f4:9f:1b:29:04:a6:b1:45:02:96:bf:38:81:56:3c: 5d:84:89:1b:3c:f5:05:16:4f:bf:b8:2e:f3:e7:21: 42:6d:1b:a9:9a:60:22:68:39:f9:17:ab:2a:5c:17: 7f:04:c1:4f:1f:26:fa:0f:54:84:40:89:6b:35:44: b7:f9:0e:13:20:93:2e:1a:26:22:f0:4e:b4:0a:c0: 71:a4:ce:cf:87:e2:cc:a7:2e:ed:a9:7c:4c:32:19: 29:16:0c:55:26:22:e1:22:9c:a9:d4:54:ad:f8:16: 45:d6:36:40:bb:b3:27:07:f9:0a:68:4a:b1:df:c2: 04:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:64:54:46:FD:F8:0C:26:76:B1:00:D3:DC:97:FE:9F:6E:AF:63:13 X509v3 Authority Key Identifier: keyid:10:65:E9:E5:4D:1C:15:37:CE:34:B5:EE:44:5B:93:47:6E:FD:D0:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096727752351940609/0/1065E9E54D1C1537CE34B5EE445B93476EFDD00F.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/1065E9E54D1C1537CE34B5EE445B93476EFDD00F.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096727752351940609/0/34332e3232352e3132332e302f32342d3234203d3e20313339313732.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.225.123.0/24 Signature Algorithm: sha256WithRSAEncryption 52:3e:a4:8d:be:4f:de:81:4b:1d:df:f6:e1:98:88:95:16:49: 2f:70:0c:75:ac:04:37:a1:9f:86:ab:3d:37:d4:3f:aa:fa:5d: e5:c9:e2:aa:5d:5a:17:f0:d8:5c:9e:0c:8a:fb:4e:59:15:a8: 83:4d:93:b5:e0:48:00:9c:bd:7c:fa:f1:6e:4b:a9:9a:d0:e2: 32:da:81:3b:99:37:4c:e1:87:58:d6:8c:0a:3f:73:85:39:38: cb:6f:b0:e9:bb:fe:34:8c:24:54:3e:39:30:3d:a0:6c:7c:07: 00:39:60:44:0b:c8:a4:23:e6:f8:96:c8:96:b4:33:eb:09:3b: f5:ed:82:29:47:53:fc:6b:5c:23:35:27:40:a6:aa:6c:e1:6a: 15:aa:a8:86:67:2e:f3:b4:80:2e:6c:a4:ed:ac:d9:c9:68:a5: 26:d0:01:a0:e8:f3:2d:ff:cf:04:cb:b8:48:49:18:71:3f:dd: e3:b2:31:40:16:25:75:a8:db:87:39:b9:8f:53:85:3a:c6:1b: ef:50:c5:44:eb:53:3d:83:8b:f9:71:71:be:e6:8f:08:16:d9: 7f:35:ac:3c:41:66:06:73:1e:8c:8d:16:73:81:f6:aa:b2:fb: e4:ab:b1:a5:37:64:94:93:c2:9c:b2:23:8d:da:bb:8d:87:46: e4:14:60:dd -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUPVAWKOKFfFVEqulnC6PHT86pO0swDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMTA2NUU5RTU0RDFDMTUzN0NFMzRCNUVFNDQ1QjkzNDc2 RUZERDAwRjAeFw0yNjA2MDEwNzIxMDhaFw0yNzA1MzEwNzI2MDhaMDMxMTAvBgNV BAMTKDlCNjQ1NDQ2RkRGODBDMjY3NkIxMDBEM0RDOTdGRTlGNkVBRjYzMTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUicf5SLplB6UXdH/SQfxV7s2z qxyo5YECcRLcysG10ncqqvBAhsTfFSFwg02vlAdP5hnZ7jyd15oRKM6MFhM7DjAP 5di3j4pVznLN/i2W06ZTNs/Scb7WBwMHvAo3Edi7TpkYOFgmCgeTNOPjh/V1qVOM oD/XASr3e5Rf8PuMVCTc7XnzfPSfGykEprFFApa/OIFWPF2EiRs89QUWT7+4LvPn IUJtG6maYCJoOfkXqypcF38EwU8fJvoPVIRAiWs1RLf5DhMgky4aJiLwTrQKwHGk zs+H4synLu2pfEwyGSkWDFUmIuEinKnUVK34FkXWNkC7sycH+QpoSrHfwgRHAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUm2RURv34DCZ2sQDT3Jf+n26vYxMwHwYDVR0j BBgwFoAUEGXp5U0cFTfONLXuRFuTR2790A8wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjcyNzc1MjM1MTk0MDYwOS8wLzEwNjVFOUU1NEQxQzE1MzdDRTM0QjVFRTQ0NUI5 MzQ3NkVGREQwMEYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMTA2NUU5RTU0RDFDMTUzN0NFMzRCNUVFNDQ1QjkzNDc2RUZERDAwRi5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTY3Mjc3NTIzNTE5NDA2MDkvMC8zNDMzMmUzMjMy MzUyZTMxMzIzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzOTMxMzczMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEACvhezANBgkqhkiG9w0BAQsFAAOCAQEAUj6kjb5P3oFLHd/24ZiI lRZJL3AMdawEN6Gfhqs9N9Q/qvpd5cniql1aF/DYXJ4MivtOWRWog02TteBIAJy9 fPrxbkupmtDiMtqBO5k3TOGHWNaMCj9zhTk4y2+w6bv+NIwkVD45MD2gbHwHADlg RAvIpCPm+JbIlrQz6wk79e2CKUdT/GtcIzUnQKaqbOFqFaqohmcu87SALmyk7azZ yWilJtABoOjzLf/PBMu4SEkYcT/d47IxQBYldajbhzm5j1OFOsYb71DFROtTPYOL +XFxvuaPCBbZfzWsPEFmBnMejI0Wc4H2qrL75KuxpTdklJPCnLIjjdq7jYdG5BRg 3Q== -----END CERTIFICATE-----Generated at Fri Jun 12 04:48:58 2026 by rpki-client