$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/0/3134302e3234392e3230382e302f32322d3232203d3e203538353431.roa File: 3134302e3234392e3230382e302f32322d3232203d3e203538353431.roa (raw, json) Hash identifier: 1/zcOzN9aOexSwjbTep6GkzfL7k4B5YkVMzDc6SgLdg= Subject key identifier: 35:E5:2A:72:9D:2D:78:89:4E:53:06:B1:FE:FD:18:A9:9E:A2:7F:65 Certificate issuer: /CN=A914EAE40000/serialNumber=30AE85D3253EA2C99EAF6369615F5BC070CC5FB2 Certificate serial: 5965F84DFDDEE5009275780A89EBB5FE03B5FFA8 Authority key identifier: 30:AE:85:D3:25:3E:A2:C9:9E:AF:63:69:61:5F:5B:C0:70:CC:5F:B2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MK6F0yU-osmer2NpYV9bwHDMX7I.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/0/3134302e3234392e3230382e302f32322d3232203d3e203538353431.roa Signing time: Thu 28 May 2026 16:07:19 +0000 ROA not before: Thu 28 May 2026 16:02:19 +0000 ROA not after: Thu 27 May 2027 16:07:19 +0000 asID: 58541 IP address blocks: 140.249.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/0/30AE85D3253EA2C99EAF6369615F5BC070CC5FB2.crl rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/0/30AE85D3253EA2C99EAF6369615F5BC070CC5FB2.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MK6F0yU-osmer2NpYV9bwHDMX7I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 May 2026 19:46:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:65:f8:4d:fd:de:e5:00:92:75:78:0a:89:eb:b5:fe:03:b5:ff:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE40000, serialNumber=30AE85D3253EA2C99EAF6369615F5BC070CC5FB2 Validity Not Before: May 28 16:02:19 2026 GMT Not After : May 27 16:07:19 2027 GMT Subject: CN=35E52A729D2D78894E5306B1FEFD18A99EA27F65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1d:79:43:2d:a6:50:92:d3:ef:70:cc:85:0d: 50:a8:d2:70:51:92:6b:0e:6e:ad:ed:84:14:28:b4: 65:01:0f:6d:ee:6f:c1:de:38:ab:34:78:b2:38:25: 4b:d4:9e:ac:d3:9b:10:52:63:7c:8c:ed:5c:e0:41: f1:5c:5e:06:49:a5:6e:b2:a4:b0:06:29:83:b8:96: 9f:c0:04:9c:92:e5:7f:4c:e2:25:ab:e6:70:39:e3: de:07:2a:44:95:fb:d8:4e:51:f3:ca:dd:35:53:5a: 0c:1f:29:e3:7c:c9:4f:db:6b:5e:8d:af:a1:e6:80: 7e:34:7b:53:b3:01:82:7a:de:b0:49:c8:70:97:1d: f2:d3:8b:d4:b0:dc:c1:be:54:8a:6d:db:50:6d:87: 88:7c:af:f9:11:6d:6e:36:41:ea:05:4c:14:a4:24: ce:c3:dc:01:b3:90:7f:10:a8:45:df:61:0a:8f:ab: 79:57:46:00:69:33:bb:d1:c0:fd:71:ee:52:5e:eb: 03:46:c7:8b:3d:87:fd:56:ae:35:85:cb:a7:f9:60: 13:49:29:87:16:45:67:40:96:2f:71:d9:bd:4d:be: aa:f0:06:00:60:00:76:85:2d:6d:8f:ee:76:08:ed: 63:60:2d:c9:5c:13:69:97:82:52:5d:9f:81:83:1e: 4d:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:E5:2A:72:9D:2D:78:89:4E:53:06:B1:FE:FD:18:A9:9E:A2:7F:65 X509v3 Authority Key Identifier: keyid:30:AE:85:D3:25:3E:A2:C9:9E:AF:63:69:61:5F:5B:C0:70:CC:5F:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/0/30AE85D3253EA2C99EAF6369615F5BC070CC5FB2.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MK6F0yU-osmer2NpYV9bwHDMX7I.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/0/3134302e3234392e3230382e302f32322d3232203d3e203538353431.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.249.208.0/22 Signature Algorithm: sha256WithRSAEncryption a0:05:81:ae:0d:ba:42:36:4f:57:b5:c5:07:34:ca:db:3a:09: 52:22:c1:17:60:23:2b:bf:7e:c2:ab:50:28:83:75:b3:1c:25: 97:d0:03:b5:f6:bd:e2:91:35:d4:a8:f1:69:bc:9e:b8:14:9b: 3f:22:36:87:21:9a:a3:11:45:b0:b3:d4:9e:1f:76:cf:b7:2f: 5d:5b:ce:f7:4f:0f:47:83:17:de:88:f2:29:05:23:a1:90:4f: 34:d4:33:5e:6d:f8:f9:16:a2:5e:65:d5:12:15:26:3f:5b:01: c5:df:ed:01:ed:0d:46:46:a3:c8:39:d0:29:e5:24:71:be:92: 2a:9f:f7:a1:ff:9c:68:90:4b:e0:2f:a0:71:df:75:69:c6:09: b6:c8:65:be:fa:15:a9:2d:74:1e:93:1c:d4:3d:31:56:43:36: 27:4b:5d:2a:2e:8f:65:a1:87:57:2a:91:99:04:9c:85:d3:9e: fd:03:80:f6:f2:2d:9f:a1:33:97:97:63:9b:58:f0:ef:06:d7: b3:de:fb:be:ba:bc:7b:c0:e4:84:a9:93:fa:be:ba:63:b7:de: 6a:4c:04:ef:34:d8:8c:fc:35:93:65:fd:27:58:04:9c:d6:61: 62:d0:33:60:cd:4f:9e:70:e1:d9:f4:24:47:5f:22:cc:1f:3a: b8:60:49:a1 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgIUWWX4Tf3e5QCSdXgKieu1/gO1/6gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygzMEFFODVEMzI1 M0VBMkM5OUVBRjYzNjk2MTVGNUJDMDcwQ0M1RkIyMB4XDTI2MDUyODE2MDIxOVoX DTI3MDUyNzE2MDcxOVowMzExMC8GA1UEAxMoMzVFNTJBNzI5RDJENzg4OTRFNTMw NkIxRkVGRDE4QTk5RUEyN0Y2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMAdeUMtplCS0+9wzIUNUKjScFGSaw5ure2EFCi0ZQEPbe5vwd44qzR4sjgl S9SerNObEFJjfIztXOBB8VxeBkmlbrKksAYpg7iWn8AEnJLlf0ziJavmcDnj3gcq RJX72E5R88rdNVNaDB8p43zJT9trXo2voeaAfjR7U7MBgnresEnIcJcd8tOL1LDc wb5Uim3bUG2HiHyv+RFtbjZB6gVMFKQkzsPcAbOQfxCoRd9hCo+reVdGAGkzu9HA /XHuUl7rA0bHiz2H/VauNYXLp/lgE0kphxZFZ0CWL3HZvU2+qvAGAGAAdoUtbY/u dgjtY2AtyVwTaZeCUl2fgYMeTa8CAwEAAaOCAhcwggITMB0GA1UdDgQWBBQ15Spy nS14iU5TBrH+/RipnqJ/ZTAfBgNVHSMEGDAWgBQwroXTJT6iyZ6vY2lhX1vAcMxf sjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzAvMzBBRTg1 RDMyNTNFQTJDOTlFQUY2MzY5NjE1RjVCQzA3MENDNUZCMi5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJGRDFGRjIvTUs2RjB5VS1v c21lcjJOcFlWOWJ3SERNWDdJLmNlcjCBkAYIKwYBBQUHAQsEgYMwgYAwfgYIKwYB BQUHMAuGcnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQw MjkwNTk3NjgzNS8wLzMxMzQzMDJlMzIzNDM5MmUzMjMwMzgyZTMwMmYzMjMyMmQz MjMyMjAzZDNlMjAzNTM4MzUzNDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjPnQMA0GCSqGSIb3DQEB CwUAA4IBAQCgBYGuDbpCNk9XtcUHNMrbOglSIsEXYCMrv37Cq1Aog3WzHCWX0AO1 9r3ikTXUqPFpvJ64FJs/IjaHIZqjEUWws9SeH3bPty9dW873Tw9HgxfeiPIpBSOh kE801DNebfj5FqJeZdUSFSY/WwHF3+0B7Q1GRqPIOdAp5SRxvpIqn/eh/5xokEvg L6Bx33Vpxgm2yGW++hWpLXQekxzUPTFWQzYnS10qLo9loYdXKpGZBJyF0579A4D2 8i2foTOXl2ObWPDvBtez3vu+urx7wOSEqZP6vrpjt95qTATvNNiM/DWTZf0nWASc 1mFi0DNgzU+ecOHZ9CRHXyLMHzq4YEmh -----END CERTIFICATE-----Generated at Sat May 30 02:41:17 2026 by rpki-client