$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17799.roa File: AS17799.roa (raw, json) Hash identifier: g2Djm8WXZwoSTECHukd/9kOsslaL7weICZ2V4E4Q7UQ= Subject key identifier: EB:35:18:0C:61:45:C2:A8:69:C6:B8:3B:79:CC:AB:13:28:4F:81:FD Certificate issuer: /CN=A914EAE40000/serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E Certificate serial: 58F3F7A01ED42D5AAC0A112D8E6226DB3D359608 Authority key identifier: 19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17799.roa Signing time: Thu 21 May 2026 16:15:15 +0000 ROA not before: Thu 21 May 2026 16:10:15 +0000 ROA not after: Thu 20 May 2027 16:15:15 +0000 asID: 17799 IP address blocks: 42.248.152.0/21 maxlen: 21 42.249.128.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 May 2026 06:28:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:f3:f7:a0:1e:d4:2d:5a:ac:0a:11:2d:8e:62:26:db:3d:35:96:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914EAE40000, serialNumber=196F2188A356D1C42D39F6D165719B596B4CD91E Validity Not Before: May 21 16:10:15 2026 GMT Not After : May 20 16:15:15 2027 GMT Subject: CN=EB35180C6145C2A869C6B83B79CCAB13284F81FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:ba:ec:19:f4:a7:77:17:26:98:a0:fa:3a:3c: 42:87:26:80:b4:92:5e:b5:f0:e5:79:93:1a:f6:9e: 43:38:16:87:d9:68:2e:9e:94:da:81:84:05:d4:15: 8d:8d:5f:57:88:c8:24:dd:b3:85:79:6b:4a:2d:2f: cc:6d:33:49:51:2e:43:a9:01:5a:d9:ff:19:f3:bc: 85:f6:f8:2c:a5:36:13:2b:2f:cb:63:2c:aa:ad:94: 76:55:c7:4c:ff:e7:35:bc:10:cf:3c:58:d0:77:f6: aa:e9:91:0d:82:c2:55:5e:bc:1b:d8:66:1f:77:d8: 92:3b:96:1a:1a:04:0a:d7:f2:3f:bb:2c:1a:1e:60: b5:1a:f1:2e:8a:f4:7e:99:b9:71:8d:37:9a:76:94: 55:d6:b6:0b:be:d3:55:1a:9b:8f:35:f9:86:0c:ff: d8:7e:4a:f4:09:5e:ce:f8:18:8d:eb:0d:b9:0a:1c: 9c:61:22:77:8e:1a:36:dd:11:ac:7f:a5:9c:64:d9: d3:b7:78:31:6a:fb:89:b0:6a:31:02:a3:35:25:18: 33:76:db:fc:5f:0a:f2:08:75:ca:d8:c1:7d:68:07: 4c:b0:18:fd:91:0e:9d:64:5b:82:df:16:eb:f5:7d: 1d:8f:17:51:e8:67:a0:cd:1b:a8:0b:70:98:b9:65: 72:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:35:18:0C:61:45:C2:A8:69:C6:B8:3B:79:CC:AB:13:28:4F:81:FD X509v3 Authority Key Identifier: keyid:19:6F:21:88:A3:56:D1:C4:2D:39:F6:D1:65:71:9B:59:6B:4C:D9:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/196F2188A356D1C42D39F6D165719B596B4CD91E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW8hiKNW0cQtOfbRZXGbWWtM2R4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097099402905976835/1/AS17799.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 42.248.152.0/21 42.249.128.0/19 Signature Algorithm: sha256WithRSAEncryption 97:a1:92:1b:24:d1:25:fb:21:83:99:22:70:87:c8:88:4e:5e: 11:21:a2:9f:c3:02:dc:79:04:bc:67:e2:ae:3c:3c:8a:b9:3f: d6:f6:d7:28:20:23:32:b4:57:15:93:8b:35:6b:a6:53:37:29: 6f:0c:68:cb:9e:09:05:ee:54:29:47:02:d6:e6:8f:92:79:a4: 6d:e1:7a:0f:86:67:b8:7d:15:19:29:e7:e1:ba:29:33:ff:6d: 0d:bf:31:e7:b1:6e:e1:d2:f4:9f:f1:c8:05:fd:b1:8e:2b:0d: d5:85:ec:e0:1e:b0:c8:62:b9:e5:f7:77:1c:82:fd:38:5f:11: 90:75:d2:ec:08:ee:01:c1:d7:23:a2:33:6b:0c:cc:31:5c:13: 39:b5:d1:65:b3:7e:4b:43:30:9a:b5:b8:28:b7:f9:a2:a8:2f: 1f:87:ae:95:16:c9:4c:d2:fe:01:75:b9:2f:fa:0b:c2:e5:0a: 35:13:d1:4c:5b:4b:5a:e2:29:2f:da:9a:88:32:6d:43:04:00: 14:c7:52:50:96:29:d0:37:1c:ff:f8:c4:f6:d4:1f:22:38:e8: d9:c2:b1:f5:b8:04:21:6e:78:b8:65:af:1c:2d:ef:a7:d3:09: 7e:3f:d3:81:c4:72:15:d3:d1:a4:58:32:38:f6:1c:a2:a8:3e: 56:dc:cc:21 -----BEGIN CERTIFICATE----- MIIE9jCCA96gAwIBAgIUWPP3oB7ULVqsChEtjmIm2z01lggwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNEVBRTQwMDAwMTEwLwYDVQQFEygxOTZGMjE4OEEz NTZEMUM0MkQzOUY2RDE2NTcxOUI1OTZCNENEOTFFMB4XDTI2MDUyMTE2MTAxNVoX DTI3MDUyMDE2MTUxNVowMzExMC8GA1UEAxMoRUIzNTE4MEM2MTQ1QzJBODY5QzZC ODNCNzlDQ0FCMTMyODRGODFGRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIq67Bn0p3cXJpig+jo8QocmgLSSXrXw5XmTGvaeQzgWh9loLp6U2oGEBdQV jY1fV4jIJN2zhXlrSi0vzG0zSVEuQ6kBWtn/GfO8hfb4LKU2Eysvy2Msqq2UdlXH TP/nNbwQzzxY0Hf2qumRDYLCVV68G9hmH3fYkjuWGhoECtfyP7ssGh5gtRrxLor0 fpm5cY03mnaUVda2C77TVRqbjzX5hgz/2H5K9AlezvgYjesNuQocnGEid44aNt0R rH+lnGTZ07d4MWr7ibBqMQKjNSUYM3bb/F8K8gh1ytjBfWgHTLAY/ZEOnWRbgt8W 6/V9HY8XUehnoM0bqAtwmLllcmMCAwEAAaOCAekwggHlMB0GA1UdDgQWBBTrNRgM YUXCqGnGuDt5zKsTKE+B/TAfBgNVHSMEGDAWgBQZbyGIo1bRxC059tFlcZtZa0zZ HjAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGagZIZicnN5bmM6Ly9ycGtp LXJwcy5jbm5pYy5jbi9yZXBvL0ExMDk3MDk5NDAyOTA1OTc2ODM1LzEvMTk2RjIx ODhBMzU2RDFDNDJEMzlGNkQxNjU3MTlCNTk2QjRDRDkxRS5jcmwwfgYIKwYBBQUH AQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9z aXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvR1c4aGlLTlcw Y1F0T2ZiUlpYR2JXV3RNMlI0LmNlcjBdBggrBgEFBQcBCwRRME8wTQYIKwYBBQUH MAuGQXJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5NzA5OTQwMjkw NTk3NjgzNS8xL0FTMTc3OTkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAMq+JgDBAUq+YAwDQYJKoZIhvcN AQELBQADggEBAJehkhsk0SX7IYOZInCHyIhOXhEhop/DAtx5BLxn4q48PIq5P9b2 1yggIzK0VxWTizVrplM3KW8MaMueCQXuVClHAtbmj5J5pG3heg+GZ7h9FRkp5+G6 KTP/bQ2/MeexbuHS9J/xyAX9sY4rDdWF7OAesMhiueX3dxyC/ThfEZB10uwI7gHB 1yOiM2sMzDFcEzm10WWzfktDMJq1uCi3+aKoLx+HrpUWyUzS/gF1uS/6C8LlCjUT 0UxbS1riKS/amogybUMEABTHUlCWKdA3HP/4xPbUHyI46NnCsfW4BCFueLhlrxwt 76fTCX4/04HEchXT0aRYMjj2HKKoPlbczCE= -----END CERTIFICATE-----Generated at Sat May 23 07:08:15 2026 by rpki-client