$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1097433789786750977/0/34332e3234382e3133392e302f32342d3234203d3e20313531333032.roa File: 34332e3234382e3133392e302f32342d3234203d3e20313531333032.roa (raw, json) Hash identifier: AK+K+0XIaKSyfH3tOaCzhbJoDErfkhloUd+G63Q3Dmw= Subject key identifier: B9:70:1B:17:E6:91:D7:D7:CD:C7:AC:F4:A0:86:E8:40:57:E6:CA:88 Certificate issuer: /CN=96E9344F9168341F216708A437FB9801FEBBBBB6 Certificate serial: 021B064314810E3677DBFF27FB99FB42399BB805 Authority key identifier: 96:E9:34:4F:91:68:34:1F:21:67:08:A4:37:FB:98:01:FE:BB:BB:B6 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/96E9344F9168341F216708A437FB9801FEBBBBB6.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1097433789786750977/0/34332e3234382e3133392e302f32342d3234203d3e20313531333032.roa Signing time: Mon 20 Apr 2026 08:17:19 +0000 ROA not before: Mon 20 Apr 2026 08:12:19 +0000 ROA not after: Mon 19 Apr 2027 08:17:19 +0000 asID: 151302 IP address blocks: 43.248.139.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1097433789786750977/0/96E9344F9168341F216708A437FB9801FEBBBBB6.crl rsync://rpki-rps.cnnic.cn/repo/A1097433789786750977/0/96E9344F9168341F216708A437FB9801FEBBBBB6.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/96E9344F9168341F216708A437FB9801FEBBBBB6.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:1b:06:43:14:81:0e:36:77:db:ff:27:fb:99:fb:42:39:9b:b8:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96E9344F9168341F216708A437FB9801FEBBBBB6 Validity Not Before: Apr 20 08:12:19 2026 GMT Not After : Apr 19 08:17:19 2027 GMT Subject: CN=B9701B17E691D7D7CDC7ACF4A086E84057E6CA88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a5:99:c2:3c:be:1d:37:b6:53:55:f4:31:6b: a6:f3:64:fa:4f:ad:20:9a:c1:f1:31:dd:48:d3:2c: 60:15:2e:9e:a0:40:15:61:c1:ef:7e:86:46:fa:bd: 08:99:62:5f:b4:dc:2e:9b:ed:a0:44:c0:78:80:06: d3:2c:10:af:cd:00:0f:ed:d1:42:c0:03:82:a6:e6: a6:f2:94:cf:be:60:f0:f5:11:64:e8:41:05:2d:70: 74:97:f8:1d:95:e8:b1:b7:9c:00:7d:03:9f:4e:fe: 34:c2:ad:1b:32:09:9e:c1:87:52:17:36:fa:cc:65: 0e:9e:44:07:5b:3b:4f:a7:e6:80:f5:88:6e:aa:23: 37:72:d0:af:61:74:a4:32:56:60:51:81:8f:e6:f0: 85:50:a2:da:82:5f:6d:38:d6:eb:4e:4e:52:bc:83: a6:18:77:18:cb:cd:4b:fb:d9:3d:d5:b8:f6:70:dc: ad:99:82:60:29:07:5b:db:26:7f:5d:30:60:24:63: 80:77:08:5c:88:ca:28:92:42:d2:3e:dd:3b:e8:f7: d1:ad:ed:42:9e:ad:d0:66:ff:82:dd:50:89:cf:1f: 98:00:51:e9:9f:0a:30:9f:b2:96:5b:7e:a6:9a:79: 87:d4:87:74:0f:4b:ee:5f:73:15:4c:43:b0:89:cc: d5:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:70:1B:17:E6:91:D7:D7:CD:C7:AC:F4:A0:86:E8:40:57:E6:CA:88 X509v3 Authority Key Identifier: keyid:96:E9:34:4F:91:68:34:1F:21:67:08:A4:37:FB:98:01:FE:BB:BB:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1097433789786750977/0/96E9344F9168341F216708A437FB9801FEBBBBB6.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/96E9344F9168341F216708A437FB9801FEBBBBB6.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1097433789786750977/0/34332e3234382e3133392e302f32342d3234203d3e20313531333032.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.248.139.0/24 Signature Algorithm: sha256WithRSAEncryption 47:50:91:46:37:bd:44:b3:94:96:3a:4b:d9:36:82:3c:65:37: 83:c7:25:d4:06:85:68:84:45:29:e7:74:e0:1a:65:ff:5d:70: d6:12:8f:3d:2c:9d:bd:23:8b:eb:d8:c0:1f:c6:fe:04:cd:01: fc:05:7d:2f:57:72:0a:f5:cf:a8:ad:74:2d:48:91:02:05:7c: ab:6c:78:c0:2e:e5:56:af:14:0f:c6:4e:27:72:61:49:16:d7: dc:d6:ec:74:da:e6:88:cc:22:f1:8a:6d:27:b2:c7:23:34:89: 65:07:59:75:ac:2f:5e:8d:05:fd:3a:b4:5b:a7:a3:02:a6:18: 2b:77:d7:52:8e:c8:8f:55:58:0d:44:4b:d4:52:fe:5e:3a:3f: 95:0e:1e:f0:39:45:c7:73:74:95:c1:b6:e5:b0:ae:1d:0e:76: 0f:c6:45:0b:22:16:b6:78:33:31:8b:b1:59:1c:d6:f1:71:1c: 8e:d8:15:ab:32:bd:29:fb:51:9d:85:d4:aa:4a:d0:fe:1a:11: 97:8d:3a:df:a5:6e:62:8a:db:df:b7:8d:b7:a1:cc:02:78:6f: 95:e1:ec:2a:a3:75:03:47:2f:09:f6:14:f6:7c:95:9c:c0:bc: 4b:c8:31:16:43:21:9b:81:ae:5a:3c:c2:30:3d:f4:02:04:38: a5:99:cd:f7 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUAhsGQxSBDjZ32/8n+5n7QjmbuAUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOTZFOTM0NEY5MTY4MzQxRjIxNjcwOEE0MzdGQjk4MDFG RUJCQkJCNjAeFw0yNjA0MjAwODEyMTlaFw0yNzA0MTkwODE3MTlaMDMxMTAvBgNV BAMTKEI5NzAxQjE3RTY5MUQ3RDdDREM3QUNGNEEwODZFODQwNTdFNkNBODgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvpZnCPL4dN7ZTVfQxa6bzZPpP rSCawfEx3UjTLGAVLp6gQBVhwe9+hkb6vQiZYl+03C6b7aBEwHiABtMsEK/NAA/t 0ULAA4Km5qbylM++YPD1EWToQQUtcHSX+B2V6LG3nAB9A59O/jTCrRsyCZ7Bh1IX NvrMZQ6eRAdbO0+n5oD1iG6qIzdy0K9hdKQyVmBRgY/m8IVQotqCX2041utOTlK8 g6YYdxjLzUv72T3VuPZw3K2ZgmApB1vbJn9dMGAkY4B3CFyIyiiSQtI+3Tvo99Gt 7UKerdBm/4LdUInPH5gAUemfCjCfspZbfqaaeYfUh3QPS+5fcxVMQ7CJzNV9AgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUuXAbF+aR19fNx6z0oIboQFfmyogwHwYDVR0j BBgwFoAUluk0T5FoNB8hZwikN/uYAf67u7YwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NzQzMzc4OTc4Njc1MDk3Ny8wLzk2RTkzNDRGOTE2ODM0MUYyMTY3MDhBNDM3RkI5 ODAxRkVCQkJCQjYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOTZFOTM0NEY5MTY4MzQxRjIxNjcwOEE0MzdGQjk4MDFGRUJCQkJCNi5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTc0MzM3ODk3ODY3NTA5NzcvMC8zNDMzMmUzMjM0 MzgyZTMxMzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMTMzMzAzMi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEACv4izANBgkqhkiG9w0BAQsFAAOCAQEAR1CRRje9RLOUljpL2TaC PGU3g8cl1AaFaIRFKed04Bpl/11w1hKPPSydvSOL69jAH8b+BM0B/AV9L1dyCvXP qK10LUiRAgV8q2x4wC7lVq8UD8ZOJ3JhSRbX3NbsdNrmiMwi8YptJ7LHIzSJZQdZ dawvXo0F/Tq0W6ejAqYYK3fXUo7Ij1VYDURL1FL+Xjo/lQ4e8DlFx3N0lcG25bCu HQ52D8ZFCyIWtngzMYuxWRzW8XEcjtgVqzK9KftRnYXUqkrQ/hoRl40636VuYorb 37eNt6HMAnhvleHsKqN1A0cvCfYU9nyVnMC8S8gxFkMhm4GuWjzCMD30AgQ4pZnN 9w== -----END CERTIFICATE-----Generated at Wed Apr 22 01:39:10 2026 by rpki-client