$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3130342e302f32322d3234203d3e20313331343833.roa File: 34332e3234382e3130342e302f32322d3234203d3e20313331343833.roa (raw, json) Hash identifier: tgWxX3m1YxXv++UEdlo6us4dALgve3lEBiH3PTK9xHM= Subject key identifier: 2E:D8:B7:05:55:F1:10:13:3C:EA:A4:1B:DD:49:2D:C4:0E:A4:96:BC Certificate issuer: /CN=532EC95D9EE276D965620B7E40CA50B4AB8FCB0B Certificate serial: 1D213E4F4986840A9F752B4982BD3440E3447B08 Authority key identifier: 53:2E:C9:5D:9E:E2:76:D9:65:62:0B:7E:40:CA:50:B4:AB:8F:CB:0B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3130342e302f32322d3234203d3e20313331343833.roa Signing time: Mon 20 Apr 2026 09:10:50 +0000 ROA not before: Mon 20 Apr 2026 09:05:50 +0000 ROA not after: Mon 19 Apr 2027 09:10:50 +0000 asID: 131483 IP address blocks: 43.248.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.crl rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:21:3e:4f:49:86:84:0a:9f:75:2b:49:82:bd:34:40:e3:44:7b:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=532EC95D9EE276D965620B7E40CA50B4AB8FCB0B Validity Not Before: Apr 20 09:05:50 2026 GMT Not After : Apr 19 09:10:50 2027 GMT Subject: CN=2ED8B70555F110133CEAA41BDD492DC40EA496BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:5c:3d:30:30:ac:6a:2e:64:d0:11:87:87:b5: 47:61:c0:a5:69:1a:54:76:e0:21:a6:8e:f5:bd:e2: 9a:01:b3:6b:a0:62:0f:1b:df:81:2a:be:9d:48:52: 97:95:4c:35:c0:35:ba:8c:c8:41:b3:43:76:10:3c: b9:8b:1e:ac:da:df:9b:78:53:c3:96:cc:0f:18:12: 43:f9:14:69:ac:92:6b:b8:48:c2:a3:a4:45:11:19: a0:92:cc:45:7f:79:dd:79:42:b6:8d:21:b3:a1:8f: 71:43:38:a0:26:25:e9:7a:8e:fc:c1:9f:46:56:c8: 1c:7f:f6:5f:dc:a8:37:64:00:89:88:dd:2c:98:ce: 79:84:e6:c0:85:18:cc:2b:47:42:4f:93:c5:32:ef: d2:05:cb:7e:2b:ad:56:74:6d:0e:78:63:f7:c0:45: 2c:b5:1f:13:74:94:06:93:71:4e:c5:e2:b2:8b:f8: 19:f6:d1:37:7b:05:8c:dd:2e:4a:b1:ad:fc:8e:a4: eb:57:43:6e:74:c6:98:f0:f0:ef:4d:20:33:4c:09: ab:04:8b:85:0f:f6:b0:df:0f:23:54:00:46:fb:3a: 9d:e2:31:f3:54:3c:02:ec:2a:b4:18:cf:c9:3d:b1: 0c:9f:3e:1e:f9:3a:c9:ee:a9:6a:10:e3:88:a1:28: a1:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:D8:B7:05:55:F1:10:13:3C:EA:A4:1B:DD:49:2D:C4:0E:A4:96:BC X509v3 Authority Key Identifier: keyid:53:2E:C9:5D:9E:E2:76:D9:65:62:0B:7E:40:CA:50:B4:AB:8F:CB:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3130342e302f32322d3234203d3e20313331343833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.248.104.0/22 Signature Algorithm: sha256WithRSAEncryption ab:5b:24:ac:42:06:74:d5:a0:07:7b:5b:cd:1f:5c:cf:18:cd: 1b:ba:4a:8c:19:32:be:84:93:a4:88:be:68:a8:2a:3d:9d:a5: 55:53:fa:a3:40:9a:9d:de:b2:60:78:d6:3e:55:6d:e6:e9:ef: 2b:4d:38:69:6a:b6:c5:e6:40:21:b4:c2:8e:ef:bf:88:83:0a: 60:b3:63:30:75:fd:3e:4b:6b:6f:df:4b:3e:7b:25:72:67:be: 1e:f2:89:90:10:f4:fd:d2:1d:91:c6:64:b6:37:3c:be:3a:ac: 7c:86:02:48:83:d0:3e:49:b4:a4:20:2b:8b:cd:aa:24:b2:6a: b2:e4:97:0f:75:e4:b1:0b:15:0e:b9:db:2b:c6:6c:29:5e:d2: b4:5f:db:4c:ca:b1:8b:99:41:e6:0f:5e:8b:aa:cf:27:26:66: 58:a9:0b:f3:f3:65:b6:ea:7e:6a:62:b4:ac:b3:0d:d6:40:c7: 3a:a6:f4:9d:4a:f2:c4:fd:de:64:22:87:cb:6c:a9:03:8d:c5: 7c:46:1e:91:d7:e3:79:ef:1f:9c:ea:e8:fc:94:9f:0f:18:2a: 11:63:91:98:e1:0e:e9:f8:b8:0a:8b:75:f4:13:b7:47:56:74: 91:a5:0b:8b:d7:0a:3c:05:db:31:94:b6:23:be:33:03:56:da: 45:23:38:98 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUHSE+T0mGhAqfdStJgr00QONEewgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTMyRUM5NUQ5RUUyNzZEOTY1NjIwQjdFNDBDQTUwQjRB QjhGQ0IwQjAeFw0yNjA0MjAwOTA1NTBaFw0yNzA0MTkwOTEwNTBaMDMxMTAvBgNV BAMTKDJFRDhCNzA1NTVGMTEwMTMzQ0VBQTQxQkRENDkyREM0MEVBNDk2QkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbXD0wMKxqLmTQEYeHtUdhwKVp GlR24CGmjvW94poBs2ugYg8b34Eqvp1IUpeVTDXANbqMyEGzQ3YQPLmLHqza35t4 U8OWzA8YEkP5FGmskmu4SMKjpEURGaCSzEV/ed15QraNIbOhj3FDOKAmJel6jvzB n0ZWyBx/9l/cqDdkAImI3SyYznmE5sCFGMwrR0JPk8Uy79IFy34rrVZ0bQ54Y/fA RSy1HxN0lAaTcU7F4rKL+Bn20Td7BYzdLkqxrfyOpOtXQ250xpjw8O9NIDNMCasE i4UP9rDfDyNUAEb7Op3iMfNUPALsKrQYz8k9sQyfPh75OsnuqWoQ44ihKKFJAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQULti3BVXxEBM86qQb3UktxA6klrwwHwYDVR0j BBgwFoAUUy7JXZ7idtllYgt+QMpQtKuPywswDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 ODQ5MDQ5NjYxNzAyMTQ0Mi8wLzUzMkVDOTVEOUVFMjc2RDk2NTYyMEI3RTQwQ0E1 MEI0QUI4RkNCMEIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNTMyRUM5NUQ5RUUyNzZEOTY1NjIwQjdFNDBDQTUwQjRBQjhGQ0IwQi5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTg0OTA0OTY2MTcwMjE0NDIvMC8zNDMzMmUzMjM0 MzgyZTMxMzAzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMxMzMzMTM0MzgzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAiv4aDANBgkqhkiG9w0BAQsFAAOCAQEAq1skrEIGdNWgB3tbzR9c zxjNG7pKjBkyvoSTpIi+aKgqPZ2lVVP6o0Cand6yYHjWPlVt5unvK004aWq2xeZA IbTCju+/iIMKYLNjMHX9Pktrb99LPnslcme+HvKJkBD0/dIdkcZktjc8vjqsfIYC SIPQPkm0pCAri82qJLJqsuSXD3XksQsVDrnbK8ZsKV7StF/bTMqxi5lB5g9ei6rP JyZmWKkL8/Nltup+amK0rLMN1kDHOqb0nUryxP3eZCKHy2ypA43FfEYekdfjee8f nOro/JSfDxgqEWORmOEO6fi4Cot19BO3R1Z0kaULi9cKPAXbMZS2I74zA1baRSM4 mA== -----END CERTIFICATE-----Generated at Wed Apr 22 04:05:10 2026 by rpki-client