$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3132302e302f32312d3234203d3e20313331343833.roa File: 34332e3234382e3132302e302f32312d3234203d3e20313331343833.roa (raw, json) Hash identifier: hI/Kbn/3TYTPaqsdM9PJkWpeNk84CW2AtlnIxt/t8Iw= Subject key identifier: 87:3E:39:3A:0A:6B:C1:7B:FE:0F:5B:B0:CF:C4:D0:52:14:8B:3A:16 Certificate issuer: /CN=532EC95D9EE276D965620B7E40CA50B4AB8FCB0B Certificate serial: 3D0A232C134E824051B849E4A319F44D7AE7417C Authority key identifier: 53:2E:C9:5D:9E:E2:76:D9:65:62:0B:7E:40:CA:50:B4:AB:8F:CB:0B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3132302e302f32312d3234203d3e20313331343833.roa Signing time: Mon 20 Apr 2026 09:10:50 +0000 ROA not before: Mon 20 Apr 2026 09:05:50 +0000 ROA not after: Mon 19 Apr 2027 09:10:50 +0000 asID: 131483 IP address blocks: 43.248.120.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.crl rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:0a:23:2c:13:4e:82:40:51:b8:49:e4:a3:19:f4:4d:7a:e7:41:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=532EC95D9EE276D965620B7E40CA50B4AB8FCB0B Validity Not Before: Apr 20 09:05:50 2026 GMT Not After : Apr 19 09:10:50 2027 GMT Subject: CN=873E393A0A6BC17BFE0F5BB0CFC4D052148B3A16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:15:28:76:49:ae:77:dc:06:81:87:b2:3d:fa: d5:c4:be:51:f1:c3:f6:c6:5a:2c:24:0e:f2:a0:de: 22:91:42:14:ca:f1:b5:45:6f:15:fd:f8:1e:48:e4: 54:1c:a5:59:26:23:6e:76:f9:67:5a:fa:57:bb:dd: 27:70:35:a5:a0:57:61:a5:b2:c5:4e:16:1e:68:a0: 4d:cb:7f:e9:ed:30:6a:3c:a1:d8:7a:e2:d5:d3:24: 9e:27:31:16:23:63:d8:f6:0a:05:07:61:9c:b3:cf: 72:13:e5:2c:2b:2a:90:cc:43:1e:43:8a:fc:b8:50: fd:7a:af:80:c8:8d:b5:00:dc:d9:eb:2f:b8:0e:82: 0e:70:34:13:40:d9:8b:6c:fb:d4:89:09:93:3d:bb: 5b:0e:47:de:d6:d8:a6:98:63:4f:f7:57:13:ce:d6: 1a:d3:b9:c1:45:ee:9a:79:60:57:6e:f7:67:3d:6c: 4d:a7:89:75:b7:46:d8:23:92:58:b7:8f:16:ec:a0: 4d:b8:96:1d:0c:cd:af:ae:ce:f3:99:4e:db:75:c8: 5c:5d:72:d0:e4:f4:43:d9:a7:44:e7:65:88:a9:21: 6d:e8:26:ab:a1:37:43:7d:8c:d3:d8:13:ed:27:27: 36:b4:1c:cb:57:16:e1:2b:2a:d7:a8:96:98:02:85: a6:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:3E:39:3A:0A:6B:C1:7B:FE:0F:5B:B0:CF:C4:D0:52:14:8B:3A:16 X509v3 Authority Key Identifier: keyid:53:2E:C9:5D:9E:E2:76:D9:65:62:0B:7E:40:CA:50:B4:AB:8F:CB:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3132302e302f32312d3234203d3e20313331343833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.248.120.0/21 Signature Algorithm: sha256WithRSAEncryption 09:80:5a:26:32:84:9a:87:0d:6f:7e:ec:cd:70:99:9f:7d:8f: 2a:68:1b:5a:66:70:8c:34:00:27:52:e4:0c:33:a8:cf:e1:fd: 30:bb:28:e0:de:7b:1c:fe:87:44:fd:23:f2:7d:5b:07:c1:67: b3:9c:ea:bf:48:d5:70:3f:9e:32:14:3d:be:f6:e7:7c:d9:26: ef:d0:82:8f:9a:d3:62:27:c3:e0:41:57:2a:9b:ed:1d:08:7e: 17:52:65:14:ff:ce:b7:e2:57:8e:ed:63:47:af:fb:81:93:13: 5d:04:77:7b:b7:7b:a2:9a:38:97:32:47:48:ec:64:94:91:60: 7a:f8:6d:dc:22:c7:1d:eb:e5:84:a0:74:8d:0c:06:79:7c:bc: 35:19:69:97:e5:38:f3:92:d0:b6:d2:00:03:20:c8:cf:06:59: 6e:6a:71:c3:c9:fb:b3:88:1f:7d:ff:82:1e:87:ee:e6:3c:41: 59:67:7f:a9:46:38:8d:92:1a:05:2c:f8:44:75:9e:d1:4a:0a: a2:24:08:35:fa:ce:9e:e0:b8:76:2b:17:ef:75:70:3c:98:ba: 6a:2f:fa:cd:f4:38:4e:7a:da:35:e7:78:b1:4e:f4:89:d8:87: 69:a7:67:e0:47:bd:d9:31:c1:e6:85:f3:bc:e3:c5:46:0e:07: 57:9d:88:ab -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUPQojLBNOgkBRuEnkoxn0TXrnQXwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTMyRUM5NUQ5RUUyNzZEOTY1NjIwQjdFNDBDQTUwQjRB QjhGQ0IwQjAeFw0yNjA0MjAwOTA1NTBaFw0yNzA0MTkwOTEwNTBaMDMxMTAvBgNV BAMTKDg3M0UzOTNBMEE2QkMxN0JGRTBGNUJCMENGQzREMDUyMTQ4QjNBMTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcFSh2Sa533AaBh7I9+tXEvlHx w/bGWiwkDvKg3iKRQhTK8bVFbxX9+B5I5FQcpVkmI252+Wda+le73SdwNaWgV2Gl ssVOFh5ooE3Lf+ntMGo8odh64tXTJJ4nMRYjY9j2CgUHYZyzz3IT5SwrKpDMQx5D ivy4UP16r4DIjbUA3NnrL7gOgg5wNBNA2Yts+9SJCZM9u1sOR97W2KaYY0/3VxPO 1hrTucFF7pp5YFdu92c9bE2niXW3Rtgjkli3jxbsoE24lh0Mza+uzvOZTtt1yFxd ctDk9EPZp0TnZYipIW3oJquhN0N9jNPYE+0nJza0HMtXFuErKteolpgChaZnAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUhz45OgprwXv+D1uwz8TQUhSLOhYwHwYDVR0j BBgwFoAUUy7JXZ7idtllYgt+QMpQtKuPywswDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 ODQ5MDQ5NjYxNzAyMTQ0Mi8wLzUzMkVDOTVEOUVFMjc2RDk2NTYyMEI3RTQwQ0E1 MEI0QUI4RkNCMEIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNTMyRUM5NUQ5RUUyNzZEOTY1NjIwQjdFNDBDQTUwQjRBQjhGQ0IwQi5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTg0OTA0OTY2MTcwMjE0NDIvMC8zNDMzMmUzMjM0 MzgyZTMxMzIzMDJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDMxMzMzMTM0MzgzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAyv4eDANBgkqhkiG9w0BAQsFAAOCAQEACYBaJjKEmocNb37szXCZ n32PKmgbWmZwjDQAJ1LkDDOoz+H9MLso4N57HP6HRP0j8n1bB8Fns5zqv0jVcD+e MhQ9vvbnfNkm79CCj5rTYifD4EFXKpvtHQh+F1JlFP/Ot+JXju1jR6/7gZMTXQR3 e7d7opo4lzJHSOxklJFgevht3CLHHevlhKB0jQwGeXy8NRlpl+U485LQttIAAyDI zwZZbmpxw8n7s4gfff+CHofu5jxBWWd/qUY4jZIaBSz4RHWe0UoKoiQINfrOnuC4 disX73VwPJi6ai/6zfQ4TnraNed4sU70idiHaadn4Ee92THB5oXzvOPFRg4HV52I qw== -----END CERTIFICATE-----Generated at Wed Apr 22 04:05:13 2026 by rpki-client