$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3134342e302f32322d3234203d3e20313331343833.roa File: 34332e3234382e3134342e302f32322d3234203d3e20313331343833.roa (raw, json) Hash identifier: Ev5Ep/ASqKprWJLJ4W7qY/QR6ZX5EZhe9jChaZ2HCro= Subject key identifier: 3B:21:72:06:98:99:CE:A8:2C:52:18:C2:FF:14:43:27:C8:E1:0C:7D Certificate issuer: /CN=532EC95D9EE276D965620B7E40CA50B4AB8FCB0B Certificate serial: 509C90A36583CF050138499F49C4F65093FA3217 Authority key identifier: 53:2E:C9:5D:9E:E2:76:D9:65:62:0B:7E:40:CA:50:B4:AB:8F:CB:0B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3134342e302f32322d3234203d3e20313331343833.roa Signing time: Mon 20 Apr 2026 09:10:50 +0000 ROA not before: Mon 20 Apr 2026 09:05:50 +0000 ROA not after: Mon 19 Apr 2027 09:10:50 +0000 asID: 131483 IP address blocks: 43.248.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.crl rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:9c:90:a3:65:83:cf:05:01:38:49:9f:49:c4:f6:50:93:fa:32:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=532EC95D9EE276D965620B7E40CA50B4AB8FCB0B Validity Not Before: Apr 20 09:05:50 2026 GMT Not After : Apr 19 09:10:50 2027 GMT Subject: CN=3B2172069899CEA82C5218C2FF144327C8E10C7D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:c9:44:62:00:f4:67:cc:89:b1:3b:93:eb:b9: 1a:34:aa:f7:9a:2b:a7:ad:9b:90:a9:92:e6:03:0e: 5c:37:02:2d:2c:63:17:6e:94:7b:35:ee:39:be:92: 9d:c8:8d:0d:9d:aa:fc:1d:d6:7e:59:c3:55:e6:d1: 53:c6:1a:0c:29:4a:95:34:a8:ee:f4:7e:9b:bc:d7: 20:0b:6d:37:87:7f:d7:a7:72:18:d7:d3:48:70:95: 5d:3f:00:8e:2b:0f:2f:b3:21:c7:d7:eb:9c:0e:4a: 24:ad:91:ac:da:83:53:53:48:b5:e5:23:c0:8a:47: 31:ab:8a:b5:a7:32:0f:42:0c:0d:be:c4:bb:ef:05: 4f:0f:c8:88:47:2e:46:76:77:6f:27:f7:d2:0c:a5: 5d:8a:3d:44:c0:8e:d1:03:a3:5f:ee:ab:76:bf:2d: 04:3e:b4:4d:2d:99:3a:8c:e8:d8:4b:c8:eb:b4:a1: d7:ad:1b:77:1a:d9:51:92:b1:ce:76:64:73:03:b2: 1b:27:8c:9f:d5:54:e0:f8:be:aa:75:2e:f5:4c:b2: 5d:a8:8f:5f:3e:68:04:bd:0c:1d:c0:ba:3d:33:b8: d3:75:98:d4:6a:93:ac:18:e0:f3:d9:cc:4b:7c:82: 89:bd:32:8b:8c:dd:f4:f0:e2:c1:8f:3f:b9:83:5f: ca:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:21:72:06:98:99:CE:A8:2C:52:18:C2:FF:14:43:27:C8:E1:0C:7D X509v3 Authority Key Identifier: keyid:53:2E:C9:5D:9E:E2:76:D9:65:62:0B:7E:40:CA:50:B4:AB:8F:CB:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3134342e302f32322d3234203d3e20313331343833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.248.144.0/22 Signature Algorithm: sha256WithRSAEncryption 12:c0:68:28:cf:f5:b9:44:f6:9c:fe:35:7e:a6:6f:c0:ac:1d: f8:0a:82:97:a7:66:ab:b8:e5:dd:65:a4:76:7f:4f:a6:72:0f: 80:4c:a3:a7:d5:2a:4b:b7:12:08:7e:14:fb:ba:19:0b:d6:3a: 71:7c:05:64:b5:c4:24:16:fc:be:08:a6:43:88:e1:b9:2f:98: 47:0a:57:b5:45:b5:4f:91:db:03:de:9e:17:eb:f6:67:d1:36: 11:9a:63:dd:e9:86:35:26:4a:42:cd:1e:15:2a:6f:3e:2f:ee: 8c:11:ed:d1:55:18:32:9f:33:30:aa:87:24:f2:6d:08:23:32: f0:2d:77:c6:5d:d8:b6:49:8d:bf:9a:cc:be:b5:07:49:72:e3: ce:9b:1e:18:1e:7c:17:04:e8:58:ad:c5:a0:78:e9:8e:cb:ee: ed:74:6b:11:ef:8d:a1:b6:e2:9c:89:10:32:e7:a1:03:c0:17: 0c:6c:de:3d:d5:ed:d3:06:1e:12:1f:b7:f9:d8:8f:74:c0:5a: f3:cf:1a:a5:e7:49:2d:82:62:60:dd:49:b7:06:a3:3e:0a:32: 8e:8d:86:5e:a2:fb:a2:9c:d1:6b:15:5c:06:a5:1a:16:44:ce: d0:32:54:4d:3a:f1:18:fb:75:de:cd:76:5d:0d:63:68:87:7a: 74:57:d4:8f -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUUJyQo2WDzwUBOEmfScT2UJP6MhcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTMyRUM5NUQ5RUUyNzZEOTY1NjIwQjdFNDBDQTUwQjRB QjhGQ0IwQjAeFw0yNjA0MjAwOTA1NTBaFw0yNzA0MTkwOTEwNTBaMDMxMTAvBgNV BAMTKDNCMjE3MjA2OTg5OUNFQTgyQzUyMThDMkZGMTQ0MzI3QzhFMTBDN0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6yURiAPRnzImxO5PruRo0qvea K6etm5CpkuYDDlw3Ai0sYxdulHs17jm+kp3IjQ2dqvwd1n5Zw1Xm0VPGGgwpSpU0 qO70fpu81yALbTeHf9enchjX00hwlV0/AI4rDy+zIcfX65wOSiStkazag1NTSLXl I8CKRzGrirWnMg9CDA2+xLvvBU8PyIhHLkZ2d28n99IMpV2KPUTAjtEDo1/uq3a/ LQQ+tE0tmTqM6NhLyOu0odetG3ca2VGSsc52ZHMDshsnjJ/VVOD4vqp1LvVMsl2o j18+aAS9DB3Auj0zuNN1mNRqk6wY4PPZzEt8gom9MouM3fTw4sGPP7mDX8qFAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUOyFyBpiZzqgsUhjC/xRDJ8jhDH0wHwYDVR0j BBgwFoAUUy7JXZ7idtllYgt+QMpQtKuPywswDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 ODQ5MDQ5NjYxNzAyMTQ0Mi8wLzUzMkVDOTVEOUVFMjc2RDk2NTYyMEI3RTQwQ0E1 MEI0QUI4RkNCMEIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNTMyRUM5NUQ5RUUyNzZEOTY1NjIwQjdFNDBDQTUwQjRBQjhGQ0IwQi5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTg0OTA0OTY2MTcwMjE0NDIvMC8zNDMzMmUzMjM0 MzgyZTMxMzQzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMxMzMzMTM0MzgzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAiv4kDANBgkqhkiG9w0BAQsFAAOCAQEAEsBoKM/1uUT2nP41fqZv wKwd+AqCl6dmq7jl3WWkdn9PpnIPgEyjp9UqS7cSCH4U+7oZC9Y6cXwFZLXEJBb8 vgimQ4jhuS+YRwpXtUW1T5HbA96eF+v2Z9E2EZpj3emGNSZKQs0eFSpvPi/ujBHt 0VUYMp8zMKqHJPJtCCMy8C13xl3YtkmNv5rMvrUHSXLjzpseGB58FwToWK3FoHjp jsvu7XRrEe+NobbinIkQMuehA8AXDGzePdXt0wYeEh+3+diPdMBa888apedJLYJi YN1JtwajPgoyjo2GXqL7opzRaxVcBqUaFkTO0DJUTTrxGPt13s12XQ1jaId6dFfU jw== -----END CERTIFICATE-----Generated at Wed Apr 22 04:05:08 2026 by rpki-client