$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3230382e302f32322d3234203d3e20313331343833.roa File: 34332e3234382e3230382e302f32322d3234203d3e20313331343833.roa (raw, json) Hash identifier: 5rAoFuJ5LbitAQlSoecX8VkVnXjVSx9JmRYpsjGnU5Y= Subject key identifier: 33:D9:DC:AF:EF:17:72:25:74:55:81:20:F4:3C:22:07:DE:7A:D3:47 Certificate issuer: /CN=532EC95D9EE276D965620B7E40CA50B4AB8FCB0B Certificate serial: 0748A55CAA2BA0E133A58B8D33579CD3E4DE7068 Authority key identifier: 53:2E:C9:5D:9E:E2:76:D9:65:62:0B:7E:40:CA:50:B4:AB:8F:CB:0B Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3230382e302f32322d3234203d3e20313331343833.roa Signing time: Mon 20 Apr 2026 09:10:49 +0000 ROA not before: Mon 20 Apr 2026 09:05:49 +0000 ROA not after: Mon 19 Apr 2027 09:10:49 +0000 asID: 131483 IP address blocks: 43.248.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.crl rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 18:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:48:a5:5c:aa:2b:a0:e1:33:a5:8b:8d:33:57:9c:d3:e4:de:70:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=532EC95D9EE276D965620B7E40CA50B4AB8FCB0B Validity Not Before: Apr 20 09:05:49 2026 GMT Not After : Apr 19 09:10:49 2027 GMT Subject: CN=33D9DCAFEF17722574558120F43C2207DE7AD347 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:55:94:10:4f:58:0f:94:4c:10:30:51:1f:10: 63:c4:75:3b:18:a6:d0:f1:cd:8f:48:f5:cf:a5:d0: e5:f4:a3:16:de:3b:ba:62:b1:ca:6c:12:7f:cf:43: 0f:89:f8:62:be:f7:83:f0:db:fc:18:10:5a:17:b9: 52:05:f1:2f:50:5f:97:5f:0b:4d:cf:45:9d:3f:e7: 73:13:c5:ec:34:a3:f5:74:00:f3:9c:74:31:35:a5: 53:5b:3c:55:0d:c6:75:1c:52:7c:7e:28:ba:8b:13: 53:d6:64:28:1e:33:43:5f:28:c0:5e:ff:3d:b0:a6: e5:29:09:bb:87:7e:d7:1d:67:8f:bd:66:73:64:14: 70:57:55:58:d4:8c:2f:70:c0:4d:12:8d:99:37:19: b0:f4:3a:44:88:a4:50:6d:3b:7a:f7:0f:df:52:86: a7:cc:dd:98:f1:34:31:01:cd:69:c0:bc:6b:ab:57: 7e:14:14:d6:fd:13:3d:01:9e:b0:27:ed:98:66:46: 28:0b:cb:ca:c1:d6:a1:86:a1:27:30:f6:42:9b:52: 38:22:19:99:fc:71:7f:f8:bb:7e:8a:f0:58:13:5b: d3:d4:1f:d1:44:8b:0a:d7:ef:6a:78:6b:f2:ba:54: f4:ff:8b:75:bf:f7:41:9d:24:a6:93:5e:0a:2a:76: 7c:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:D9:DC:AF:EF:17:72:25:74:55:81:20:F4:3C:22:07:DE:7A:D3:47 X509v3 Authority Key Identifier: keyid:53:2E:C9:5D:9E:E2:76:D9:65:62:0B:7E:40:CA:50:B4:AB:8F:CB:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/532EC95D9EE276D965620B7E40CA50B4AB8FCB0B.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1098490496617021442/0/34332e3234382e3230382e302f32322d3234203d3e20313331343833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.248.208.0/22 Signature Algorithm: sha256WithRSAEncryption 04:64:15:77:f2:d7:8d:95:38:b4:20:3e:5c:57:85:cd:69:99: d0:b1:a8:f8:3e:1e:41:b1:f1:a1:cb:8c:67:1a:3a:8c:6e:ef: 7e:8b:24:bf:f5:2f:83:b4:af:23:b7:2d:15:73:7a:dd:c9:5a: 13:3d:0b:e0:69:2e:ea:11:de:ea:83:71:3d:43:23:5f:de:48: cc:45:8a:f0:13:90:a2:9d:28:e4:72:ed:60:e5:41:71:4c:37: 9f:56:a2:24:bb:96:f1:7d:cc:f8:42:f3:4c:f6:d8:ec:db:f5: 60:00:f3:39:2e:03:c9:e7:34:76:1f:bb:f0:c7:3f:6b:49:ac: 6d:fe:17:ed:66:e2:60:01:21:ac:30:5c:ac:9e:20:f8:a8:a7: 4b:0c:fe:48:03:52:90:b9:df:37:52:d6:a0:f5:e3:0f:ca:3d: 44:95:7a:6c:80:f9:ee:f0:23:e4:6d:96:04:bf:d8:aa:e6:0f: b6:58:09:44:b0:10:b4:f4:51:39:3d:a9:2f:2c:59:c7:6e:ab: d0:c6:6c:be:7e:83:ea:08:0f:b1:77:26:51:57:5a:c3:24:05: fa:8d:22:b9:ba:d0:95:90:14:db:35:0a:71:16:8b:9c:dd:95: 07:82:6a:ef:e7:d3:2e:79:56:5a:b1:d8:a1:48:da:5f:78:91: f6:bc:d5:b9 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUB0ilXKoroOEzpYuNM1ec0+TecGgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNTMyRUM5NUQ5RUUyNzZEOTY1NjIwQjdFNDBDQTUwQjRB QjhGQ0IwQjAeFw0yNjA0MjAwOTA1NDlaFw0yNzA0MTkwOTEwNDlaMDMxMTAvBgNV BAMTKDMzRDlEQ0FGRUYxNzcyMjU3NDU1ODEyMEY0M0MyMjA3REU3QUQzNDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnVZQQT1gPlEwQMFEfEGPEdTsY ptDxzY9I9c+l0OX0oxbeO7piscpsEn/PQw+J+GK+94Pw2/wYEFoXuVIF8S9QX5df C03PRZ0/53MTxew0o/V0APOcdDE1pVNbPFUNxnUcUnx+KLqLE1PWZCgeM0NfKMBe /z2wpuUpCbuHftcdZ4+9ZnNkFHBXVVjUjC9wwE0SjZk3GbD0OkSIpFBtO3r3D99S hqfM3ZjxNDEBzWnAvGurV34UFNb9Ez0BnrAn7ZhmRigLy8rB1qGGoScw9kKbUjgi GZn8cX/4u36K8FgTW9PUH9FEiwrX72p4a/K6VPT/i3W/90GdJKaTXgoqdnx7AgMB AAGjggIXMIICEzAdBgNVHQ4EFgQUM9ncr+8XciV0VYEg9DwiB95600cwHwYDVR0j BBgwFoAUUy7JXZ7idtllYgt+QMpQtKuPywswDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 ODQ5MDQ5NjYxNzAyMTQ0Mi8wLzUzMkVDOTVEOUVFMjc2RDk2NTYyMEI3RTQwQ0E1 MEI0QUI4RkNCMEIuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNTMyRUM5NUQ5RUUyNzZEOTY1NjIwQjdFNDBDQTUwQjRBQjhGQ0IwQi5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTg0OTA0OTY2MTcwMjE0NDIvMC8zNDMzMmUzMjM0 MzgyZTMyMzAzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMxMzMzMTM0MzgzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEAiv40DANBgkqhkiG9w0BAQsFAAOCAQEABGQVd/LXjZU4tCA+XFeF zWmZ0LGo+D4eQbHxocuMZxo6jG7vfoskv/Uvg7SvI7ctFXN63claEz0L4Gku6hHe 6oNxPUMjX95IzEWK8BOQop0o5HLtYOVBcUw3n1aiJLuW8X3M+ELzTPbY7Nv1YADz OS4Dyec0dh+78Mc/a0msbf4X7WbiYAEhrDBcrJ4g+KinSwz+SANSkLnfN1LWoPXj D8o9RJV6bID57vAj5G2WBL/YquYPtlgJRLAQtPRROT2pLyxZx26r0MZsvn6D6ggP sXcmUVdawyQF+o0iubrQlZAU2zUKcRaLnN2VB4Jq7+fTLnlWWrHYoUjaX3iR9rzV uQ== -----END CERTIFICATE-----Generated at Wed Apr 22 04:05:10 2026 by rpki-client