$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1109004796452405267/0/312e322e342e302f32342d3234203d3e203234313531.roa File: 312e322e342e302f32342d3234203d3e203234313531.roa (raw, json) Hash identifier: TBnC2LzR+6Db4WOI7E+8pudN/0AB0HhXouySfw2xuiY= Subject key identifier: 97:34:2F:25:80:FE:7F:9C:1F:5C:D0:06:A3:B0:8C:D6:B4:26:0E:3B Certificate issuer: /CN=CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4 Certificate serial: 085EDBFCA9CE4307E5A0D46E8E899F0D0CACAA31 Authority key identifier: CE:AC:E6:7B:8C:6F:24:55:BF:EB:95:CA:97:F4:EF:CE:0D:10:DA:C4 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/312e322e342e302f32342d3234203d3e203234313531.roa Signing time: Tue 19 May 2026 06:33:16 +0000 ROA not before: Tue 19 May 2026 06:28:16 +0000 ROA not after: Tue 18 May 2027 06:33:16 +0000 asID: 24151 IP address blocks: 1.2.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.crl rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 May 2026 15:28:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:5e:db:fc:a9:ce:43:07:e5:a0:d4:6e:8e:89:9f:0d:0c:ac:aa:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4 Validity Not Before: May 19 06:28:16 2026 GMT Not After : May 18 06:33:16 2027 GMT Subject: CN=97342F2580FE7F9C1F5CD006A3B08CD6B4260E3B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:50:67:bd:55:5e:19:91:20:59:6d:c1:ae:9a: b0:16:33:06:f3:87:84:7d:96:df:f7:87:7a:2f:2f: 88:e8:c3:9f:2e:51:69:02:f2:28:bd:77:e3:ae:e1: 60:52:6a:1b:73:db:52:f0:e2:1e:d6:be:25:ce:d0: 55:d7:e8:10:93:b3:ba:3e:a0:09:c6:54:a6:37:7e: d6:73:cc:a3:bd:01:0c:97:f8:f9:1b:3f:18:85:d3: 7c:ee:b6:5d:8c:99:8e:6d:14:46:b3:96:e6:f0:f2: 06:82:87:a1:1c:12:57:12:e9:7c:49:97:2b:11:fe: 98:70:60:06:95:9d:6c:e8:bc:c2:a0:fd:5d:0c:82: 50:2b:92:ef:6d:bd:13:e3:3c:9a:61:0e:5d:c5:22: d0:54:1d:aa:06:75:ed:1d:4d:40:f3:ae:08:6f:29: e1:76:57:fb:9e:0c:42:45:be:52:33:1f:a2:7f:77: 68:98:6b:c5:3a:3d:4b:35:53:33:ec:36:b7:09:c4: e8:31:e1:ea:de:62:c6:4a:26:e3:4c:3b:70:4f:6b: 31:8d:ab:cf:60:13:b9:cf:44:9d:f5:29:81:38:9b: 6d:26:84:02:92:ed:1d:6d:fa:4a:7d:06:55:ad:c8: 57:40:a2:39:d2:f3:c1:aa:d3:04:ee:6b:de:72:64: cd:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:34:2F:25:80:FE:7F:9C:1F:5C:D0:06:A3:B0:8C:D6:B4:26:0E:3B X509v3 Authority Key Identifier: keyid:CE:AC:E6:7B:8C:6F:24:55:BF:EB:95:CA:97:F4:EF:CE:0D:10:DA:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/312e322e342e302f32342d3234203d3e203234313531.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 1.2.4.0/24 Signature Algorithm: sha256WithRSAEncryption 99:16:f1:50:e8:b2:c3:ba:fc:76:83:b1:c0:c8:31:b2:f4:1f: fb:92:21:84:3c:b7:d2:d3:9a:32:70:ce:dc:b1:fd:42:ec:2c: 1f:0f:7e:b9:9c:ae:de:47:76:e2:c2:b5:56:a0:29:90:25:87: 3d:24:a4:dd:64:6a:30:0f:a7:05:7f:ec:c8:7d:01:86:25:d8: 6b:a2:18:88:0a:1e:0b:b5:67:3d:d5:ae:10:a0:45:51:ea:74: c9:a3:6f:e4:7f:ad:9b:a4:bb:df:9f:aa:d0:8e:50:c5:72:c4: 94:28:6e:21:80:08:4c:be:f9:35:0f:4d:06:76:b1:e6:43:2a: d9:24:01:2a:c7:3f:ce:1e:8c:b1:ef:bd:9d:45:9c:1b:fd:c6: 1f:d9:55:b8:68:ae:0a:16:6f:67:b6:f0:ed:b0:28:d9:1a:16: 8f:bd:37:7e:06:95:88:0b:fc:d1:33:19:c7:e8:5f:fe:93:5a: 40:ee:f0:89:1e:04:5e:0b:fe:11:15:a6:57:f2:9f:a0:7e:2c: d1:62:74:11:08:bb:6e:f5:60:2a:de:27:fa:d7:4e:e5:77:d1: f0:79:14:21:5c:1c:71:6a:25:cf:6e:33:dd:36:02:44:bd:71: 52:b6:f7:26:ce:4d:d0:fa:2b:b5:e4:30:01:fa:3a:4c:2b:8d: ef:a8:10:ca -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgIUCF7b/KnOQwfloNRujomfDQysqjEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VBQ0U2N0I4QzZGMjQ1NUJGRUI5NUNBOTdGNEVGQ0Uw RDEwREFDNDAeFw0yNjA1MTkwNjI4MTZaFw0yNzA1MTgwNjMzMTZaMDMxMTAvBgNV BAMTKDk3MzQyRjI1ODBGRTdGOUMxRjVDRDAwNkEzQjA4Q0Q2QjQyNjBFM0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYUGe9VV4ZkSBZbcGumrAWMwbz h4R9lt/3h3ovL4jow58uUWkC8ii9d+Ou4WBSahtz21Lw4h7WviXO0FXX6BCTs7o+ oAnGVKY3ftZzzKO9AQyX+PkbPxiF03zutl2MmY5tFEazlubw8gaCh6EcElcS6XxJ lysR/phwYAaVnWzovMKg/V0MglArku9tvRPjPJphDl3FItBUHaoGde0dTUDzrghv KeF2V/ueDEJFvlIzH6J/d2iYa8U6PUs1UzPsNrcJxOgx4ereYsZKJuNMO3BPazGN q89gE7nPRJ31KYE4m20mhAKS7R1t+kp9BlWtyFdAojnS88Gq0wTua95yZM1RAgMB AAGjggIJMIICBTAdBgNVHQ4EFgQUlzQvJYD+f5wfXNAGo7CM1rQmDjswHwYDVR0j BBgwFoAUzqzme4xvJFW/65XKl/Tvzg0Q2sQwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw OTAwNDc5NjQ1MjQwNTI2Ny8wL0NFQUNFNjdCOEM2RjI0NTVCRkVCOTVDQTk3RjRF RkNFMEQxMERBQzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQ0VBQ0U2N0I4QzZGMjQ1NUJGRUI5NUNBOTdGNEVGQ0UwRDEwREFDNC5jZXIw gYIGCCsGAQUFBwELBHYwdDByBggrBgEFBQcwC4ZmcnN5bmM6Ly9ycGtpLXJwcy5j bm5pYy5jbi9yZXBvL0ExMTA5MDA0Nzk2NDUyNDA1MjY3LzAvMzEyZTMyMmUzNDJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzQzMTM1MzEucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAABAgQw DQYJKoZIhvcNAQELBQADggEBAJkW8VDossO6/HaDscDIMbL0H/uSIYQ8t9LTmjJw ztyx/ULsLB8Pfrmcrt5HduLCtVagKZAlhz0kpN1kajAPpwV/7Mh9AYYl2GuiGIgK Hgu1Zz3VrhCgRVHqdMmjb+R/rZuku9+fqtCOUMVyxJQobiGACEy++TUPTQZ2seZD KtkkASrHP84ejLHvvZ1FnBv9xh/ZVbhorgoWb2e28O2wKNkaFo+9N34GlYgL/NEz GcfoX/6TWkDu8IkeBF4L/hEVplfyn6B+LNFidBEIu271YCreJ/rXTuV30fB5FCFc HHFqJc9uM902AkS9cVK29ybOTdD6K7XkMAH6Okwrje+oEMo= -----END CERTIFICATE-----Generated at Fri May 29 23:50:47 2026 by rpki-client