$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1109004796452405267/0/3231302e322e342e302f32342d3234203d3e203234343039.roa File: 3231302e322e342e302f32342d3234203d3e203234343039.roa (raw, json) Hash identifier: dsVTcMJyEhqmVODGZAIkGc623cScIW3ZMfG651m2w+c= Subject key identifier: C1:F4:56:FE:6B:5A:0C:C5:DD:EF:F7:57:41:73:F3:E1:F0:B1:73:57 Certificate issuer: /CN=CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4 Certificate serial: 3981494245DD43081687AEDB316C03109C2C18AB Authority key identifier: CE:AC:E6:7B:8C:6F:24:55:BF:EB:95:CA:97:F4:EF:CE:0D:10:DA:C4 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/3231302e322e342e302f32342d3234203d3e203234343039.roa Signing time: Tue 19 May 2026 06:33:16 +0000 ROA not before: Tue 19 May 2026 06:28:16 +0000 ROA not after: Tue 18 May 2027 06:33:16 +0000 asID: 24409 IP address blocks: 210.2.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.crl rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 May 2026 15:28:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:81:49:42:45:dd:43:08:16:87:ae:db:31:6c:03:10:9c:2c:18:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4 Validity Not Before: May 19 06:28:16 2026 GMT Not After : May 18 06:33:16 2027 GMT Subject: CN=C1F456FE6B5A0CC5DDEFF7574173F3E1F0B17357 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:7c:5a:e0:fa:f1:28:8c:28:52:3d:74:9f:37: f4:b2:47:1c:79:77:22:0f:aa:42:3a:bf:2d:a4:ef: ff:d3:9b:33:f4:44:49:7a:55:73:78:55:97:49:ae: b3:0f:d8:83:fe:f4:7c:f1:04:a8:85:f6:b9:6e:62: 82:da:9e:70:78:27:ad:a2:46:20:ba:01:5a:88:9e: f7:f0:d7:e7:e7:1f:d9:26:4b:e4:94:91:1b:2b:33: 4b:07:df:ae:6a:4a:71:02:62:62:d1:fe:1a:d9:28: 9c:a8:d2:5f:29:2c:5a:dd:20:ac:f1:09:af:f5:2c: 09:62:88:36:ad:5c:52:77:73:6f:37:f8:dc:64:57: 74:ae:8a:96:5c:c5:fd:fe:ca:2f:a9:fe:3c:e0:ce: d5:ff:82:7f:5c:64:30:a0:a8:f0:a0:42:95:f9:da: 34:a0:ee:d2:18:f1:4d:36:75:40:c6:24:94:9d:ac: 1e:3b:4d:6a:66:02:68:84:0b:9d:81:fe:e4:48:ca: 23:ee:2c:2b:df:6b:d6:e5:89:e5:11:e0:b5:cf:fb: ec:04:0e:90:e8:13:a2:d8:22:c2:85:4b:da:7b:6c: d5:50:bb:5f:83:e4:9f:47:00:84:5c:3b:da:4b:8b: ca:39:e4:ab:c3:6d:db:a9:47:99:d7:3d:8d:51:d3: b7:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:F4:56:FE:6B:5A:0C:C5:DD:EF:F7:57:41:73:F3:E1:F0:B1:73:57 X509v3 Authority Key Identifier: keyid:CE:AC:E6:7B:8C:6F:24:55:BF:EB:95:CA:97:F4:EF:CE:0D:10:DA:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/CEACE67B8C6F2455BFEB95CA97F4EFCE0D10DAC4.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1109004796452405267/0/3231302e322e342e302f32342d3234203d3e203234343039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 210.2.4.0/24 Signature Algorithm: sha256WithRSAEncryption 11:02:13:3a:e6:56:23:02:d8:1b:3d:5a:d3:93:ca:28:75:4d: 87:3a:8c:e8:df:3d:e7:71:79:88:3c:b6:71:33:87:7b:86:24: a1:a3:99:33:5d:88:a2:c2:98:0a:c6:0d:f9:12:60:f8:50:af: b0:56:76:6c:ac:d3:4c:4c:98:dc:f3:23:9d:65:c7:38:74:35: 41:1b:62:72:08:14:f4:c0:35:9b:aa:69:aa:ae:1b:91:53:09: 00:68:93:98:1c:82:8f:7c:8a:d4:2b:02:bf:c6:c2:f1:c6:be: b5:13:34:0a:0d:41:20:db:7d:b2:d6:8b:45:6f:c7:d3:d8:58: 36:b6:7b:35:f5:f4:6c:b3:d0:09:68:e5:90:45:8b:1c:68:fb: f8:4d:88:44:62:b7:be:0c:0d:cc:22:f2:c5:a2:ab:98:8c:8b: 41:54:4c:d3:9b:da:d1:d7:82:b0:4f:36:e7:e3:45:c1:cf:b5: a7:a2:7f:f3:e4:87:ad:b3:30:32:65:3b:7e:f3:59:fe:a1:72: fc:4e:7a:a7:df:90:84:aa:fe:c5:42:e4:45:5c:51:82:b1:55: 81:ab:e5:05:b5:79:cc:10:d8:39:89:5e:74:22:dd:a4:ed:8b: ab:b3:5e:6b:05:10:a6:69:f7:8c:2b:b1:d6:ac:c1:5f:c4:22: c0:9e:78:49 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIUOYFJQkXdQwgWh67bMWwDEJwsGKswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQ0VBQ0U2N0I4QzZGMjQ1NUJGRUI5NUNBOTdGNEVGQ0Uw RDEwREFDNDAeFw0yNjA1MTkwNjI4MTZaFw0yNzA1MTgwNjMzMTZaMDMxMTAvBgNV BAMTKEMxRjQ1NkZFNkI1QTBDQzVEREVGRjc1NzQxNzNGM0UxRjBCMTczNTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8fFrg+vEojChSPXSfN/SyRxx5 dyIPqkI6vy2k7//TmzP0REl6VXN4VZdJrrMP2IP+9HzxBKiF9rluYoLannB4J62i RiC6AVqInvfw1+fnH9kmS+SUkRsrM0sH365qSnECYmLR/hrZKJyo0l8pLFrdIKzx Ca/1LAliiDatXFJ3c283+NxkV3SuipZcxf3+yi+p/jzgztX/gn9cZDCgqPCgQpX5 2jSg7tIY8U02dUDGJJSdrB47TWpmAmiEC52B/uRIyiPuLCvfa9blieUR4LXP++wE DpDoE6LYIsKFS9p7bNVQu1+D5J9HAIRcO9pLi8o55KvDbdupR5nXPY1R07dVAgMB AAGjggINMIICCTAdBgNVHQ4EFgQUwfRW/mtaDMXd7/dXQXPz4fCxc1cwHwYDVR0j BBgwFoAUzqzme4xvJFW/65XKl/Tvzg0Q2sQwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw OTAwNDc5NjQ1MjQwNTI2Ny8wL0NFQUNFNjdCOEM2RjI0NTVCRkVCOTVDQTk3RjRF RkNFMEQxMERBQzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQ0VBQ0U2N0I4QzZGMjQ1NUJGRUI5NUNBOTdGNEVGQ0UwRDEwREFDNC5jZXIw gYYGCCsGAQUFBwELBHoweDB2BggrBgEFBQcwC4ZqcnN5bmM6Ly9ycGtpLXJwcy5j bm5pYy5jbi9yZXBvL0ExMTA5MDA0Nzk2NDUyNDA1MjY3LzAvMzIzMTMwMmUzMjJl MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM0MzQzMDM5LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA 0gIEMA0GCSqGSIb3DQEBCwUAA4IBAQARAhM65lYjAtgbPVrTk8oodU2HOozo3z3n cXmIPLZxM4d7hiSho5kzXYiiwpgKxg35EmD4UK+wVnZsrNNMTJjc8yOdZcc4dDVB G2JyCBT0wDWbqmmqrhuRUwkAaJOYHIKPfIrUKwK/xsLxxr61EzQKDUEg232y1otF b8fT2Fg2tns19fRss9AJaOWQRYscaPv4TYhEYre+DA3MIvLFoquYjItBVEzTm9rR 14KwTzbn40XBz7Wnon/z5IetszAyZTt+81n+oXL8Tnqn35CEqv7FQuRFXFGCsVWB q+UFtXnMENg5iV50It2k7Yurs15rBRCmafeMK7HWrMFfxCLAnnhJ -----END CERTIFICATE-----Generated at Fri May 29 22:56:24 2026 by rpki-client