$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS17621.roa File: AS17621.roa (raw, json) Hash identifier: kqw3r/jiIwDnioze2JS67ePPacBLzehQLpbOWpUmWPY= Subject key identifier: A5:87:16:D4:FC:7F:24:A4:45:D6:C1:69:A3:B1:D7:6D:F1:35:91:0A Certificate issuer: /CN=8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE Certificate serial: 5893BE951FEECA4B036A3E27D52C27C83FB67A65 Authority key identifier: 8D:47:3B:7B:41:E3:D6:22:DF:B3:B6:0D:5E:B9:46:99:8F:BE:7E:AE Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS17621.roa Signing time: Wed 13 May 2026 09:27:08 +0000 ROA not before: Wed 13 May 2026 09:22:08 +0000 ROA not after: Wed 12 May 2027 09:27:08 +0000 asID: 17621 IP address blocks: 103.200.220.0/22 maxlen: 24 103.200.224.0/24 maxlen: 24 103.200.228.0/24 maxlen: 24 103.200.232.0/24 maxlen: 24 113.21.236.0/22 maxlen: 24 202.47.104.0/21 maxlen: 24 202.57.192.0/24 maxlen: 24 202.57.193.0/24 maxlen: 24 202.57.196.0/22 maxlen: 24 202.57.200.0/23 maxlen: 24 202.57.201.0/24 maxlen: 24 202.57.202.0/24 maxlen: 24 2403:9b00:2400::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.crl rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 11:49:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:93:be:95:1f:ee:ca:4b:03:6a:3e:27:d5:2c:27:c8:3f:b6:7a:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE Validity Not Before: May 13 09:22:08 2026 GMT Not After : May 12 09:27:08 2027 GMT Subject: CN=A58716D4FC7F24A445D6C169A3B1D76DF135910A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:42:a5:d7:99:07:73:a7:92:96:cc:42:e8:20: 4e:d2:c9:24:3e:b3:b7:b9:f2:69:81:bd:e1:47:d1: b5:41:dc:8f:39:8f:86:75:24:ca:1b:37:eb:96:55: 3f:77:b0:81:ba:19:90:35:4f:d5:be:e7:3f:1b:16: b8:66:41:31:ba:ec:08:73:72:fb:31:e4:a6:09:1a: 4c:a7:35:a1:33:82:87:55:1f:f4:aa:29:8e:97:a7: 34:25:39:02:b4:f2:26:56:e2:49:c9:51:f6:4b:b2: 47:7a:5d:7f:fd:70:6c:7b:87:10:65:37:49:55:9d: 9f:39:4b:b0:e5:64:c5:69:a3:af:57:67:70:17:b5: d0:f3:8b:dc:2f:79:f1:21:97:ed:b2:40:13:d4:e6: 5a:13:53:36:93:90:0b:c7:01:9a:39:79:ee:13:49: ca:db:f3:75:f0:12:ea:85:f8:59:1d:b3:44:e0:d9: 0f:76:4b:04:7a:fe:50:22:9b:1a:e7:10:a2:3d:c1: 16:3d:4d:31:57:2f:dc:f3:ff:f8:d6:84:a7:67:a2: e4:2a:29:0b:12:95:01:7b:29:10:5b:08:a6:0b:0f: a6:d2:76:dc:5c:32:a6:16:6b:e9:06:d9:6d:9d:3d: ab:e5:ed:d4:d2:1a:99:b5:c4:14:bf:73:74:60:d7: ee:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:87:16:D4:FC:7F:24:A4:45:D6:C1:69:A3:B1:D7:6D:F1:35:91:0A X509v3 Authority Key Identifier: keyid:8D:47:3B:7B:41:E3:D6:22:DF:B3:B6:0D:5E:B9:46:99:8F:BE:7E:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/8D473B7B41E3D622DFB3B60D5EB946998FBE7EAE.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065576723372179458/0/AS17621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.200.220.0-103.200.224.255 103.200.228.0/24 103.200.232.0/24 113.21.236.0/22 202.47.104.0/21 202.57.192.0/23 202.57.196.0-202.57.202.255 IPv6: 2403:9b00:2400::/48 Signature Algorithm: sha256WithRSAEncryption 52:c8:41:37:48:c7:6d:3e:a5:38:d3:a3:0c:f0:2e:ca:1f:1b: a5:aa:5c:b9:fd:d8:ec:3e:fa:8a:6d:66:df:fd:46:3a:a8:b6: dc:20:ef:91:47:07:81:3a:9d:a8:4e:1f:d9:4c:59:5d:62:64: 76:c5:7f:69:c0:8b:d9:27:60:43:a1:c0:32:88:0b:bc:5e:1d: 02:5f:d6:7b:05:b9:4e:0f:a6:56:4a:ab:38:1e:5a:2f:aa:e0: 6c:89:04:f5:a4:38:55:da:62:a8:b0:88:e1:2f:d9:f8:25:47: f4:e5:f4:40:88:f3:81:d4:64:7a:71:70:64:b4:82:76:d8:2f: 04:38:1f:0c:f5:59:28:83:81:2e:9a:e3:8c:84:3b:7f:b5:20: 6b:52:09:09:c8:a5:f2:47:fc:22:2d:fb:2a:8c:d0:73:e6:18: 71:54:01:43:f8:64:d2:6f:87:0f:0a:5d:2d:c7:06:0f:8d:43: 14:b8:df:31:1b:fe:e7:51:4c:3e:50:0c:f4:0f:c3:f0:92:84: d8:97:84:00:28:73:73:9f:11:16:64:7e:5d:06:fe:6c:a9:4c: 95:38:4a:f5:96:9f:f3:ae:9f:76:8f:89:0e:a1:4b:b2:d4:b3: 18:f9:a7:52:ba:a2:67:a5:5f:7c:39:a7:7e:c9:73:e6:e4:8d: b3:5a:8a:78 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgIUWJO+lR/uyksDaj4n1SwnyD+2emUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOEQ0NzNCN0I0MUUzRDYyMkRGQjNCNjBENUVCOTQ2OTk4 RkJFN0VBRTAeFw0yNjA1MTMwOTIyMDhaFw0yNzA1MTIwOTI3MDhaMDMxMTAvBgNV BAMTKEE1ODcxNkQ0RkM3RjI0QTQ0NUQ2QzE2OUEzQjFENzZERjEzNTkxMEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeQqXXmQdzp5KWzELoIE7SySQ+ s7e58mmBveFH0bVB3I85j4Z1JMobN+uWVT93sIG6GZA1T9W+5z8bFrhmQTG67Ahz cvsx5KYJGkynNaEzgodVH/SqKY6XpzQlOQK08iZW4knJUfZLskd6XX/9cGx7hxBl N0lVnZ85S7DlZMVpo69XZ3AXtdDzi9wvefEhl+2yQBPU5loTUzaTkAvHAZo5ee4T Scrb83XwEuqF+Fkds0Tg2Q92SwR6/lAimxrnEKI9wRY9TTFXL9zz//jWhKdnouQq KQsSlQF7KRBbCKYLD6bSdtxcMqYWa+kG2W2dPavl7dTSGpm1xBS/c3Rg1+5nAgMB AAGjggIoMIICJDAdBgNVHQ4EFgQUpYcW1Px/JKRF1sFpo7HXbfE1kQowHwYDVR0j BBgwFoAUjUc7e0Hj1iLfs7YNXrlGmY++fq4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3NjcyMzM3MjE3OTQ1OC8wLzhENDczQjdCNDFFM0Q2MjJERkIzQjYwRDVFQjk0 Njk5OEZCRTdFQUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOEQ0NzNCN0I0MUUzRDYyMkRGQjNCNjBENUVCOTQ2OTk4RkJFN0VBRS5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1NzY3MjMzNzIxNzk0NTgvMC9BUzE3NjIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBABAIA ATA6MAwDBAJnyNwDBABnyOADBABnyOQDBABnyOgDBAJxFewDBAPKL2gDBAHKOcAw DAMEAso5xAMEAMo5yjAPBAIAAjAJAwcAJAObACQAMA0GCSqGSIb3DQEBCwUAA4IB AQBSyEE3SMdtPqU406MM8C7KHxulqly5/djsPvqKbWbf/UY6qLbcIO+RRweBOp2o Th/ZTFldYmR2xX9pwIvZJ2BDocAyiAu8Xh0CX9Z7BblOD6ZWSqs4HlovquBsiQT1 pDhV2mKosIjhL9n4JUf05fRAiPOB1GR6cXBktIJ22C8EOB8M9Vkog4EumuOMhDt/ tSBrUgkJyKXyR/wiLfsqjNBz5hhxVAFD+GTSb4cPCl0txwYPjUMUuN8xG/7nUUw+ UAz0D8PwkoTYl4QAKHNznxEWZH5dBv5sqUyVOEr1lp/zrp92j4kOoUuy1LMY+adS uqJnpV98Oad+yXPm5I2zWop4 -----END CERTIFICATE-----Generated at Wed May 13 14:14:01 2026 by rpki-client