$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS17621.roa File: AS17621.roa (raw, json) Hash identifier: 19cVhI5Ma1k34oBBZ4gfIYstAQe/V4TWlWbIdY5N42k= Subject key identifier: DA:67:56:38:9B:54:01:5A:36:D2:F5:B5:5C:EE:9E:C0:B0:4B:29:48 Certificate issuer: /CN=9BF34B3817748D3E69CC3880F13A8383A9AA3C2C Certificate serial: 321D22EB558148DC488B3309913CC3D0CE519738 Authority key identifier: 9B:F3:4B:38:17:74:8D:3E:69:CC:38:80:F1:3A:83:83:A9:AA:3C:2C Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS17621.roa Signing time: Tue 12 May 2026 09:40:17 +0000 ROA not before: Tue 12 May 2026 09:35:17 +0000 ROA not after: Tue 11 May 2027 09:40:17 +0000 asID: 17621 IP address blocks: 106.75.208.0/20 maxlen: 20 106.75.224.0/20 maxlen: 20 106.75.240.0/20 maxlen: 20 113.31.96.0/20 maxlen: 20 113.31.112.0/20 maxlen: 20 113.31.144.0/20 maxlen: 20 113.31.160.0/20 maxlen: 20 113.31.176.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 11:48:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:1d:22:eb:55:81:48:dc:48:8b:33:09:91:3c:c3:d0:ce:51:97:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9BF34B3817748D3E69CC3880F13A8383A9AA3C2C Validity Not Before: May 12 09:35:17 2026 GMT Not After : May 11 09:40:17 2027 GMT Subject: CN=DA6756389B54015A36D2F5B55CEE9EC0B04B2948 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:06:fe:94:76:0a:fb:2f:13:70:d1:ff:b2:13: be:00:91:b0:ec:84:4b:da:a5:b4:c0:30:b0:18:8f: 24:99:57:d8:db:ef:dd:8f:b2:cc:9d:12:a2:8f:0d: 02:9c:05:51:b9:6c:5d:3a:98:71:7a:4d:fc:d2:02: 4a:17:39:9f:09:6a:ce:c9:6e:6a:c9:c8:b2:64:09: 22:f9:9e:cf:93:90:a3:0a:a2:af:e9:e8:8f:cf:a3: 30:8e:39:f3:9b:a5:81:83:49:3d:5c:b4:4e:ce:d1: 90:da:39:b4:ee:6e:f8:0b:fc:a3:91:14:25:92:e5: ea:0d:37:21:86:28:c6:da:f9:92:e1:2d:78:39:64: 3a:66:23:c9:c6:9f:5f:7e:a4:e0:fa:55:94:1b:d2: 1b:8f:a0:c2:19:d0:1e:69:7a:d6:e4:b4:9c:10:5b: 97:77:00:52:04:0b:15:9b:fc:42:18:c6:a6:10:00: 8b:4d:8e:0b:2a:fd:09:3c:80:15:f4:15:39:43:c4: 83:08:f3:e5:07:23:ba:0f:9a:76:0e:9d:e4:92:e9: 5e:25:b4:5b:95:84:02:d7:35:8e:a2:cd:18:41:5f: c4:ee:c0:e1:96:b3:2d:49:3f:d8:b5:3f:af:1b:0e: b5:f4:cd:1e:b5:9e:d0:c7:77:17:81:c6:85:e1:9a: 4e:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:67:56:38:9B:54:01:5A:36:D2:F5:B5:5C:EE:9E:C0:B0:4B:29:48 X509v3 Authority Key Identifier: keyid:9B:F3:4B:38:17:74:8D:3E:69:CC:38:80:F1:3A:83:83:A9:AA:3C:2C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/9BF34B3817748D3E69CC3880F13A8383A9AA3C2C.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394589187/0/AS17621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 106.75.208.0-106.75.255.255 113.31.96.0/19 113.31.144.0-113.31.191.255 Signature Algorithm: sha256WithRSAEncryption 53:54:7a:99:d4:d8:06:51:40:fe:3d:77:c5:40:86:c1:8c:20: 3b:3c:20:fd:ed:11:04:12:c5:6c:bd:fa:c4:4a:2d:50:09:19: 8d:22:2f:6c:e0:e1:f2:4f:a6:ff:48:8f:0b:e3:03:5f:47:b9: 3b:c6:30:e3:b9:84:57:38:dd:98:bf:16:fc:ee:2e:03:2b:4f: 47:84:56:8f:d0:04:e2:65:76:98:d6:d5:40:53:e8:54:53:8f: aa:af:44:fb:2b:42:a7:40:73:5d:9a:79:0b:0a:4c:b0:de:7c: bd:f8:3a:bf:43:59:56:0c:44:9e:f1:72:1f:46:80:51:f4:0b: 11:24:23:93:18:e4:4f:7e:3e:41:bf:45:2c:14:1f:ac:28:63: 77:c1:e0:e7:44:51:66:f9:36:de:8f:6f:67:77:88:36:0f:e3: cd:87:ba:72:e8:26:a1:d3:9e:2f:83:a3:5a:6c:b8:63:81:f5: 27:78:dc:fd:78:72:43:20:b1:34:7e:d4:9b:ce:95:c9:58:ac: a8:d5:e3:e6:63:08:5d:86:07:4b:75:85:b1:fd:d9:40:96:e1: 13:eb:06:46:b0:71:ba:5e:3c:51:d1:a0:13:03:95:65:16:49: 8e:ba:9d:94:f1:79:3d:55:f5:fa:95:5d:bf:a0:d9:64:ab:4d: 73:cb:1c:a9 -----BEGIN CERTIFICATE----- MIIE9DCCA9ygAwIBAgIUMh0i61WBSNxIizMJkTzD0M5RlzgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOUJGMzRCMzgxNzc0OEQzRTY5Q0MzODgwRjEzQTgzODNB OUFBM0MyQzAeFw0yNjA1MTIwOTM1MTdaFw0yNzA1MTEwOTQwMTdaMDMxMTAvBgNV BAMTKERBNjc1NjM4OUI1NDAxNUEzNkQyRjVCNTVDRUU5RUMwQjA0QjI5NDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Bv6Udgr7LxNw0f+yE74AkbDs hEvapbTAMLAYjySZV9jb792PssydEqKPDQKcBVG5bF06mHF6TfzSAkoXOZ8Jas7J bmrJyLJkCSL5ns+TkKMKoq/p6I/PozCOOfObpYGDST1ctE7O0ZDaObTubvgL/KOR FCWS5eoNNyGGKMba+ZLhLXg5ZDpmI8nGn19+pOD6VZQb0huPoMIZ0B5petbktJwQ W5d3AFIECxWb/EIYxqYQAItNjgsq/Qk8gBX0FTlDxIMI8+UHI7oPmnYOneSS6V4l tFuVhALXNY6izRhBX8TuwOGWsy1JP9i1P68bDrX0zR61ntDHdxeBxoXhmk7nAgMB AAGjggH+MIIB+jAdBgNVHQ4EFgQU2mdWOJtUAVo20vW1XO6ewLBLKUgwHwYDVR0j BBgwFoAUm/NLOBd0jT5pzDiA8TqDg6mqPCwwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDU4OTE4Ny8wLzlCRjM0QjM4MTc3NDhEM0U2OUNDMzg4MEYxM0E4 MzgzQTlBQTNDMkMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvOUJGMzRCMzgxNzc0OEQzRTY5Q0MzODgwRjEzQTgzODNBOUFBM0MyQy5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwNjU1Nzk1MzQzOTQ1ODkxODcvMC9BUzE3NjIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIA ATAhMAsDBARqS9ADAwJqSAMEBXEfYDAMAwQEcR+QAwQGcR+AMA0GCSqGSIb3DQEB CwUAA4IBAQBTVHqZ1NgGUUD+PXfFQIbBjCA7PCD97REEEsVsvfrESi1QCRmNIi9s 4OHyT6b/SI8L4wNfR7k7xjDjuYRXON2Yvxb87i4DK09HhFaP0ATiZXaY1tVAU+hU U4+qr0T7K0KnQHNdmnkLCkyw3ny9+Dq/Q1lWDESe8XIfRoBR9AsRJCOTGORPfj5B v0UsFB+sKGN3weDnRFFm+Tbej29nd4g2D+PNh7py6Cah054vg6NabLhjgfUneNz9 eHJDILE0ftSbzpXJWKyo1ePmYwhdhgdLdYWx/dlAluET6wZGsHG6XjxR0aATA5Vl FkmOup2U8Xk9VfX6lV2/oNlkq01zyxyp -----END CERTIFICATE-----Generated at Wed May 13 02:38:39 2026 by rpki-client