$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065579534394785795/0/34332e3234302e332e302f32342d3234203d3e2034383337.roa File: 34332e3234302e332e302f32342d3234203d3e2034383337.roa (raw, json) Hash identifier: 286I2w5By2SSTtwcD/7zqj4fswTfw1LmA+om3IPhDUc= Subject key identifier: 62:96:72:09:AA:A6:73:31:4B:8B:80:42:9A:65:06:F4:4B:CF:39:5F Certificate issuer: /CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Certificate serial: 02A27BB4A6EFAEB02C5B77B9A2F759EED0848068 Authority key identifier: 71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/34332e3234302e332e302f32342d3234203d3e2034383337.roa Signing time: Tue 28 Apr 2026 00:59:12 +0000 ROA not before: Tue 28 Apr 2026 00:54:12 +0000 ROA not after: Tue 27 Apr 2027 00:59:12 +0000 asID: 4837 IP address blocks: 43.240.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 01:26:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:a2:7b:b4:a6:ef:ae:b0:2c:5b:77:b9:a2:f7:59:ee:d0:84:80:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E Validity Not Before: Apr 28 00:54:12 2026 GMT Not After : Apr 27 00:59:12 2027 GMT Subject: CN=62967209AAA673314B8B80429A6506F44BCF395F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:cf:d8:55:93:c3:0a:1d:1b:0d:9c:ef:20:7c: 7c:a5:18:40:be:e9:ac:40:01:ae:6d:a2:0b:57:39: 0f:df:c7:e2:9f:2c:11:a6:b3:d5:71:21:43:5a:8c: c8:a6:e6:7e:ef:b2:93:7c:97:7c:a4:75:5f:5a:bb: a6:ce:26:7a:c3:93:25:ad:0e:eb:97:03:5b:79:24: ff:23:c6:ef:87:b4:98:cb:80:c2:aa:26:68:06:26: 80:c8:fd:dd:ed:07:39:75:b3:38:9a:a0:30:1d:ab: 26:7e:7f:d0:55:0b:46:2c:9d:49:98:b1:ab:db:03: c5:c0:12:3d:f2:34:79:63:04:6f:0c:22:83:c5:9a: 9d:11:2e:3c:d9:ee:fb:a3:f4:33:0d:dd:a6:aa:22: 0b:b0:ec:74:2a:23:df:67:3f:b6:b6:0d:dd:68:87: ec:64:40:a6:7f:8b:c4:92:99:e4:ad:c7:83:88:87: 29:e4:a8:f3:f3:8a:5c:9c:b1:4e:8f:3c:04:47:d6: b4:80:22:ed:1a:9a:75:95:e3:e3:de:7f:cf:2d:15: b1:f0:9c:5a:f0:20:8e:5e:cf:53:77:c0:66:3b:4d: b4:3b:0e:de:11:4a:15:1a:cc:03:f9:6e:2c:1d:aa: 90:5c:04:92:6f:7a:79:83:32:c6:b0:9e:54:1c:e3: e9:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:96:72:09:AA:A6:73:31:4B:8B:80:42:9A:65:06:F4:4B:CF:39:5F X509v3 Authority Key Identifier: keyid:71:C9:BF:E4:C8:FD:7E:77:7A:1C:9E:55:DF:A6:0A:3A:C2:9A:25:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/71C9BFE4C8FD7E777A1C9E55DFA60A3AC29A254E.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065579534394785795/0/34332e3234302e332e302f32342d3234203d3e2034383337.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.3.0/24 Signature Algorithm: sha256WithRSAEncryption 40:9a:61:83:17:98:3e:e2:61:f6:e3:60:4e:03:dd:44:2c:fa: 74:d5:d4:50:05:f6:b2:c2:70:0f:3a:b2:e9:2c:1a:24:b3:fb: e6:57:35:09:b2:3f:28:d7:69:80:ad:35:23:b2:df:d1:aa:a0: 82:02:db:e5:16:58:e6:e4:6f:4a:72:a1:bf:e7:90:c9:ab:57: aa:70:d4:0c:41:cd:e1:da:58:62:11:b5:19:86:cb:e9:4b:c8: 27:f5:eb:61:02:c2:a3:c0:25:e5:0d:9e:70:7c:88:04:bd:74: f7:bc:2b:71:38:0c:5a:fa:c0:20:1e:24:36:de:ef:ba:f1:09: f4:e1:3b:d8:86:bf:97:37:85:34:b6:e4:e4:bd:37:97:52:01: 74:24:0d:7b:7e:ef:6c:77:44:3f:5d:1c:b3:48:a3:26:ed:17: 58:d8:95:9e:a6:09:96:38:08:45:d0:c7:5b:45:01:aa:9e:00: 20:bd:5f:0f:28:61:80:29:41:b6:a4:92:f2:78:1b:94:cb:e0: e0:63:9c:af:fd:88:aa:d0:f4:bf:96:5d:cc:8b:6e:9b:c6:59: a6:b7:5f:61:4c:ad:2d:e0:33:e4:2d:45:68:8a:5c:80:83:6e: b7:52:42:44:d0:60:e9:fc:f0:da:34:22:0d:7d:1a:5a:bb:08: 5b:b4:37:11 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIUAqJ7tKbvrrAsW3e5ovdZ7tCEgGgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FD MjlBMjU0RTAeFw0yNjA0MjgwMDU0MTJaFw0yNzA0MjcwMDU5MTJaMDMxMTAvBgNV BAMTKDYyOTY3MjA5QUFBNjczMzE0QjhCODA0MjlBNjUwNkY0NEJDRjM5NUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKz9hVk8MKHRsNnO8gfHylGEC+ 6axAAa5togtXOQ/fx+KfLBGms9VxIUNajMim5n7vspN8l3ykdV9au6bOJnrDkyWt DuuXA1t5JP8jxu+HtJjLgMKqJmgGJoDI/d3tBzl1sziaoDAdqyZ+f9BVC0YsnUmY savbA8XAEj3yNHljBG8MIoPFmp0RLjzZ7vuj9DMN3aaqIguw7HQqI99nP7a2Dd1o h+xkQKZ/i8SSmeStx4OIhynkqPPzilycsU6PPARH1rSAIu0amnWV4+Pef88tFbHw nFrwII5ez1N3wGY7TbQ7Dt4RShUazAP5biwdqpBcBJJvenmDMsawnlQc4+kzAgMB AAGjggINMIICCTAdBgNVHQ4EFgQUYpZyCaqmczFLi4BCmmUG9EvPOV8wHwYDVR0j BBgwFoAUccm/5Mj9fnd6HJ5V36YKOsKaJU4wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2 NTU3OTUzNDM5NDc4NTc5NS8wLzcxQzlCRkU0QzhGRDdFNzc3QTFDOUU1NURGQTYw QTNBQzI5QTI1NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvNzFDOUJGRTRDOEZEN0U3NzdBMUM5RTU1REZBNjBBM0FDMjlBMjU0RS5jZXIw gYYGCCsGAQUFBwELBHoweDB2BggrBgEFBQcwC4ZqcnN5bmM6Ly9ycGtpLXJwcy5j bm5pYy5jbi9yZXBvL0ExMDY1NTc5NTM0Mzk0Nzg1Nzk1LzAvMzQzMzJlMzIzNDMw MmUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMzM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA K/ADMA0GCSqGSIb3DQEBCwUAA4IBAQBAmmGDF5g+4mH242BOA91ELPp01dRQBfay wnAPOrLpLBoks/vmVzUJsj8o12mArTUjst/RqqCCAtvlFljm5G9KcqG/55DJq1eq cNQMQc3h2lhiEbUZhsvpS8gn9ethAsKjwCXlDZ5wfIgEvXT3vCtxOAxa+sAgHiQ2 3u+68Qn04TvYhr+XN4U0tuTkvTeXUgF0JA17fu9sd0Q/XRyzSKMm7RdY2JWepgmW OAhF0MdbRQGqngAgvV8PKGGAKUG2pJLyeBuUy+DgY5yv/Yiq0PS/ll3Mi26bxlmm t19hTK0t4DPkLUVoilyAg263UkJE0GDp/PDaNCINfRpauwhbtDcR -----END CERTIFICATE-----Generated at Wed May 13 11:56:20 2026 by rpki-client