$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS17621.roa File: AS17621.roa (raw, json) Hash identifier: q6GLMRFfZovhy9fwzDU68XceX1+3EZJr9c9/dNDOqbE= Subject key identifier: 44:D8:1B:80:14:E1:20:47:46:7A:CE:75:06:C8:09:3A:E9:53:79:DD Certificate issuer: /CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Certificate serial: 699CAD01ED30AE44407AED9F84164C5598932C46 Authority key identifier: C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS17621.roa Signing time: Thu 23 Apr 2026 06:49:21 +0000 ROA not before: Thu 23 Apr 2026 06:44:21 +0000 ROA not after: Thu 22 Apr 2027 06:49:21 +0000 asID: 17621 IP address blocks: 103.20.250.0/24 maxlen: 24 103.20.251.0/24 maxlen: 24 103.36.136.0/24 maxlen: 24 103.36.137.0/24 maxlen: 24 103.36.138.0/24 maxlen: 24 103.36.139.0/24 maxlen: 24 103.36.168.0/24 maxlen: 24 103.36.172.0/24 maxlen: 24 103.36.173.0/24 maxlen: 24 103.238.184.0/24 maxlen: 24 2403:a100::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 13:31:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:9c:ad:01:ed:30:ae:44:40:7a:ed:9f:84:16:4c:55:98:93:2c:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C89881B315F7E21BA948CF9CB11D1AC422106426 Validity Not Before: Apr 23 06:44:21 2026 GMT Not After : Apr 22 06:49:21 2027 GMT Subject: CN=44D81B8014E12047467ACE7506C8093AE95379DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:df:f8:87:14:2c:49:c9:a0:28:06:10:24:4f: 22:0c:1e:d4:45:15:46:cf:fb:97:64:69:13:cb:e1: 3a:6d:50:00:66:8a:78:a9:fd:db:9d:50:c6:0a:e3: f8:d7:0d:fc:fc:20:d0:8d:87:98:71:0b:ea:18:02: b7:9f:93:20:3c:f0:0f:ad:31:f1:22:7e:49:5c:b2: 24:4f:48:6e:90:ae:6b:c2:f1:e1:90:4f:8f:1a:d0: e7:b9:d1:a5:99:e4:2a:cd:23:00:3f:c1:5f:21:bf: 54:89:70:51:56:2a:2f:0f:33:1d:9d:f8:58:66:8c: a7:08:5a:b1:2d:7e:62:28:f1:5d:b1:4d:b1:39:cf: 29:cb:74:3d:23:5f:2a:af:88:9f:e5:27:f9:70:28: 72:99:44:b0:c9:ff:cb:97:77:75:bd:ee:ec:4a:a6: fd:5c:0b:12:64:be:e7:67:ba:a8:a4:db:f1:f5:b3: f8:45:e9:6a:96:31:16:1d:26:a4:12:98:9f:0e:d0: 40:b6:19:fd:26:9a:82:26:cd:0a:d3:8f:b3:0b:bc: 46:df:a7:54:7c:21:fb:37:b9:e3:03:3f:6c:69:0c: d9:01:6c:e3:67:ce:90:36:f6:f3:c9:58:79:9a:72: 32:28:37:fd:31:17:51:4d:94:c5:00:31:49:95:65: 84:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:D8:1B:80:14:E1:20:47:46:7A:CE:75:06:C8:09:3A:E9:53:79:DD X509v3 Authority Key Identifier: keyid:C8:98:81:B3:15:F7:E2:1B:A9:48:CF:9C:B1:1D:1A:C4:22:10:64:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/C89881B315F7E21BA948CF9CB11D1AC422106426.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/C89881B315F7E21BA948CF9CB11D1AC422106426.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1096632062997168131/0/AS17621.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.20.250.0/23 103.36.136.0/22 103.36.168.0/24 103.36.172.0/23 103.238.184.0/24 IPv6: 2403:a100::/48 Signature Algorithm: sha256WithRSAEncryption 9a:67:2b:af:be:f2:29:3d:81:77:1d:88:fd:8e:3e:cd:cb:d3: 85:44:3c:97:71:97:7e:8d:02:85:eb:bb:c8:c3:98:4d:f2:84: 6e:5d:2c:83:c7:42:08:77:fe:7f:9f:71:f3:6c:96:b9:db:d7: 88:7a:5d:fb:0e:13:0d:da:f6:9b:77:34:c5:6a:4d:4f:ac:dc: 39:bf:b5:2a:f3:ce:7a:9b:04:4e:90:98:a9:52:5c:68:3c:74: c5:e3:f4:fd:d9:9a:0f:8b:b8:d8:e2:ad:05:56:d4:0d:ad:97: 84:61:16:45:bf:c3:8e:84:aa:e4:0e:df:8b:11:16:a6:4f:7b: e7:bf:e5:99:35:60:1e:3f:33:70:d6:61:3f:51:e0:ea:ac:22: a2:72:3f:4c:6d:a0:8d:5d:b4:6e:d3:f3:f2:5b:b9:0b:0b:9d: 99:be:18:e5:eb:7c:ae:bf:61:e5:5c:1a:52:c5:5b:9d:83:47: 42:b4:87:9f:95:0d:88:05:f3:2c:af:20:bb:39:f4:a2:c6:23: 24:eb:96:0d:02:01:15:90:cb:7d:d5:33:25:3f:00:d7:bb:f2: b0:c3:a1:8d:be:48:00:d9:50:01:13:66:d7:19:a7:6a:4d:df: f8:9f:2b:c1:9a:3a:b0:7a:2d:e9:cf:4c:9e:3d:e9:db:60:76: c5:ba:47:5c -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUaZytAe0wrkRAeu2fhBZMVZiTLEYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQy MjEwNjQyNjAeFw0yNjA0MjMwNjQ0MjFaFw0yNzA0MjIwNjQ5MjFaMDMxMTAvBgNV BAMTKDQ0RDgxQjgwMTRFMTIwNDc0NjdBQ0U3NTA2QzgwOTNBRTk1Mzc5REQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy3/iHFCxJyaAoBhAkTyIMHtRF FUbP+5dkaRPL4TptUABminip/dudUMYK4/jXDfz8INCNh5hxC+oYArefkyA88A+t MfEifklcsiRPSG6QrmvC8eGQT48a0Oe50aWZ5CrNIwA/wV8hv1SJcFFWKi8PMx2d +FhmjKcIWrEtfmIo8V2xTbE5zynLdD0jXyqviJ/lJ/lwKHKZRLDJ/8uXd3W97uxK pv1cCxJkvudnuqik2/H1s/hF6WqWMRYdJqQSmJ8O0EC2Gf0mmoImzQrTj7MLvEbf p1R8Ifs3ueMDP2xpDNkBbONnzpA29vPJWHmacjIoN/0xF1FNlMUAMUmVZYQxAgMB AAGjggIMMIICCDAdBgNVHQ4EFgQURNgbgBThIEdGes51BsgJOulTed0wHwYDVR0j BBgwFoAUyJiBsxX34hupSM+csR0axCIQZCYwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 NjYzMjA2Mjk5NzE2ODEzMS8wL0M4OTg4MUIzMTVGN0UyMUJBOTQ4Q0Y5Q0IxMUQx QUM0MjIxMDY0MjYuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvQzg5ODgxQjMxNUY3RTIxQkE5NDhDRjlDQjExRDFBQzQyMjEwNjQyNi5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTEwOTY2MzIwNjI5OTcxNjgxMzEvMC9BUzE3NjIxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIA ATAeAwQBZxT6AwQCZySIAwQAZySoAwQBZySsAwQAZ+64MA8EAgACMAkDBwAkA6EA AAAwDQYJKoZIhvcNAQELBQADggEBAJpnK6++8ik9gXcdiP2OPs3L04VEPJdxl36N AoXru8jDmE3yhG5dLIPHQgh3/n+fcfNslrnb14h6XfsOEw3a9pt3NMVqTU+s3Dm/ tSrzznqbBE6QmKlSXGg8dMXj9P3Zmg+LuNjirQVW1A2tl4RhFkW/w46EquQO34sR FqZPe+e/5Zk1YB4/M3DWYT9R4OqsIqJyP0xtoI1dtG7T8/JbuQsLnZm+GOXrfK6/ YeVcGlLFW52DR0K0h5+VDYgF8yyvILs59KLGIyTrlg0CARWQy33VMyU/ANe78rDD oY2+SADZUAETZtcZp2pN3/ifK8GaOrB6LenPTJ496dtgdsW6R1w= -----END CERTIFICATE-----Generated at Wed May 13 02:38:37 2026 by rpki-client