$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1099898650089291777/0/3231312e3135342e3137362e302f32312d3231203d3e203538383334.roa File: 3231312e3135342e3137362e302f32312d3231203d3e203538383334.roa (raw, json) Hash identifier: tEDyLaYRb0pvyhNQEaIWXhzDwecCkMS3qTgzbIUEgJE= Subject key identifier: D7:C4:33:F8:32:D2:B2:9B:92:23:DD:94:3A:C6:22:D1:5E:DA:5E:AF Certificate issuer: /CN=32A1B9CA0B4E1D345EF37542407653C6E58EBC53 Certificate serial: 5658737611B23E5A926B59B34670B835C3E0C317 Authority key identifier: 32:A1:B9:CA:0B:4E:1D:34:5E:F3:75:42:40:76:53:C6:E5:8E:BC:53 Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/3231312e3135342e3137362e302f32312d3231203d3e203538383334.roa Signing time: Fri 24 Apr 2026 03:34:10 +0000 ROA not before: Fri 24 Apr 2026 03:29:10 +0000 ROA not after: Fri 23 Apr 2027 03:34:10 +0000 asID: 58834 IP address blocks: 211.154.176.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.crl rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 03:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:58:73:76:11:b2:3e:5a:92:6b:59:b3:46:70:b8:35:c3:e0:c3:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32A1B9CA0B4E1D345EF37542407653C6E58EBC53 Validity Not Before: Apr 24 03:29:10 2026 GMT Not After : Apr 23 03:34:10 2027 GMT Subject: CN=D7C433F832D2B29B9223DD943AC622D15EDA5EAF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:2a:dd:00:08:82:7a:ac:b1:76:b6:d9:a3:41: 20:bb:79:78:4c:53:72:55:f1:38:94:db:8c:b2:ee: d2:3a:cb:02:14:e4:15:73:cf:2b:a3:fe:0f:07:c2: 30:13:d9:f4:9f:3b:ba:d1:f4:56:c2:46:b0:1f:60: 40:fa:d9:b4:68:51:ed:47:4b:0b:fe:5e:e6:02:57: 10:9a:f8:59:ef:66:42:e5:86:41:d7:17:4a:cc:b5: 95:e6:2d:24:45:bb:de:53:5c:d8:0f:bb:57:bb:d8: 9b:d8:0a:a6:14:62:9f:29:d2:f9:71:25:32:c5:e9: a8:92:b1:05:0d:e7:b9:41:04:41:b8:ac:17:e8:98: cc:2d:d9:f8:82:dd:89:23:ea:42:d2:08:b0:94:56: 02:89:3b:cf:74:aa:50:7e:d8:22:82:14:fe:e9:49: 3a:e7:18:b2:ea:44:82:04:9e:61:dd:2b:23:5b:9b: c8:97:32:31:bf:e6:b7:54:97:a6:3e:e2:93:47:0a: e8:04:2d:0d:6e:a7:91:14:30:d6:8a:c8:73:43:d7: 7e:2b:c8:1f:76:89:89:c0:b1:23:06:cf:d7:5d:64: e0:b5:6b:44:f7:86:8c:ea:24:4c:e7:91:9d:f1:ea: d6:ea:c4:34:f5:57:7c:c9:5a:2d:9c:6c:86:62:55: fe:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:C4:33:F8:32:D2:B2:9B:92:23:DD:94:3A:C6:22:D1:5E:DA:5E:AF X509v3 Authority Key Identifier: keyid:32:A1:B9:CA:0B:4E:1D:34:5E:F3:75:42:40:76:53:C6:E5:8E:BC:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/32A1B9CA0B4E1D345EF37542407653C6E58EBC53.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1099898650089291777/0/3231312e3135342e3137362e302f32312d3231203d3e203538383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 211.154.176.0/21 Signature Algorithm: sha256WithRSAEncryption 95:8c:c2:d5:3b:2a:11:cd:5a:d1:d8:47:be:c9:e2:10:2e:b1: c7:90:b4:ce:ca:e1:4f:a4:1b:2d:c4:2b:f7:2c:dd:64:c6:da: bd:d4:75:69:76:2a:e3:11:c1:ef:a6:4b:f0:69:b8:38:92:cf: 6c:68:21:c4:ec:70:2a:6d:bb:fd:44:b7:8f:b0:11:f4:ee:94: 52:39:e2:17:41:05:9c:c3:50:12:51:1c:54:3a:69:8a:54:e7: db:57:5f:32:ae:8d:3f:8c:7c:60:0e:9c:66:52:0b:90:1f:22: 08:e4:65:28:fe:fc:83:7e:5d:af:a1:ab:84:9d:e5:00:0f:d3: 46:aa:af:d3:a2:65:ae:ca:cb:ce:b3:3c:4c:f9:86:a0:35:2e: 86:97:96:55:ad:f5:1b:1d:96:9d:cb:ba:a7:4c:44:80:83:ab: 78:4d:73:e3:6e:99:cd:af:9c:fd:10:44:4d:36:84:a4:94:92: 8e:62:70:01:01:6c:70:22:14:de:33:be:c0:c4:1b:4e:4b:c3: a3:30:ed:71:42:f4:0d:b6:74:5f:50:b0:97:a5:ed:f2:6c:63: dd:6f:b5:19:da:13:7e:3d:98:9b:2c:b3:bc:17:60:a6:5d:76: 7d:40:69:d7:c2:12:6c:dc:6c:bd:e4:81:45:13:5e:19:1f:7d: fd:1d:22:a7 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgIUVlhzdhGyPlqSa1mzRnC4NcPgwxcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzJBMUI5Q0EwQjRFMUQzNDVFRjM3NTQyNDA3NjUzQzZF NThFQkM1MzAeFw0yNjA0MjQwMzI5MTBaFw0yNzA0MjMwMzM0MTBaMDMxMTAvBgNV BAMTKEQ3QzQzM0Y4MzJEMkIyOUI5MjIzREQ5NDNBQzYyMkQxNUVEQTVFQUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPKt0ACIJ6rLF2ttmjQSC7eXhM U3JV8TiU24yy7tI6ywIU5BVzzyuj/g8HwjAT2fSfO7rR9FbCRrAfYED62bRoUe1H Swv+XuYCVxCa+FnvZkLlhkHXF0rMtZXmLSRFu95TXNgPu1e72JvYCqYUYp8p0vlx JTLF6aiSsQUN57lBBEG4rBfomMwt2fiC3Ykj6kLSCLCUVgKJO890qlB+2CKCFP7p STrnGLLqRIIEnmHdKyNbm8iXMjG/5rdUl6Y+4pNHCugELQ1up5EUMNaKyHND134r yB92iYnAsSMGz9ddZOC1a0T3hozqJEznkZ3x6tbqxDT1V3zJWi2cbIZiVf4PAgMB AAGjggIXMIICEzAdBgNVHQ4EFgQU18Qz+DLSspuSI92UOsYi0V7aXq8wHwYDVR0j BBgwFoAUMqG5ygtOHTRe83VCQHZTxuWOvFMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA5 OTg5ODY1MDA4OTI5MTc3Ny8wLzMyQTFCOUNBMEI0RTFEMzQ1RUYzNzU0MjQwNzY1 M0M2RTU4RUJDNTMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvMzJBMUI5Q0EwQjRFMUQzNDVFRjM3NTQyNDA3NjUzQzZFNThFQkM1My5jZXIw gZAGCCsGAQUFBwELBIGDMIGAMH4GCCsGAQUFBzALhnJyc3luYzovL3Jwa2ktcnBz LmNubmljLmNuL3JlcG8vQTEwOTk4OTg2NTAwODkyOTE3NzcvMC8zMjMxMzEyZTMx MzUzNDJlMzEzNzM2MmUzMDJmMzIzMTJkMzIzMTIwM2QzZTIwMzUzODM4MzMzNC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w DAQCAAEwBgMEA9OasDANBgkqhkiG9w0BAQsFAAOCAQEAlYzC1TsqEc1a0dhHvsni EC6xx5C0zsrhT6QbLcQr9yzdZMbavdR1aXYq4xHB76ZL8Gm4OJLPbGghxOxwKm27 /US3j7AR9O6UUjniF0EFnMNQElEcVDppilTn21dfMq6NP4x8YA6cZlILkB8iCORl KP78g35dr6GrhJ3lAA/TRqqv06JlrsrLzrM8TPmGoDUuhpeWVa31Gx2Wncu6p0xE gIOreE1z426Zza+c/RBETTaEpJSSjmJwAQFscCIU3jO+wMQbTkvDozDtcUL0DbZ0 X1Cwl6Xt8mxj3W+1GdoTfj2YmyyzvBdgpl12fUBp18ISbNxsveSBRRNeGR99/R0i pw== -----END CERTIFICATE-----Generated at Wed May 13 19:36:20 2026 by rpki-client