$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1106220441690701841/0/AS38341.roa File: AS38341.roa (raw, json) Hash identifier: RJkDZXApQMPiDZRPX5V1FKULI7lsgYxE3qOhphaxQ2o= Subject key identifier: 85:7D:3D:CD:18:A2:79:95:C3:57:21:CE:5F:3B:B0:03:AE:E4:B7:58 Certificate issuer: /CN=7F335EE4A33D07C42C38C45EC648A6F91CE4E95D Certificate serial: 40635B0EF86392D2F20321255C0F2E19CBEFD89E Authority key identifier: 7F:33:5E:E4:A3:3D:07:C4:2C:38:C4:5E:C6:48:A6:F9:1C:E4:E9:5D Authority info access: rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/7F335EE4A33D07C42C38C45EC648A6F91CE4E95D.cer Subject info access: rsync://rpki-rps.cnnic.cn/repo/A1106220441690701841/0/AS38341.roa Signing time: Tue 12 May 2026 13:43:05 +0000 ROA not before: Tue 12 May 2026 13:38:05 +0000 ROA not after: Tue 11 May 2027 13:43:05 +0000 asID: 38341 IP address blocks: 61.236.80.0/20 maxlen: 20 61.236.96.0/20 maxlen: 20 61.236.112.0/21 maxlen: 21 122.64.0.0/17 maxlen: 17 122.64.128.0/17 maxlen: 17 122.72.57.0/24 maxlen: 24 123.83.128.0/17 maxlen: 17 211.98.95.0/24 maxlen: 24 211.98.176.0/24 maxlen: 24 211.98.188.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rps.cnnic.cn/repo/A1106220441690701841/0/7F335EE4A33D07C42C38C45EC648A6F91CE4E95D.crl rsync://rpki-rps.cnnic.cn/repo/A1106220441690701841/0/7F335EE4A33D07C42C38C45EC648A6F91CE4E95D.mft rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/7F335EE4A33D07C42C38C45EC648A6F91CE4E95D.cer rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 15:50:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:63:5b:0e:f8:63:92:d2:f2:03:21:25:5c:0f:2e:19:cb:ef:d8:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7F335EE4A33D07C42C38C45EC648A6F91CE4E95D Validity Not Before: May 12 13:38:05 2026 GMT Not After : May 11 13:43:05 2027 GMT Subject: CN=857D3DCD18A27995C35721CE5F3BB003AEE4B758 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:a8:01:10:91:35:47:8b:fc:2b:e9:74:b5:2e: e3:0b:8e:24:c5:34:66:66:e7:b9:ec:07:c2:12:b3: a1:23:7d:0b:ff:1b:93:69:f8:2c:bf:c6:60:3c:e9: 82:47:30:67:1b:d9:ef:3f:20:19:31:e8:75:fc:4c: f0:39:12:e1:f4:08:69:bf:74:94:98:c5:3a:45:25: ec:93:f1:a6:0e:11:95:45:73:60:6d:ac:cf:1a:95: ac:d9:26:38:c8:ef:02:8f:03:95:e5:aa:b8:8f:41: 87:bd:73:c5:4f:66:7c:61:25:18:4d:1c:d4:fe:80: 79:a6:36:ea:ac:d1:2f:f3:04:4e:25:e2:7d:5d:93: 7a:23:0e:7b:af:8a:9d:da:5c:79:f8:74:89:d6:08: 15:8c:b5:ea:f1:39:42:e4:38:0a:59:ca:40:4d:15: ec:ae:5b:f7:1a:ed:84:eb:33:f0:21:15:f2:be:f3: 15:7a:da:f6:8f:33:85:b7:20:37:e7:bb:ee:a6:c3: c6:48:10:1a:cc:6c:4b:96:7a:54:6c:c3:c0:25:f5: 7c:64:50:f7:f6:cd:7e:84:34:60:b6:63:ba:6e:b3: 41:fe:9f:c8:48:64:0a:c4:0b:6d:27:e3:0d:3d:06: 9d:e8:5f:f3:94:2b:ce:73:b2:0e:c0:55:fa:27:a4: a1:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:7D:3D:CD:18:A2:79:95:C3:57:21:CE:5F:3B:B0:03:AE:E4:B7:58 X509v3 Authority Key Identifier: keyid:7F:33:5E:E4:A3:3D:07:C4:2C:38:C4:5E:C6:48:A6:F9:1C:E4:E9:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rps.cnnic.cn/repo/A1106220441690701841/0/7F335EE4A33D07C42C38C45EC648A6F91CE4E95D.crl Authority Information Access: CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/7F335EE4A33D07C42C38C45EC648A6F91CE4E95D.cer Subject Information Access: Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1106220441690701841/0/AS38341.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 61.236.80.0-61.236.119.255 122.64.0.0/16 122.72.57.0/24 123.83.128.0/17 211.98.95.0/24 211.98.176.0/24 211.98.188.0/23 Signature Algorithm: sha256WithRSAEncryption 65:a6:fb:e4:aa:ee:47:dd:1e:9d:0a:bb:79:8e:cc:d1:cc:b8: d6:2b:43:4a:c4:09:67:55:af:75:68:14:1e:d4:38:58:e9:d4: 79:09:95:9f:0c:c8:44:e1:54:70:3f:63:96:91:7a:2b:10:1b: 9a:48:9e:fd:f6:8a:88:6d:a1:6d:87:24:47:04:31:07:fe:fd: 43:6a:8a:ba:34:19:6d:29:45:c0:47:a6:27:26:0a:c2:f0:7a: 29:18:8a:99:0c:f0:7e:49:b9:ec:1e:19:c2:d2:e5:86:55:9a: 40:7b:01:54:a5:ad:b6:39:c2:06:b3:9e:98:84:a2:2c:fd:b6: 74:70:fb:14:43:d0:a9:c0:8c:89:ea:02:31:2d:49:85:7a:6b: fb:25:ca:12:b4:72:c8:ab:38:50:47:8d:da:ef:80:32:7e:fa: a8:3a:a2:66:25:2f:9d:50:4b:4f:28:de:9a:92:fb:6f:47:fe: 8b:6e:0f:2a:05:9e:26:52:bc:2e:96:b9:a4:05:7d:82:c6:65: e7:10:3b:3f:e1:bd:06:cd:21:00:c5:bf:43:6c:26:4e:00:91: 18:c2:74:21:d3:87:b6:69:fe:3d:61:85:a0:41:fb:6a:b0:09: cd:0a:b7:0e:aa:d6:8d:42:5e:12:f1:7b:af:5f:6c:11:49:ab: 67:2b:2c:c9 -----BEGIN CERTIFICATE----- MIIFBDCCA+ygAwIBAgIUQGNbDvhjktLyAyElXA8uGcvv2J4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN0YzMzVFRTRBMzNEMDdDNDJDMzhDNDVFQzY0OEE2Rjkx Q0U0RTk1RDAeFw0yNjA1MTIxMzM4MDVaFw0yNzA1MTExMzQzMDVaMDMxMTAvBgNV BAMTKDg1N0QzRENEMThBMjc5OTVDMzU3MjFDRTVGM0JCMDAzQUVFNEI3NTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdqAEQkTVHi/wr6XS1LuMLjiTF NGZm57nsB8ISs6EjfQv/G5Np+Cy/xmA86YJHMGcb2e8/IBkx6HX8TPA5EuH0CGm/ dJSYxTpFJeyT8aYOEZVFc2BtrM8alazZJjjI7wKPA5XlqriPQYe9c8VPZnxhJRhN HNT+gHmmNuqs0S/zBE4l4n1dk3ojDnuvip3aXHn4dInWCBWMterxOULkOApZykBN FeyuW/ca7YTrM/AhFfK+8xV62vaPM4W3IDfnu+6mw8ZIEBrMbEuWelRsw8Al9Xxk UPf2zX6ENGC2Y7pus0H+n8hIZArEC20n4w09Bp3oX/OUK85zsg7AVfonpKHxAgMB AAGjggIOMIICCjAdBgNVHQ4EFgQUhX09zRiieZXDVyHOXzuwA67kt1gwHwYDVR0j BBgwFoAUfzNe5KM9B8QsOMRexkim+Rzk6V0wDgYDVR0PAQH/BAQDAgeAMHMGA1Ud HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTEw NjIyMDQ0MTY5MDcwMTg0MS8wLzdGMzM1RUU0QTMzRDA3QzQyQzM4QzQ1RUM2NDhB NkY5MUNFNEU5NUQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5 bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1 LzEvN0YzMzVFRTRBMzNEMDdDNDJDMzhDNDVFQzY0OEE2RjkxQ0U0RTk1RC5jZXIw XQYIKwYBBQUHAQsEUTBPME0GCCsGAQUFBzALhkFyc3luYzovL3Jwa2ktcnBzLmNu bmljLmNuL3JlcG8vQTExMDYyMjA0NDE2OTA3MDE4NDEvMC9BUzM4MzQxLnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIA ATAxMAwDBAQ97FADBAM97HADAwB6QAMEAHpIOQMEB3tTgAMEANNiXwMEANNisAME AdNivDANBgkqhkiG9w0BAQsFAAOCAQEAZab75KruR90enQq7eY7M0cy41itDSsQJ Z1WvdWgUHtQ4WOnUeQmVnwzIROFUcD9jlpF6KxAbmkie/faKiG2hbYckRwQxB/79 Q2qKujQZbSlFwEemJyYKwvB6KRiKmQzwfkm57B4ZwtLlhlWaQHsBVKWttjnCBrOe mISiLP22dHD7FEPQqcCMieoCMS1JhXpr+yXKErRyyKs4UEeN2u+AMn76qDqiZiUv nVBLTyjempL7b0f+i24PKgWeJlK8Lpa5pAV9gsZl5xA7P+G9Bs0hAMW/Q2wmTgCR GMJ0IdOHtmn+PWGFoEH7arAJzQq3DqrWjUJeEvF7r19sEUmrZyssyQ== -----END CERTIFICATE-----Generated at Wed May 13 07:57:36 2026 by rpki-client