$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/U4oQnHmqzev6Gj7VQCG9Vg1IGKc.roa File: U4oQnHmqzev6Gj7VQCG9Vg1IGKc.roa (raw, json) Hash identifier: ljZleBf1aFuqSDR+p0LmN1murZ6t7/ag946nBUiY8mc= Subject key identifier: 53:8A:10:9C:79:AA:CD:EB:FA:1A:3E:D5:40:21:BD:56:0D:48:18:A7 Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Certificate serial: 163B Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/U4oQnHmqzev6Gj7VQCG9Vg1IGKc.roa Signing time: Thu 19 Jun 2025 03:13:56 +0000 ROA not before: Thu 19 Jun 2025 03:13:56 +0000 ROA not after: Thu 09 Apr 2026 06:41:24 +0000 asID: 174 IP address blocks: 59.83.128.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:13:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5691 (0x163b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Validity Not Before: Jun 19 03:13:56 2025 GMT Not After : Apr 9 06:41:24 2026 GMT Subject: CN=538A109C79AACDEBFA1A3ED54021BD560D4818A7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:56:c1:50:1f:06:82:64:ec:23:c1:66:43:65: d2:81:6b:ef:63:25:67:ee:a0:e7:97:3a:dd:fa:0a: 81:bd:c8:37:7a:97:1d:ad:74:25:88:5a:96:b1:b4: 85:29:ea:92:4d:99:e6:a8:5c:9c:3e:d5:58:e8:77: 2b:06:df:bc:a8:0d:2a:2e:d8:49:45:82:30:06:b7: bb:15:f9:c2:ec:b7:fb:39:74:26:45:1e:e4:78:10: 4f:a5:9e:a3:c9:84:42:7e:2e:f7:ca:07:c5:4e:ff: ec:03:b1:8b:34:03:dc:93:94:10:6c:e3:a9:f7:47: 33:94:4e:6b:51:81:80:6e:9f:46:5b:2e:61:5c:3a: 4c:7f:b0:55:6b:fa:43:f9:1f:05:2a:53:20:17:5d: 59:d3:03:f0:28:24:2e:87:05:a2:6c:91:c2:55:d0: a2:8c:95:e0:28:eb:cb:b4:f8:73:bc:36:67:c7:bb: ab:d9:f7:dc:dc:40:49:7a:8a:6a:1c:7e:6a:92:66: 87:49:21:a1:7f:48:c8:3b:4b:d0:bf:b8:78:a7:5d: c9:d0:d0:63:56:ca:c5:b9:8c:4c:b4:a5:a3:50:44: 3d:99:51:8e:1b:51:98:8d:00:c5:e7:e5:de:ae:1e: 2e:33:a0:67:36:38:d0:ef:17:f4:bb:3d:a4:47:67: ae:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:8A:10:9C:79:AA:CD:EB:FA:1A:3E:D5:40:21:BD:56:0D:48:18:A7 X509v3 Authority Key Identifier: keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/U4oQnHmqzev6Gj7VQCG9Vg1IGKc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 59.83.128.0/20 Signature Algorithm: sha256WithRSAEncryption 3a:32:0b:b7:ef:a7:f9:d3:5a:ff:78:2c:8b:c0:fc:ff:5f:8f: 70:5f:c0:b8:5e:31:f1:00:27:9a:6a:ad:33:82:b0:59:fe:11: 72:3c:4c:54:89:17:c7:88:37:17:70:cf:09:6d:65:c7:13:4e: 19:ce:ea:63:ad:77:eb:a2:b1:56:ce:4a:6c:f1:63:af:4c:52: 9b:96:07:bf:b2:ad:bb:e7:31:c7:b3:ee:6c:a6:b1:94:89:2c: 35:73:07:79:8d:b7:1b:82:38:f2:1c:ef:cb:73:b8:21:9f:ee: db:18:ea:f3:0e:1f:81:aa:55:b0:4a:de:20:1d:da:10:e6:94: 14:c4:ca:47:ff:09:39:a5:d7:ac:3e:0c:7a:8e:d2:73:e9:05: 60:86:a4:ba:f4:a9:e6:8d:97:3a:b9:31:70:52:c8:1c:18:e3: af:7f:f0:54:1d:b8:28:92:1d:82:4f:a7:ec:3a:f0:b1:a0:57: 63:bf:dd:b6:25:96:d8:64:b6:f0:90:2d:89:3b:3d:4e:8a:63: 2f:97:fa:e1:74:9d:b6:25:a4:6b:01:91:a7:e7:b3:71:72:08: d0:ec:25:b7:8a:80:12:54:f5:5a:64:fb:d2:f5:a1:34:04:3e: d1:d6:b7:f1:f0:f0:88:c3:69:0e:a9:f6:ad:c1:b9:8d:6c:3b: 4a:29:79:91 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFjswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2 ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA2MTkw MzEzNTZaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKDUzOEExMDlDNzlBQUNE RUJGQTFBM0VENTQwMjFCRDU2MEQ0ODE4QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9VsFQHwaCZOwjwWZDZdKBa+9jJWfuoOeXOt36CoG9yDd6lx2t dCWIWpaxtIUp6pJNmeaoXJw+1VjodysG37yoDSou2ElFgjAGt7sV+cLst/s5dCZF HuR4EE+lnqPJhEJ+LvfKB8VO/+wDsYs0A9yTlBBs46n3RzOUTmtRgYBun0ZbLmFc Okx/sFVr+kP5HwUqUyAXXVnTA/AoJC6HBaJskcJV0KKMleAo68u0+HO8NmfHu6vZ 99zcQEl6imocfmqSZodJIaF/SMg7S9C/uHinXcnQ0GNWysW5jEy0paNQRD2ZUY4b UZiNAMXn5d6uHi4zoGc2ONDvF/S7PaRHZ67hAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUU4oQnHmqzev6Gj7VQCG9Vg1IGKcwHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvVTRvUW5IbXF6ZXY2 R2o3VlFDRzlWZzFJR0tjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBDtTgDANBgkqhkiG9w0BAQsFAAOCAQEAOjILt++n+dNa/3gsi8D8/1+PcF/A uF4x8QAnmmqtM4KwWf4RcjxMVIkXx4g3F3DPCW1lxxNOGc7qY61366KxVs5KbPFj r0xSm5YHv7Ktu+cxx7PubKaxlIksNXMHeY23G4I48hzvy3O4IZ/u2xjq8w4fgapV sEreIB3aEOaUFMTKR/8JOaXXrD4Meo7Sc+kFYIakuvSp5o2XOrkxcFLIHBjjr3/w VB24KJIdgk+n7DrwsaBXY7/dtiWW2GS28JAtiTs9TopjL5f64XSdtiWkawGRp+ez cXII0Owlt4qAElT1WmT70vWhNAQ+0da38fDwiMNpDqn2rcG5jWw7Sil5kQ== -----END CERTIFICATE-----Generated at Sat Jun 21 17:27:51 2025 by rpki-client