$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/rlzdZPwqK5Oa0YBChiK_h_0EwVY.roa File: rlzdZPwqK5Oa0YBChiK_h_0EwVY.roa (raw, json) Hash identifier: oIVPo7fR1TB38YsoJ++yXQ6k9SlvuWne2dWr+5XWVGw= Subject key identifier: AE:5C:DD:64:FC:2A:2B:93:9A:D1:80:42:86:22:BF:87:FD:04:C1:56 Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Certificate serial: 14CC Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/rlzdZPwqK5Oa0YBChiK_h_0EwVY.roa Signing time: Wed 09 Apr 2025 06:48:36 +0000 ROA not before: Wed 09 Apr 2025 06:48:36 +0000 ROA not after: Thu 09 Apr 2026 06:41:24 +0000 asID: 57844 IP address blocks: 218.98.86.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5324 (0x14cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Validity Not Before: Apr 9 06:48:36 2025 GMT Not After : Apr 9 06:41:24 2026 GMT Subject: CN=AE5CDD64FC2A2B939AD180428622BF87FD04C156 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:cb:0b:bd:36:2e:0b:c8:a0:41:68:12:09:fb: c6:3b:e3:68:39:d6:62:d7:33:9e:14:2c:9c:cc:60: c8:0c:25:9a:a5:3a:55:9f:e1:eb:72:75:36:fb:6b: 6f:77:fc:1b:df:33:51:ee:80:f8:71:a9:ae:d7:27: 90:2a:d2:13:70:c7:28:53:04:5c:0b:42:ae:51:d6: 03:91:3b:02:25:89:b0:e5:df:59:2e:9c:f4:44:15: e4:d9:d7:5f:4b:ab:99:27:a7:92:53:69:ae:36:21: 69:ec:fe:fa:a3:ab:dc:27:71:dd:2a:5c:8c:86:a3: 1b:11:5d:52:62:b6:0d:bf:86:a4:0e:f0:aa:0a:4d: 84:77:49:23:c9:c5:ba:9d:a5:0f:2c:b6:5d:ac:b8: 75:12:ec:69:c1:d4:9d:9c:10:7c:57:90:7b:09:22: d8:33:14:b2:95:8d:4c:ab:ce:c4:b9:86:7a:66:0f: 84:fa:b4:82:e8:54:2f:28:a2:3d:a6:52:da:d1:ea: e5:5d:14:c6:03:89:a4:a9:83:ab:fd:58:f1:6d:0e: 15:05:eb:e1:f3:ad:00:e5:87:d4:e7:a6:1a:bf:42: 83:67:9a:ff:90:c9:d8:cf:4e:27:b6:60:84:ec:7c: ab:c9:db:d4:9f:95:bb:92:1d:0c:91:ef:62:10:21: 00:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:5C:DD:64:FC:2A:2B:93:9A:D1:80:42:86:22:BF:87:FD:04:C1:56 X509v3 Authority Key Identifier: keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/rlzdZPwqK5Oa0YBChiK_h_0EwVY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.98.86.0/24 Signature Algorithm: sha256WithRSAEncryption 11:69:ee:99:5f:f2:57:fb:31:28:3b:6c:6b:32:c0:ee:86:dd: 1e:8d:7a:fe:4c:6a:97:4a:60:e1:ff:e5:64:56:6d:f0:4b:6e: 4c:cc:ff:aa:f7:f3:92:1e:74:bd:58:29:c6:0c:f3:dd:8a:10: 14:65:ce:a8:43:15:43:22:bd:48:9e:b3:18:26:e3:2c:b6:da: 00:1a:0c:48:4b:d0:bb:b6:03:6d:14:bd:36:c8:32:f7:74:c0: 78:24:df:eb:0d:4e:d5:c7:7e:a6:da:73:31:18:c1:ab:a2:66: 53:fb:5d:9c:24:0d:06:83:11:cf:e2:dd:b4:cb:82:29:2b:17: f0:5f:9d:00:8d:49:56:33:d4:07:61:ae:2d:1a:39:c8:1e:3e: cf:06:86:d1:5d:26:a3:c5:98:a9:f9:5e:f0:02:62:d5:f0:c8: d5:05:fe:87:f2:79:c4:28:c0:1f:44:a1:3f:bf:2f:24:c5:1c: 8c:f6:5c:3a:27:b0:30:88:24:d5:d3:1f:34:ed:db:a7:a0:ef: d9:42:1a:e9:d7:1e:a2:b2:bc:ef:96:d4:4b:e0:07:3e:4c:87: 62:2d:bb:15:af:21:35:60:91:ac:8e:c2:0c:6c:a3:19:c3:2c: 38:06:2a:e0:ac:f2:65:1e:a1:5b:55:37:e3:11:53:18:a2:5b: 7c:f8:a8:82 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2 ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA0MDkw NjQ4MzZaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKEFFNUNERDY0RkMyQTJC OTM5QUQxODA0Mjg2MjJCRjg3RkQwNEMxNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUywu9Ni4LyKBBaBIJ+8Y742g51mLXM54ULJzMYMgMJZqlOlWf 4etydTb7a293/BvfM1HugPhxqa7XJ5Aq0hNwxyhTBFwLQq5R1gOROwIlibDl31ku nPREFeTZ119Lq5knp5JTaa42IWns/vqjq9wncd0qXIyGoxsRXVJitg2/hqQO8KoK TYR3SSPJxbqdpQ8stl2suHUS7GnB1J2cEHxXkHsJItgzFLKVjUyrzsS5hnpmD4T6 tILoVC8ooj2mUtrR6uVdFMYDiaSpg6v9WPFtDhUF6+HzrQDlh9Tnphq/QoNnmv+Q ydjPTie2YITsfKvJ29SflbuSHQyR72IQIQAZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUrlzdZPwqK5Oa0YBChiK/h/0EwVYwHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvcmx6ZFpQd3FLNU9h MFlCQ2hpS19oXzBFd1ZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEANpiVjANBgkqhkiG9w0BAQsFAAOCAQEAEWnumV/yV/sxKDtsazLA7obdHo16 /kxql0pg4f/lZFZt8EtuTMz/qvfzkh50vVgpxgzz3YoQFGXOqEMVQyK9SJ6zGCbj LLbaABoMSEvQu7YDbRS9Nsgy93TAeCTf6w1O1cd+ptpzMRjBq6JmU/tdnCQNBoMR z+LdtMuCKSsX8F+dAI1JVjPUB2GuLRo5yB4+zwaG0V0mo8WYqfle8AJi1fDI1QX+ h/J5xCjAH0ShP78vJMUcjPZcOiewMIgk1dMfNO3bp6Dv2UIa6dceorK875bUS+AH PkyHYi27Fa8hNWCRrI7CDGyjGcMsOAYq4KzyZR6hW1U34xFTGKJbfPiogg== -----END CERTIFICATE-----Generated at Sat Apr 26 15:07:07 2025 by rpki-client