$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/VZ8V2Y3gPjzW-2zobselFD5rH8E.roa File: VZ8V2Y3gPjzW-2zobselFD5rH8E.roa (raw, json) Hash identifier: JMyXh5rN9v5fWiEHEfTM4Qhm4/EC8yxMOZRfIy0cm4o= Subject key identifier: 55:9F:15:D9:8D:E0:3E:3C:D6:FB:6C:E8:6E:C7:A5:14:3E:6B:1F:C1 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1865 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/VZ8V2Y3gPjzW-2zobselFD5rH8E.roa Signing time: Fri 06 Jun 2025 13:20:47 +0000 ROA not before: Fri 06 Jun 2025 13:20:47 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 398704 IP address blocks: 180.223.214.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 09:42:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6245 (0x1865) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jun 6 13:20:47 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=559F15D98DE03E3CD6FB6CE86EC7A5143E6B1FC1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ce:74:23:65:10:74:fd:67:2e:58:e5:87:77: ea:f3:3a:98:01:e9:b8:ac:35:78:3e:6c:56:9a:51: 18:b4:eb:8b:9d:0f:a9:dc:c5:08:e9:3f:2d:82:35: 3b:7d:46:89:e1:88:7e:3e:d8:ab:f8:35:3c:79:07: d4:d5:a4:03:01:d3:58:71:2f:08:49:13:18:e1:66: 8b:15:ba:ea:22:75:30:67:4a:ce:8a:de:6e:35:48: b1:6e:0a:d2:c9:45:b2:2a:23:18:a4:bc:5f:6a:b5: 8a:2f:a3:a2:2b:d3:6d:b1:19:79:41:28:5f:d2:8b: a3:64:0a:bf:25:42:1d:9e:b7:27:02:88:b8:b3:e3: 35:fb:9c:1e:ef:b7:4f:99:29:d0:38:b1:98:ab:15: 92:e1:24:5b:90:c1:37:53:47:0f:7a:21:16:25:09: da:bc:67:e6:d7:8d:5d:5f:34:5e:b9:89:b9:47:4c: 7d:d1:28:de:3e:a4:69:17:92:fd:13:fd:e5:23:15: 36:aa:66:46:76:70:e9:01:eb:78:99:c9:33:4b:6d: b2:78:ed:a4:a6:96:0d:93:63:c8:01:6f:79:b4:5b: 0d:cd:ed:10:87:fd:ff:ee:f3:4b:f5:5e:c1:e4:e5: 20:83:6f:54:25:9a:69:f8:54:f4:5f:88:1b:89:1c: 03:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:9F:15:D9:8D:E0:3E:3C:D6:FB:6C:E8:6E:C7:A5:14:3E:6B:1F:C1 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/VZ8V2Y3gPjzW-2zobselFD5rH8E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.214.0/24 Signature Algorithm: sha256WithRSAEncryption ab:df:e2:5b:16:63:71:0a:c1:fc:7c:79:4a:63:3f:67:ef:3c: a0:88:31:a6:0d:27:45:1d:69:af:10:c1:ba:9f:c1:6d:2c:70: 0b:22:a0:db:0b:6b:33:d7:30:82:5f:7e:6c:69:7f:24:d8:63: 6d:8e:a0:13:a4:5f:82:e3:31:da:77:ac:50:0d:ed:fe:f2:44: d1:44:f5:57:17:5a:25:15:6f:3a:3a:4d:17:ef:89:8c:31:ab: 8e:00:11:68:f4:74:01:c1:e5:aa:33:ac:7a:7c:14:18:ae:60: 25:5b:b9:67:a4:05:88:6d:2c:5b:26:6b:ab:8b:b9:fb:bf:89: 50:d8:9f:cf:f6:f9:51:39:2f:32:7f:01:dc:48:19:95:8c:c4: 1d:17:99:c8:d0:db:9d:1f:cd:4f:79:78:e6:5b:22:7e:c5:76: 51:64:56:c7:ac:79:f9:81:64:05:a9:25:ca:46:e0:b3:26:62: f1:88:14:1a:6e:06:33:ea:33:f3:e7:02:58:e3:83:e1:ca:05: ef:da:69:9d:2d:b5:c1:20:45:31:1d:83:e4:d0:9e:ab:aa:14: 56:e9:5b:e7:06:21:50:b3:4d:36:81:8c:da:cb:5c:77:05:3d: d8:9f:2c:56:65:26:5a:f4:ba:b1:6f:40:58:d8:ca:8c:09:0a: b8:86:4f:56 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGGUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA2MDYx MzIwNDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU1OUYxNUQ5OERFMDNF M0NENkZCNkNFODZFQzdBNTE0M0U2QjFGQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6znQjZRB0/WcuWOWHd+rzOpgB6bisNXg+bFaaURi064udD6nc xQjpPy2CNTt9RonhiH4+2Kv4NTx5B9TVpAMB01hxLwhJExjhZosVuuoidTBnSs6K 3m41SLFuCtLJRbIqIxikvF9qtYovo6Ir022xGXlBKF/Si6NkCr8lQh2etycCiLiz 4zX7nB7vt0+ZKdA4sZirFZLhJFuQwTdTRw96IRYlCdq8Z+bXjV1fNF65iblHTH3R KN4+pGkXkv0T/eUjFTaqZkZ2cOkB63iZyTNLbbJ47aSmlg2TY8gBb3m0Ww3N7RCH /f/u80v1XsHk5SCDb1Qlmmn4VPRfiBuJHAP1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUVZ8V2Y3gPjzW+2zobselFD5rH8EwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvVlo4VjJZM2dQanpX LTJ6b2JzZWxGRDVySDhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTf1jANBgkqhkiG9w0BAQsFAAOCAQEAq9/iWxZjcQrB/Hx5SmM/Z+88oIgx pg0nRR1prxDBup/BbSxwCyKg2wtrM9cwgl9+bGl/JNhjbY6gE6RfguMx2nesUA3t /vJE0UT1VxdaJRVvOjpNF++JjDGrjgARaPR0AcHlqjOsenwUGK5gJVu5Z6QFiG0s WyZrq4u5+7+JUNifz/b5UTkvMn8B3EgZlYzEHReZyNDbnR/NT3l45lsifsV2UWRW x6x5+YFkBaklykbgsyZi8YgUGm4GM+oz8+cCWOOD4coF79ppnS21wSBFMR2D5NCe q6oUVulb5wYhULNNNoGM2stcdwU92J8sVmUmWvS6sW9AWNjKjAkKuIZPVg== -----END CERTIFICATE-----Generated at Sun Jun 22 09:13:49 2025 by rpki-client