$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3134/CkKMACaejuHA82qO3RTcNbGsL6U.roa File: CkKMACaejuHA82qO3RTcNbGsL6U.roa (raw, json) Hash identifier: W0TsVpF65vlb/5tIUDMaZiu5xpRoESYBw9VpwPSG6So= Subject key identifier: 0A:42:8C:00:26:9E:8E:E1:C0:F3:6A:8E:DD:14:DC:35:B1:AC:2F:A5 Certificate issuer: /CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Certificate serial: 06D9 Authority key identifier: 1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/CkKMACaejuHA82qO3RTcNbGsL6U.roa Signing time: Tue 10 Jun 2025 01:40:22 +0000 ROA not before: Tue 10 Jun 2025 01:40:22 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146762 IP address blocks: 103.2.156.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 12:10:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1753 (0x6d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1BC6D9A9F4A226A61F5FA1A9163941D4B35BA35B Validity Not Before: Jun 10 01:40:22 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0A428C00269E8EE1C0F36A8EDD14DC35B1AC2FA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:16:c3:0e:76:7d:06:81:71:4b:c0:f1:d3:32: 90:bd:81:19:3d:81:8f:42:96:bc:33:2d:19:40:eb: 56:37:c0:16:8d:e3:d0:61:81:04:e3:19:1e:71:55: f9:6e:64:dc:58:17:d9:ee:44:a7:73:38:4e:02:78: 95:3e:17:41:aa:97:39:74:ae:73:4f:f1:89:05:26: 59:22:75:5d:76:da:cb:7a:30:00:29:d4:76:e3:4a: fe:90:02:02:d5:1b:4e:4d:a6:94:14:ca:76:ff:ff: a1:fa:97:49:44:0c:05:c0:50:a2:94:a6:6f:6e:ca: b6:e8:d8:3a:53:54:b6:c5:0f:59:cc:cf:06:ac:d4: 85:80:19:ac:3d:00:86:cd:58:69:01:f3:30:5d:1c: b8:85:b2:4c:45:65:f0:80:ec:d6:2f:00:28:d8:5b: 54:4f:92:0e:d4:9e:13:ff:d2:9f:eb:b1:96:a0:4b: 46:dc:b9:52:87:61:75:14:56:03:55:4a:e4:25:a0: 2e:bb:a6:bf:d2:93:74:96:b9:8e:ea:39:74:d4:15: 1f:e5:a9:b3:64:46:b8:9f:59:25:ea:92:48:f1:6b: e9:80:66:f3:17:2a:f3:7f:c3:fb:9e:85:70:16:68: 4e:87:63:1f:3f:de:7c:c6:7d:5c:28:b5:c2:88:b0: 54:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:42:8C:00:26:9E:8E:E1:C0:F3:6A:8E:DD:14:DC:35:B1:AC:2F:A5 X509v3 Authority Key Identifier: keyid:1B:C6:D9:A9:F4:A2:26:A6:1F:5F:A1:A9:16:39:41:D4:B3:5B:A3:5B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/G8bZqfSiJqYfX6GpFjlB1LNbo1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/G8bZqfSiJqYfX6GpFjlB1LNbo1s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3134/CkKMACaejuHA82qO3RTcNbGsL6U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.2.156.0/22 Signature Algorithm: sha256WithRSAEncryption 61:30:f1:4e:fb:31:ce:30:3f:fa:ff:e8:2b:71:bb:bc:79:ab: f6:86:5b:b9:68:d2:dd:9d:c4:cd:41:01:69:0a:45:70:89:ce: 21:21:64:f9:3b:c4:cd:38:fd:8a:5d:c7:77:e8:0a:fd:91:67: f8:91:8a:7d:b0:0a:70:39:6d:63:28:01:cb:bd:e3:93:a2:d2: 7a:82:e2:15:86:c2:2c:67:9a:75:76:93:38:aa:a2:85:bf:ec: fe:eb:fc:27:d7:f4:ba:53:2e:c0:cf:cc:50:e3:d0:13:7d:cf: c7:ee:b8:67:20:66:fd:1e:04:e4:24:89:b1:a4:b5:28:b5:66: 43:d2:2b:d0:87:1c:28:10:2d:18:dc:66:6e:78:59:ca:ff:55: b8:57:05:89:40:4a:d7:fe:75:b6:a2:94:33:b2:2d:8c:18:1b: 24:ab:79:a1:dd:d6:1e:e1:3a:57:8b:7b:3e:e2:99:b0:7c:8c: dc:8f:47:33:f1:80:ce:40:a9:7b:35:b4:b1:fb:dd:ff:92:e0: 8b:c1:4f:8b:b7:48:a6:15:8c:35:9e:52:57:d0:a7:cf:08:c4: e6:01:bd:37:39:63:e5:a5:d2:eb:85:40:5a:86:f7:16:75:47: 7c:82:d8:b7:f0:74:0e:88:f8:b2:b3:70:00:5d:b8:6b:f3:68: 1a:67:ac:ac -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBtkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUJD NkQ5QTlGNEEyMjZBNjFGNUZBMUE5MTYzOTQxRDRCMzVCQTM1QjAeFw0yNTA2MTAw MTQwMjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBBNDI4QzAwMjY5RThF RTFDMEYzNkE4RUREMTREQzM1QjFBQzJGQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrFsMOdn0GgXFLwPHTMpC9gRk9gY9ClrwzLRlA61Y3wBaN49Bh gQTjGR5xVfluZNxYF9nuRKdzOE4CeJU+F0Gqlzl0rnNP8YkFJlkidV122st6MAAp 1HbjSv6QAgLVG05NppQUynb//6H6l0lEDAXAUKKUpm9uyrbo2DpTVLbFD1nMzwas 1IWAGaw9AIbNWGkB8zBdHLiFskxFZfCA7NYvACjYW1RPkg7UnhP/0p/rsZagS0bc uVKHYXUUVgNVSuQloC67pr/Sk3SWuY7qOXTUFR/lqbNkRrifWSXqkkjxa+mAZvMX KvN/w/uehXAWaE6HYx8/3nzGfVwotcKIsFQRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCkKMACaejuHA82qO3RTcNbGsL6UwHwYDVR0jBBgwFoAUG8bZqfSiJqYfX6Gp FjlB1LNbo1swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz NC9HOGJacWZTaUpxWWZYNkdwRmpsQjFMTmJvMXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0c4YlpxZlNpSnFZZlg2R3BGamxCMUxOYm8xcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzQvQ2tLTUFDYWVqdUhB ODJxTzNSVGNOYkdzTDZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcCnDANBgkqhkiG9w0BAQsFAAOCAQEAYTDxTvsxzjA/+v/oK3G7vHmr9oZb uWjS3Z3EzUEBaQpFcInOISFk+TvEzTj9il3Hd+gK/ZFn+JGKfbAKcDltYygBy73j k6LSeoLiFYbCLGeadXaTOKqihb/s/uv8J9f0ulMuwM/MUOPQE33Px+64ZyBm/R4E 5CSJsaS1KLVmQ9Ir0IccKBAtGNxmbnhZyv9VuFcFiUBK1/51tqKUM7ItjBgbJKt5 od3WHuE6V4t7PuKZsHyM3I9HM/GAzkCpezW0sfvd/5Lgi8FPi7dIphWMNZ5SV9Cn zwjE5gG9Nzlj5aXS64VAWob3FnVHfILYt/B0Doj4srNwAF24a/NoGmesrA== -----END CERTIFICATE-----Generated at Fri Jun 20 11:40:37 2025 by rpki-client