$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/4Juy5ozvGMAEdMuewe0ZYAaF3-Q.roa File: 4Juy5ozvGMAEdMuewe0ZYAaF3-Q.roa (raw, json) Hash identifier: 6O+UHQ1w/r9hPNtKHCNIWWQQwAn1B2EigSJynFXs6YQ= Subject key identifier: E0:9B:B2:E6:8C:EF:18:C0:04:74:CB:9E:C1:ED:19:60:06:85:DF:E4 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1436 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/4Juy5ozvGMAEdMuewe0ZYAaF3-Q.roa Signing time: Mon 26 May 2025 23:39:29 +0000 ROA not before: Mon 26 May 2025 23:39:29 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146806 IP address blocks: 45.250.152.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 02:44:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5174 (0x1436) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: May 26 23:39:29 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E09BB2E68CEF18C00474CB9EC1ED19600685DFE4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6e:c7:00:49:da:ad:a6:8f:04:25:42:5d:e9: 36:d4:a0:f7:aa:fc:57:c6:a8:62:27:40:be:2d:0c: 5b:c6:8e:4f:ad:0e:5d:93:34:51:57:b1:2a:28:cf: 14:48:af:ea:1a:cc:94:c0:42:16:bd:a5:67:e1:ac: d0:c7:a7:a5:94:bb:c6:47:2e:92:3f:bc:ad:45:2b: e7:bc:ac:f8:dc:77:ea:2e:23:3d:0e:c0:b5:06:9f: 87:4c:4d:35:1d:3b:f6:51:87:d7:ad:f2:04:6f:5e: 89:8d:06:1c:b6:cd:68:ca:df:be:1c:2b:d1:0e:a0: 76:72:c7:33:2d:f7:c1:76:13:b1:56:ad:4f:65:90: e6:1a:f0:67:35:25:41:e8:15:68:d2:da:5d:10:35: e1:6b:a9:f4:dd:9c:c1:25:7f:0b:af:bc:4a:ca:39: b2:0e:95:6c:ec:23:c9:5c:1e:f8:c2:ea:e5:ba:af: e7:87:f9:6b:05:ab:65:c3:34:27:b8:c2:16:6e:2a: c1:b8:37:32:cc:dc:98:4b:6d:13:d1:40:cb:b7:d6: 2b:02:3a:58:ba:bf:65:2e:c2:92:28:15:12:1c:a7: 1b:90:4e:b7:bc:14:ba:eb:4a:26:76:9a:6f:a6:27: 3a:9d:6f:7c:11:77:58:e5:83:64:69:4e:a2:22:0d: a4:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:9B:B2:E6:8C:EF:18:C0:04:74:CB:9E:C1:ED:19:60:06:85:DF:E4 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/4Juy5ozvGMAEdMuewe0ZYAaF3-Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.152.0/23 Signature Algorithm: sha256WithRSAEncryption 6c:24:53:7b:d5:d4:09:80:99:7c:61:41:c2:38:bb:73:67:c7: 35:8a:b3:20:6a:4b:6a:33:5c:62:90:3a:1d:28:f1:8d:bb:04: aa:3b:17:33:91:da:51:5e:9d:42:e9:f6:bd:6e:12:6d:16:0c: dd:f3:98:c7:0f:1e:80:fa:7b:54:c8:1c:d8:e4:a2:a1:52:99: 75:48:0e:ac:68:88:9d:16:62:ec:d1:71:53:31:1a:55:73:87: 53:aa:61:52:f7:d4:e7:16:19:4e:df:41:10:79:ed:35:dd:a3: 53:2d:42:90:33:58:af:82:31:b6:e5:b9:c1:c4:f4:91:20:c4: 80:1a:63:8a:89:f3:a6:44:84:26:42:63:0e:2b:55:c2:41:4e: b4:6e:12:14:1a:e3:f1:80:04:01:1b:bd:49:2c:6e:41:bc:aa: ff:cc:2e:51:3d:ff:11:d5:22:10:fa:64:7d:0b:b6:6b:7f:d8: a7:fd:bc:b6:fa:8d:1b:13:45:f2:03:5c:3b:d6:6b:89:85:c3: 7a:7b:c6:a0:a5:87:20:e3:6c:ef:d8:cb:8c:8f:02:63:9c:2e: e1:7c:95:66:9b:e5:81:08:6b:7b:a4:aa:77:55:f5:e8:6d:9a: 9c:7f:f1:03:94:38:99:ad:07:1d:9f:91:8b:16:3c:c4:7f:c0: ca:ec:61:5e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA1MjYy MzM5MjlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUwOUJCMkU2OENFRjE4 QzAwNDc0Q0I5RUMxRUQxOTYwMDY4NURGRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+bscASdqtpo8EJUJd6TbUoPeq/FfGqGInQL4tDFvGjk+tDl2T NFFXsSoozxRIr+oazJTAQha9pWfhrNDHp6WUu8ZHLpI/vK1FK+e8rPjcd+ouIz0O wLUGn4dMTTUdO/ZRh9et8gRvXomNBhy2zWjK374cK9EOoHZyxzMt98F2E7FWrU9l kOYa8Gc1JUHoFWjS2l0QNeFrqfTdnMElfwuvvErKObIOlWzsI8lcHvjC6uW6r+eH +WsFq2XDNCe4whZuKsG4NzLM3JhLbRPRQMu31isCOli6v2UuwpIoFRIcpxuQTre8 FLrrSiZ2mm+mJzqdb3wRd1jlg2RpTqIiDaS9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU4Juy5ozvGMAEdMuewe0ZYAaF3+QwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvNEp1eTVvenZHTUFF ZE11ZXdlMFpZQWFGMy1RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAS36mDANBgkqhkiG9w0BAQsFAAOCAQEAbCRTe9XUCYCZfGFBwji7c2fHNYqz IGpLajNcYpA6HSjxjbsEqjsXM5HaUV6dQun2vW4SbRYM3fOYxw8egPp7VMgc2OSi oVKZdUgOrGiInRZi7NFxUzEaVXOHU6phUvfU5xYZTt9BEHntNd2jUy1CkDNYr4Ix tuW5wcT0kSDEgBpjionzpkSEJkJjDitVwkFOtG4SFBrj8YAEARu9SSxuQbyq/8wu UT3/EdUiEPpkfQu2a3/Yp/28tvqNGxNF8gNcO9ZriYXDenvGoKWHIONs79jLjI8C Y5wu4XyVZpvlgQhre6Sqd1X16G2anH/xA5Q4ma0HHZ+RixY8xH/AyuxhXg== -----END CERTIFICATE-----Generated at Sat Jun 21 00:46:52 2025 by rpki-client