$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/XpgCFDOq2Q9LyDlqBE5KH2xQpHw.roa File: XpgCFDOq2Q9LyDlqBE5KH2xQpHw.roa (raw, json) Hash identifier: HgLWNCoewgztXDMInYU1fjL5uUjEdzctKTT+Bg59jgo= Subject key identifier: 5E:98:02:14:33:AA:D9:0F:4B:C8:39:6A:04:4E:4A:1F:6C:50:A4:7C Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1447 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/XpgCFDOq2Q9LyDlqBE5KH2xQpHw.roa Signing time: Tue 27 May 2025 00:18:51 +0000 ROA not before: Tue 27 May 2025 00:18:51 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 211392 IP address blocks: 45.250.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 03:14:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5191 (0x1447) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: May 27 00:18:51 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5E98021433AAD90F4BC8396A044E4A1F6C50A47C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:cd:2f:35:42:e1:f5:c2:85:6a:04:21:d4:31: 60:64:ad:75:97:10:b8:c1:25:8e:8c:ea:d0:a1:4c: 7f:a7:d2:fc:6d:e2:ea:12:77:cd:a7:b0:5a:c2:b3: 11:4d:55:d4:df:40:52:c5:52:54:29:75:8c:06:6e: 32:d1:89:07:00:64:9b:f7:7a:90:ba:86:3a:de:ea: 7f:4f:59:03:d3:ba:50:ff:f2:df:cf:aa:7c:b0:4e: da:cd:41:7a:b2:a1:b8:5c:f1:15:6e:d4:9f:60:37: 7d:04:0e:94:78:3b:03:30:17:7a:5d:df:e4:0f:7e: 05:27:cf:1f:c3:6d:17:a9:70:f9:22:dd:09:7a:d6: 6a:86:1a:dc:8d:64:fe:f4:6b:4e:97:56:64:86:3a: 56:a7:62:ad:58:da:38:64:3b:6c:ff:5e:36:42:9b: e8:07:ae:a7:2c:8c:3d:1e:7b:ab:77:25:2f:14:ec: 8f:e3:0c:c4:43:23:e8:8b:a3:21:38:94:7b:a7:af: cc:b1:56:dd:a0:1c:be:24:cd:8c:8a:2e:d5:90:90: 20:92:d5:e6:e0:62:aa:73:fb:46:0a:1c:69:52:48: 3c:26:15:78:5b:d3:3c:b8:ec:e4:5f:df:95:40:c7: 3d:ac:2d:20:8e:66:b5:2c:d1:6d:09:0a:cd:bd:dd: 54:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:98:02:14:33:AA:D9:0F:4B:C8:39:6A:04:4E:4A:1F:6C:50:A4:7C X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/XpgCFDOq2Q9LyDlqBE5KH2xQpHw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.153.0/24 Signature Algorithm: sha256WithRSAEncryption 19:35:51:de:82:22:f3:b7:25:17:53:ba:6a:6a:8e:44:e4:6d: ed:43:fa:31:4c:8a:76:a6:0a:ce:7f:70:6f:3f:ec:40:fe:a6: f3:77:c5:58:b8:7d:14:d7:ef:8a:74:61:6f:de:a8:cb:35:0a: 15:dc:1d:73:a1:8b:45:3b:e0:38:ba:03:57:6b:7f:e9:66:37: 97:74:b2:b2:1b:8d:63:b1:98:76:12:c7:67:7c:9b:d3:f9:06: 7a:b5:b0:62:9b:37:67:6a:cc:bf:16:80:d5:93:1c:8c:15:5d: 03:aa:1a:d7:32:d9:0c:be:2f:2d:2e:4b:b1:ef:04:a8:d2:59: 8c:b4:81:5a:22:37:d3:de:47:70:6d:d9:1a:be:5f:45:05:1f: 12:0f:68:80:96:79:99:b9:71:52:7b:1f:32:ad:db:dc:f8:20: cf:dd:8f:d0:6e:c3:79:70:56:40:93:8b:4f:e8:4e:72:67:25: 5c:89:b6:4a:49:28:30:00:8b:fd:1a:07:5d:85:4f:9e:c3:0d: a2:5a:b1:1c:ff:c2:0b:06:0e:47:a5:30:f0:87:e9:68:5d:b1: 75:67:1b:9a:d4:4d:ec:73:18:27:47:1f:11:98:99:c8:ae:3c: 85:9a:e1:d8:9f:d4:97:3c:b6:a0:af:19:ea:e8:b0:f3:bd:1d: a3:7d:8c:c3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFEcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA1Mjcw MDE4NTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVFOTgwMjE0MzNBQUQ5 MEY0QkM4Mzk2QTA0NEU0QTFGNkM1MEE0N0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRzS81QuH1woVqBCHUMWBkrXWXELjBJY6M6tChTH+n0vxt4uoS d82nsFrCsxFNVdTfQFLFUlQpdYwGbjLRiQcAZJv3epC6hjre6n9PWQPTulD/8t/P qnywTtrNQXqyobhc8RVu1J9gN30EDpR4OwMwF3pd3+QPfgUnzx/DbRepcPki3Ql6 1mqGGtyNZP70a06XVmSGOlanYq1Y2jhkO2z/XjZCm+gHrqcsjD0ee6t3JS8U7I/j DMRDI+iLoyE4lHunr8yxVt2gHL4kzYyKLtWQkCCS1ebgYqpz+0YKHGlSSDwmFXhb 0zy47ORf35VAxz2sLSCOZrUs0W0JCs293VS1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXpgCFDOq2Q9LyDlqBE5KH2xQpHwwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvWHBnQ0ZET3EyUTlM eURscUJFNUtIMnhRcEh3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC36mTANBgkqhkiG9w0BAQsFAAOCAQEAGTVR3oIi87clF1O6amqORORt7UP6 MUyKdqYKzn9wbz/sQP6m83fFWLh9FNfvinRhb96oyzUKFdwdc6GLRTvgOLoDV2t/ 6WY3l3SyshuNY7GYdhLHZ3yb0/kGerWwYps3Z2rMvxaA1ZMcjBVdA6oa1zLZDL4v LS5Lse8EqNJZjLSBWiI3095HcG3ZGr5fRQUfEg9ogJZ5mblxUnsfMq3b3Pggz92P 0G7DeXBWQJOLT+hOcmclXIm2SkkoMACL/RoHXYVPnsMNolqxHP/CCwYOR6Uw8Ifp aF2xdWcbmtRN7HMYJ0cfEZiZyK48hZrh2J/Ulzy2oK8Z6uiw870do32Mww== -----END CERTIFICATE-----Generated at Sun Jun 22 23:51:01 2025 by rpki-client