$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/9EbzP2-_FfVnkDWiBKpLyaS8En0.roa File: 9EbzP2-_FfVnkDWiBKpLyaS8En0.roa (raw, json) Hash identifier: BmRuEubaRAFg0bcCqo+xE2WV135FmEFL3fBRC8aSQZI= Subject key identifier: F4:46:F3:3F:6F:BF:15:F5:67:90:35:A2:04:AA:4B:C9:A4:BC:12:7D Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0802 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/9EbzP2-_FfVnkDWiBKpLyaS8En0.roa Signing time: Fri 23 May 2025 07:07:21 +0000 ROA not before: Fri 23 May 2025 07:07:21 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 56048 IP address blocks: 223.160.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 23:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2050 (0x802) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:07:21 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F446F33F6FBF15F5679035A204AA4BC9A4BC127D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:87:7a:f0:6b:3a:ca:a1:a2:8a:54:3c:7a:21: 03:be:09:43:5e:f4:b9:9c:b9:9b:1c:62:00:78:b0: a1:60:98:0a:1f:c1:8c:54:fa:0f:a9:b0:43:5e:87: fa:58:12:38:3b:42:49:f2:6f:97:bf:ea:a7:24:10: 19:fa:24:20:61:65:ba:21:40:ae:33:c6:03:92:6d: f7:e6:9c:78:ae:20:d9:08:57:3f:06:4b:d6:2b:18: 5f:21:57:ae:6a:19:98:e2:e4:42:33:3f:a5:a6:5e: 33:6b:23:5b:14:29:d8:f5:55:93:ce:cf:e4:d6:fb: a9:34:4a:93:9c:65:40:ea:15:b0:b7:86:85:a5:f6: 24:12:f9:19:e2:38:f3:07:57:24:5e:11:62:f6:25: 9d:e9:d5:8d:f3:9b:28:74:d7:5e:c4:bd:e1:2e:37: 9c:ae:41:66:aa:83:f4:c0:91:27:16:98:8d:74:28: 30:15:26:5e:9b:67:51:9c:cd:62:ea:d1:5f:6a:23: 5b:4d:8d:79:1d:bc:94:05:b6:dd:f2:34:1d:3d:ed: 81:55:c6:99:dc:2d:35:33:0f:1d:d1:7b:3a:9d:ea: 10:27:02:ef:91:ea:61:26:ce:84:3e:0c:6b:86:82: 0b:83:47:1f:50:88:b6:72:db:51:d9:c6:a1:45:51: 9d:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:46:F3:3F:6F:BF:15:F5:67:90:35:A2:04:AA:4B:C9:A4:BC:12:7D X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/9EbzP2-_FfVnkDWiBKpLyaS8En0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.16.0/22 Signature Algorithm: sha256WithRSAEncryption 86:59:9a:cb:25:db:3e:bf:c5:0e:e9:46:58:01:ab:76:a0:92: b6:ab:ce:61:68:4c:1a:ee:e0:d0:03:be:ef:48:3e:91:3f:1c: 65:1c:21:e2:1c:33:96:ff:fa:38:eb:03:1d:2d:e1:6a:58:06: 9e:71:4b:46:1b:c8:c9:55:33:ec:19:02:2e:71:16:29:74:85: 38:e3:9f:d6:15:d4:86:02:2d:7f:d4:11:d0:68:92:4d:32:a2: f4:c4:24:15:7e:1f:e3:37:fa:4d:57:34:91:46:c0:e4:9d:70: 59:b6:c3:31:52:17:40:18:3b:d9:7b:e7:93:2e:37:e6:77:6f: f6:00:7f:0f:fa:bf:48:3d:19:64:9a:f0:a5:88:e5:dc:c7:e3: 64:57:1b:5f:6f:6c:c6:29:5a:20:16:ab:bb:3c:c8:55:f8:7a: 5a:f6:82:0d:cf:47:03:ee:0d:49:1e:20:e0:86:17:c2:0e:4e: f4:6d:b8:e1:4e:57:c3:f6:f6:8c:1e:9f:ba:64:ad:40:1a:18: 29:01:40:19:21:f3:af:70:7a:72:e0:66:4b:ca:a6:ab:d6:61: e1:85:25:b4:fb:94:51:43:eb:56:32:e9:00:df:95:f2:e3:2b: ac:c2:f0:0c:95:c0:b7:37:0d:4d:59:3d:cb:d9:f6:77:95:f6: 35:02:9c:70 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzA3MjFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY0NDZGMzNGNkZCRjE1 RjU2NzkwMzVBMjA0QUE0QkM5QTRCQzEyN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9h3rwazrKoaKKVDx6IQO+CUNe9LmcuZscYgB4sKFgmAofwYxU +g+psENeh/pYEjg7Qknyb5e/6qckEBn6JCBhZbohQK4zxgOSbffmnHiuINkIVz8G S9YrGF8hV65qGZji5EIzP6WmXjNrI1sUKdj1VZPOz+TW+6k0SpOcZUDqFbC3hoWl 9iQS+RniOPMHVyReEWL2JZ3p1Y3zmyh0117EveEuN5yuQWaqg/TAkScWmI10KDAV Jl6bZ1GczWLq0V9qI1tNjXkdvJQFtt3yNB097YFVxpncLTUzDx3Rezqd6hAnAu+R 6mEmzoQ+DGuGgguDRx9QiLZy21HZxqFFUZ09AgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQU9EbzP2+/FfVnkDWiBKpLyaS8En0wHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy85RWJ6UDItX0ZmVm5rRFdp QktwTHlhUzhFbjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC 36AQMA0GCSqGSIb3DQEBCwUAA4IBAQCGWZrLJds+v8UO6UZYAat2oJK2q85haEwa 7uDQA77vSD6RPxxlHCHiHDOW//o46wMdLeFqWAaecUtGG8jJVTPsGQIucRYpdIU4 45/WFdSGAi1/1BHQaJJNMqL0xCQVfh/jN/pNVzSRRsDknXBZtsMxUhdAGDvZe+eT Ljfmd2/2AH8P+r9IPRlkmvCliOXcx+NkVxtfb2zGKVogFqu7PMhV+Hpa9oINz0cD 7g1JHiDghhfCDk70bbjhTlfD9vaMHp+6ZK1AGhgpAUAZIfOvcHpy4GZLyqar1mHh hSW0+5RRQ+tWMukA35Xy4yuswvAMlcC3Nw1NWT3L2fZ3lfY1Apxw -----END CERTIFICATE-----Generated at Wed Nov 5 21:44:46 2025 by rpki-client