$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/MQbux7oMbK-UaeIfnrUxprWNoOU.roa File: MQbux7oMbK-UaeIfnrUxprWNoOU.roa (raw, json) Hash identifier: HX6SA8emn0BIoJghTqFZGKC8SoFP75Rn7/vybN6xs34= Subject key identifier: 31:06:EE:C7:BA:0C:6C:AF:94:69:E2:1F:9E:B5:31:A6:B5:8D:A0:E5 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0836 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/MQbux7oMbK-UaeIfnrUxprWNoOU.roa Signing time: Fri 23 May 2025 07:41:07 +0000 ROA not before: Fri 23 May 2025 07:41:07 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 56047 IP address blocks: 223.161.246.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 14:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2102 (0x836) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:41:07 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=3106EEC7BA0C6CAF9469E21F9EB531A6B58DA0E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ef:bc:4d:64:b2:c0:83:63:3a:52:53:b5:57: 8d:8f:55:96:8c:21:08:0c:17:38:5d:fe:f7:61:9b: d3:5a:8e:aa:0f:da:7f:57:4d:de:96:c3:67:a0:c4: 75:72:a9:f9:e9:66:d9:0e:30:52:2e:14:5f:0b:77: e2:0c:0c:53:25:f4:ef:b5:d7:31:34:ee:69:d4:99: 96:9f:17:80:59:1b:6c:90:54:a0:2e:13:46:6d:bd: b3:fe:a7:1c:79:21:94:6a:96:20:7c:de:93:eb:ca: 32:71:0a:b3:f9:e4:99:b3:04:c5:be:0c:06:9b:c4: a5:79:90:ff:5d:f6:11:f6:3d:6c:e1:c3:3c:aa:32: 42:8d:0e:d5:d0:0b:e1:6c:cc:74:93:2c:1d:2f:08: 8a:a8:e4:b4:08:db:de:11:80:56:92:7d:77:39:74: f2:3a:b7:b5:b1:17:10:2a:76:bb:90:3a:a6:54:68: d1:1d:94:9a:13:30:86:dd:c8:dd:eb:30:a5:90:4a: bc:5f:f0:1a:0b:e1:d0:00:08:40:f2:3a:a9:db:7a: b7:c8:ff:d0:4b:cf:b1:ad:20:89:f5:4a:a6:38:4e: f1:9c:bf:b5:2e:a3:09:7e:16:58:e1:42:05:66:e2: 44:2f:1a:7d:3b:74:47:72:f3:92:e0:5a:1c:9e:93: a8:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:06:EE:C7:BA:0C:6C:AF:94:69:E2:1F:9E:B5:31:A6:B5:8D:A0:E5 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/MQbux7oMbK-UaeIfnrUxprWNoOU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.161.246.0/23 Signature Algorithm: sha256WithRSAEncryption 5b:12:d9:c9:99:2a:01:27:cf:ea:9a:a7:f8:86:19:81:5f:63: 5f:9a:a6:59:31:2a:f5:63:8a:d8:97:6f:7c:09:ee:29:fa:81: d8:4e:9e:82:62:4f:07:45:b5:52:f2:aa:a9:8e:33:23:29:c8: 33:a0:27:3f:eb:8c:1a:5f:5e:bf:7a:98:42:76:a6:0b:8a:33: f8:5f:ec:95:d7:ce:35:e6:fe:0a:1c:bb:2f:8a:3f:38:55:e1: d1:07:8f:d1:24:b4:9c:cf:69:21:5c:18:ad:df:21:97:dc:86: 15:85:49:b0:0f:86:be:a1:17:6b:e9:10:28:ba:de:78:63:bf: 9f:a0:b6:23:f2:d7:7d:4d:8f:7f:a8:70:d2:27:13:e2:5c:ad: 72:d1:e0:7a:bb:3c:67:44:08:1b:b0:ae:93:6c:0a:2e:bb:29: 72:d3:d7:56:3f:ab:11:f8:20:55:c2:8d:a4:eb:41:57:8e:be: 47:a5:8e:37:89:8e:ce:2c:7a:b9:b7:72:31:d1:c9:92:26:57: a5:29:e1:f0:5f:d9:fe:3d:8e:d6:b4:04:22:b5:db:2b:03:e7: 1d:3a:56:78:04:4f:c4:ce:e4:6a:ab:b9:94:d2:85:bb:5e:47: 39:ac:4b:9b:5d:ae:8e:fc:36:02:72:dd:80:6a:98:56:3a:da: ce:86:21:e3 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzQxMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDMxMDZFRUM3QkEwQzZD QUY5NDY5RTIxRjlFQjUzMUE2QjU4REEwRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDW77xNZLLAg2M6UlO1V42PVZaMIQgMFzhd/vdhm9NajqoP2n9X Td6Ww2egxHVyqfnpZtkOMFIuFF8Ld+IMDFMl9O+11zE07mnUmZafF4BZG2yQVKAu E0ZtvbP+pxx5IZRqliB83pPryjJxCrP55JmzBMW+DAabxKV5kP9d9hH2PWzhwzyq MkKNDtXQC+FszHSTLB0vCIqo5LQI294RgFaSfXc5dPI6t7WxFxAqdruQOqZUaNEd lJoTMIbdyN3rMKWQSrxf8BoL4dAACEDyOqnberfI/9BLz7GtIIn1SqY4TvGcv7Uu owl+FljhQgVm4kQvGn07dEdy85LgWhyek6jdAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUMQbux7oMbK+UaeIfnrUxprWNoOUwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9NUWJ1eDdvTWJLLVVhZUlm bnJVeHByV05vT1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36H2MA0GCSqGSIb3DQEBCwUAA4IBAQBbEtnJmSoBJ8/qmqf4hhmBX2NfmqZZMSr1 Y4rYl298Ce4p+oHYTp6CYk8HRbVS8qqpjjMjKcgzoCc/64waX16/ephCdqYLijP4 X+yV18415v4KHLsvij84VeHRB4/RJLScz2khXBit3yGX3IYVhUmwD4a+oRdr6RAo ut54Y7+foLYj8td9TY9/qHDSJxPiXK1y0eB6uzxnRAgbsK6TbAouuyly09dWP6sR +CBVwo2k60FXjr5HpY43iY7OLHq5t3Ix0cmSJlelKeHwX9n+PY7WtAQitdsrA+cd OlZ4BE/EzuRqq7mU0oW7Xkc5rEubXa6O/DYCct2AaphWOtrOhiHj -----END CERTIFICATE-----Generated at Sat Jun 21 13:43:27 2025 by rpki-client