$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/T1br1WhG_-JXGimSDsViJIi4uEw.roa File: T1br1WhG_-JXGimSDsViJIi4uEw.roa (raw, json) Hash identifier: Hqv53/rGucj2Smp35bjukTOz4lcje2f1qHpoqkBCgRQ= Subject key identifier: 4F:56:EB:D5:68:46:FF:E2:57:1A:29:92:0E:C5:62:24:88:B8:B8:4C Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0823 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/T1br1WhG_-JXGimSDsViJIi4uEw.roa Signing time: Fri 23 May 2025 07:36:33 +0000 ROA not before: Fri 23 May 2025 07:36:33 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 56046 IP address blocks: 223.161.198.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 04:43:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2083 (0x823) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:36:33 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=4F56EBD56846FFE2571A29920EC5622488B8B84C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e2:55:71:e4:46:b7:0f:1e:04:cb:2c:02:e8: cd:89:b0:cf:6b:d2:dd:e9:61:dc:c4:35:89:5a:ca: f5:36:9a:6c:67:a6:09:4c:2e:90:fa:92:f9:f9:b0: e7:b4:1f:b7:92:68:e4:53:4c:73:52:e7:ac:05:73: 2e:95:9e:3e:2d:9d:ac:2a:9b:75:83:a4:1a:73:ea: 88:3d:e7:85:0b:0b:3a:78:7f:03:4b:de:a3:52:17: 1b:6f:94:d3:4e:b1:f8:d3:4d:86:3d:2d:be:e6:0e: af:8a:a6:2a:72:57:83:b8:21:99:a5:52:8f:a6:bd: 2a:b3:03:51:26:f5:a1:87:5c:10:76:8f:df:95:94: 4a:b5:97:d1:1b:71:b3:94:4e:f6:c5:8b:b2:0f:8b: 96:b7:06:bc:2a:a0:55:d3:53:c8:b0:59:84:72:6a: 46:d8:d0:20:20:47:6f:06:b9:5d:43:5a:cd:06:e1: e1:fb:de:4b:3e:94:95:3f:55:8b:1e:e3:fb:f9:98: 55:a7:b1:73:84:3b:16:2f:8b:8b:8a:07:10:66:ff: 92:34:71:7f:2a:69:0a:53:3b:ce:d4:54:28:c0:17: b1:be:df:74:c6:27:6d:23:91:76:6c:ad:87:5f:35: 72:e6:a4:32:21:bb:02:3f:a8:cc:08:81:c3:b3:c3: 79:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:56:EB:D5:68:46:FF:E2:57:1A:29:92:0E:C5:62:24:88:B8:B8:4C X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/T1br1WhG_-JXGimSDsViJIi4uEw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.161.198.0/23 Signature Algorithm: sha256WithRSAEncryption 0c:32:db:18:67:b5:21:83:18:c8:6d:ab:c9:5b:e0:da:96:28: d9:86:65:9f:02:14:51:18:1d:4f:c6:80:39:98:d9:d6:6c:bd: b7:da:14:89:ac:c7:fa:56:8a:4e:45:2c:be:22:83:7b:b7:38: 1b:bc:42:65:27:9e:c3:9f:a6:3b:ec:b5:0a:5b:ea:52:b6:77: 2a:f6:b7:32:e1:45:89:40:a9:93:23:ee:9a:c2:c9:ad:29:fd: bc:ed:7d:10:d5:49:0c:20:f7:cc:a3:7c:cd:3f:b4:d1:26:db: b9:1f:c0:80:57:ed:32:61:10:ce:3d:00:b7:d4:38:27:a4:16: 81:b0:48:9c:e7:d1:c2:ec:9c:ac:ce:f6:80:ef:78:57:35:ca: ea:55:b2:26:d6:5e:5a:b7:d8:dc:fa:b2:b6:a2:54:41:fe:d9: ba:8a:9f:6e:8f:56:4e:df:42:bd:ab:eb:9f:9c:1d:b8:f8:5b: 01:81:e4:51:ba:e7:f9:10:bd:83:88:db:06:00:46:01:7c:62: 34:49:92:54:c4:7a:d8:5f:c0:5b:0a:90:b6:64:cb:9f:b3:32: a7:57:f1:d4:cf:62:05:18:60:2e:a5:ca:41:66:c7:75:e4:7c: ec:eb:cd:9f:dc:af:20:c5:39:4f:14:65:6c:5d:10:91:39:b3: b3:3f:eb:3d -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCCMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzM2MzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRGNTZFQkQ1Njg0NkZG RTI1NzFBMjk5MjBFQzU2MjI0ODhCOEI4NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCm4lVx5Ea3Dx4EyywC6M2JsM9r0t3pYdzENYlayvU2mmxnpglM LpD6kvn5sOe0H7eSaORTTHNS56wFcy6Vnj4tnawqm3WDpBpz6og954ULCzp4fwNL 3qNSFxtvlNNOsfjTTYY9Lb7mDq+KpipyV4O4IZmlUo+mvSqzA1Em9aGHXBB2j9+V lEq1l9EbcbOUTvbFi7IPi5a3BrwqoFXTU8iwWYRyakbY0CAgR28GuV1DWs0G4eH7 3ks+lJU/VYse4/v5mFWnsXOEOxYvi4uKBxBm/5I0cX8qaQpTO87UVCjAF7G+33TG J20jkXZsrYdfNXLmpDIhuwI/qMwIgcOzw3kHAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUT1br1WhG/+JXGimSDsViJIi4uEwwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9UMWJyMVdoR18tSlhHaW1T RHNWaUpJaTR1RXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36HGMA0GCSqGSIb3DQEBCwUAA4IBAQAMMtsYZ7UhgxjIbavJW+DalijZhmWfAhRR GB1PxoA5mNnWbL232hSJrMf6VopORSy+IoN7tzgbvEJlJ57Dn6Y77LUKW+pStncq 9rcy4UWJQKmTI+6awsmtKf287X0Q1UkMIPfMo3zNP7TRJtu5H8CAV+0yYRDOPQC3 1DgnpBaBsEic59HC7JyszvaA73hXNcrqVbIm1l5at9jc+rK2olRB/tm6ip9uj1ZO 30K9q+ufnB24+FsBgeRRuuf5EL2DiNsGAEYBfGI0SZJUxHrYX8BbCpC2ZMufszKn V/HUz2IFGGAupcpBZsd15Hzs682f3K8gxTlPFGVsXRCRObOzP+s9 -----END CERTIFICATE-----Generated at Sun Jun 22 03:53:56 2025 by rpki-client