$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/Wsycqh4NAnRhtpu63wyV2SKCJ3Q.roa File: Wsycqh4NAnRhtpu63wyV2SKCJ3Q.roa (raw, json) Hash identifier: Ut4PyNpm00aEzJkDfaGVrpjfE77o44ZTeKBeYY0362w= Subject key identifier: 5A:CC:9C:AA:1E:0D:02:74:61:B6:9B:BA:DF:0C:95:D9:22:82:27:74 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0809 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/Wsycqh4NAnRhtpu63wyV2SKCJ3Q.roa Signing time: Fri 23 May 2025 07:17:20 +0000 ROA not before: Fri 23 May 2025 07:17:20 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 9808 IP address blocks: 223.160.204.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:13:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2057 (0x809) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:17:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5ACC9CAA1E0D027461B69BBADF0C95D922822774 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f3:f2:ef:32:84:e7:58:a8:f8:1d:c7:8d:7a: 4f:d3:7e:6f:0d:7d:90:0e:88:82:a1:57:b7:81:c5: 58:ab:c8:a3:90:07:a4:35:5e:ee:a1:0c:16:66:98: 02:4f:ac:27:a3:9d:7b:bb:56:38:60:99:57:64:bf: 5d:15:86:d5:41:0f:62:20:b9:a3:a6:44:10:10:75: 12:d2:3a:99:bf:9a:28:4b:cd:9e:b3:c2:b6:7b:7c: ba:f6:e7:a1:bd:44:7b:65:26:16:1c:0d:b2:57:ed: 88:5f:2e:6b:1e:76:8c:c9:8d:67:d8:de:a9:85:4e: 3c:93:ef:a1:9c:1d:08:ea:dd:e1:9e:65:3a:b0:c6: a6:04:33:9f:64:66:f8:35:6b:b8:32:d2:09:bc:db: 7d:92:8f:1b:70:a7:7e:68:c6:5f:49:55:ce:be:6e: f1:f5:bc:f6:99:f1:fb:ae:68:aa:fb:11:af:27:92: ee:2f:45:c4:7e:64:76:62:e5:c3:e6:38:1c:80:8e: 82:d2:15:0e:f6:08:76:b6:c2:c9:e3:7b:d7:44:8d: d9:17:d2:68:48:0e:f4:0a:8a:ca:f8:05:05:bd:f1: db:9e:51:4b:6d:c0:66:02:1a:5e:9f:2d:0b:31:e7: b9:12:5f:57:7e:27:77:08:f1:dc:74:fc:37:37:25: c1:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:CC:9C:AA:1E:0D:02:74:61:B6:9B:BA:DF:0C:95:D9:22:82:27:74 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/Wsycqh4NAnRhtpu63wyV2SKCJ3Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.204.0/23 Signature Algorithm: sha256WithRSAEncryption 0a:9b:4e:9f:7f:26:3c:15:cd:00:da:78:14:8b:f5:22:06:a1: 37:77:da:8d:b2:6e:ea:de:e3:bd:4d:af:18:3d:9f:63:d6:95: 9f:91:42:47:21:7e:7f:37:21:1f:d0:69:82:09:8e:57:cc:b7: 44:f2:b3:4a:a1:96:fd:e7:72:20:ba:8f:46:c7:99:94:c4:f7: a4:22:5b:19:86:dd:db:59:12:ec:73:b6:8c:01:af:5d:a6:da: 58:fe:68:51:11:53:0f:7b:c7:9e:2a:20:09:a3:09:dc:08:eb: 9c:dc:0d:15:bf:db:54:c9:ff:30:1d:90:07:e8:46:33:22:1b: b5:65:06:63:f8:d7:a7:ba:aa:69:86:8f:21:4a:21:02:35:c9: 15:aa:47:49:db:d1:a4:7f:5b:88:25:46:d7:1e:89:15:e3:34: 58:03:10:2c:df:09:e9:8a:e6:50:b2:e0:bd:33:2e:39:bd:ed: 65:26:58:52:72:63:94:24:68:62:3c:51:f9:3b:0e:c0:e2:27: ba:0b:fc:b5:27:ee:0d:23:c4:75:1a:24:11:90:c8:6b:19:e6: 25:68:20:1b:71:6c:cc:7d:07:da:5d:41:3f:93:8f:07:18:a0: 29:87:9a:8c:72:1b:66:ae:05:a1:59:bc:0a:2e:28:de:dd:ee: 43:dd:94:a4 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzE3MjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVBQ0M5Q0FBMUUwRDAy NzQ2MUI2OUJCQURGMEM5NUQ5MjI4MjI3NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCv8/LvMoTnWKj4HceNek/Tfm8NfZAOiIKhV7eBxViryKOQB6Q1 Xu6hDBZmmAJPrCejnXu7VjhgmVdkv10VhtVBD2IguaOmRBAQdRLSOpm/mihLzZ6z wrZ7fLr256G9RHtlJhYcDbJX7YhfLmsedozJjWfY3qmFTjyT76GcHQjq3eGeZTqw xqYEM59kZvg1a7gy0gm8232Sjxtwp35oxl9JVc6+bvH1vPaZ8fuuaKr7Ea8nku4v RcR+ZHZi5cPmOByAjoLSFQ72CHa2wsnje9dEjdkX0mhIDvQKisr4BQW98dueUUtt wGYCGl6fLQsx57kSX1d+J3cI8dx0/Dc3JcHjAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUWsycqh4NAnRhtpu63wyV2SKCJ3QwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9Xc3ljcWg0TkFuUmh0cHU2 M3d5VjJTS0NKM1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36DMMA0GCSqGSIb3DQEBCwUAA4IBAQAKm06ffyY8Fc0A2ngUi/UiBqE3d9qNsm7q 3uO9Ta8YPZ9j1pWfkUJHIX5/NyEf0GmCCY5XzLdE8rNKoZb953Iguo9Gx5mUxPek IlsZht3bWRLsc7aMAa9dptpY/mhREVMPe8eeKiAJowncCOuc3A0Vv9tUyf8wHZAH 6EYzIhu1ZQZj+Nenuqppho8hSiECNckVqkdJ29Gkf1uIJUbXHokV4zRYAxAs3wnp iuZQsuC9My45ve1lJlhScmOUJGhiPFH5Ow7A4ie6C/y1J+4NI8R1GiQRkMhrGeYl aCAbcWzMfQfaXUE/k48HGKAph5qMchtmrgWhWbwKLije3e5D3ZSk -----END CERTIFICATE-----Generated at Sat Jun 21 16:54:40 2025 by rpki-client