$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/lkGzdhbu9JEa9xP4O6XHcXHgC1E.roa File: lkGzdhbu9JEa9xP4O6XHcXHgC1E.roa (raw, json) Hash identifier: P0PraBp9sbD5AbSkLlJAWFjevVFyU772KPL8rzsza2k= Subject key identifier: 96:41:B3:76:16:EE:F4:91:1A:F7:13:F8:3B:A5:C7:71:71:E0:0B:51 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 080F Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/lkGzdhbu9JEa9xP4O6XHcXHgC1E.roa Signing time: Fri 23 May 2025 07:17:22 +0000 ROA not before: Fri 23 May 2025 07:17:22 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 132525 IP address blocks: 223.160.144.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 09:41:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2063 (0x80f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:17:22 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9641B37616EEF4911AF713F83BA5C77171E00B51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:42:82:84:67:b9:a6:96:fe:b4:cf:df:a9:e4: dc:21:e8:5c:1f:91:67:2d:71:0b:38:d3:82:c9:87: 55:eb:e4:08:64:e5:5d:f3:6e:72:9d:1f:99:cb:40: ed:64:6f:f6:c1:d5:49:b2:76:15:b3:f3:2a:22:5e: d5:e6:c9:2c:7a:62:76:e5:76:e2:c7:5d:02:55:ef: 46:63:00:c4:52:54:14:10:2a:89:1d:0d:f4:89:3c: f9:66:ca:66:7c:dc:81:ac:c0:b4:58:88:6d:e0:3c: 5a:98:f3:5f:94:cf:84:95:d9:83:c6:39:96:64:ee: 04:5d:fe:9b:66:b2:66:bd:c3:b8:93:d4:08:e9:65: 62:e4:54:e3:98:77:a9:26:06:c4:7b:15:cc:13:d2: 92:fb:a4:ef:b8:f1:62:8a:f4:56:ff:5b:ed:17:74: db:32:0c:bd:e1:7d:71:99:34:41:24:82:1e:26:d1: 64:96:49:e1:ec:f6:c7:fd:ff:20:bd:b1:cb:46:1d: d7:2a:3e:bd:9d:69:ae:13:9a:34:72:89:83:34:4f: 72:24:90:ac:52:25:96:09:57:23:52:f6:6f:65:46: 6b:9a:d1:f2:93:4a:cb:80:3f:a9:e9:b3:d8:25:11: a6:8b:13:7e:04:7b:80:5c:5c:94:63:68:91:49:fd: 83:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:41:B3:76:16:EE:F4:91:1A:F7:13:F8:3B:A5:C7:71:71:E0:0B:51 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/lkGzdhbu9JEa9xP4O6XHcXHgC1E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.144.0/23 Signature Algorithm: sha256WithRSAEncryption 38:02:f5:f1:f9:a9:e8:96:23:a8:5c:7a:8a:a7:7a:53:25:3a: a2:bd:87:8d:9f:51:a2:54:b7:63:75:b9:09:6f:50:05:3e:80: c7:ad:99:63:47:b0:ae:aa:9c:63:2a:03:21:bc:82:b0:7e:8a: 39:a8:51:65:bf:e7:81:20:27:42:f5:45:a9:d0:82:d8:df:70: 31:0d:b1:cc:3b:cc:82:2c:bc:8e:e9:71:1c:08:8f:79:18:a6: 81:f3:9c:68:88:3f:a6:33:ac:99:83:c3:ab:d6:e3:90:47:5d: ce:03:80:1f:39:3e:a9:ef:be:43:95:65:0d:e1:c5:a9:10:b7: 5b:21:cd:ec:5b:34:7d:72:2c:52:7b:29:3c:28:8e:1d:5f:0b: fc:2a:29:bd:87:ce:bb:38:1a:c7:44:fd:be:92:58:9d:45:80: 6e:3c:2b:bb:76:22:ad:74:7d:82:e4:a7:ba:07:76:6f:09:31: d2:09:09:a3:ee:2a:0a:9c:b2:90:11:e3:aa:22:11:e3:01:a3: 96:9b:5a:7e:5e:5d:6e:c3:63:76:95:a7:0a:ec:fa:eb:43:7a: 1f:34:c5:d5:5f:96:67:51:bf:2d:07:d7:fe:15:11:a5:8e:55: af:b4:c6:68:12:ac:e9:fa:89:4b:6b:84:ab:89:b3:5d:d5:c7: 42:fe:5a:2e -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCA8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzE3MjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk2NDFCMzc2MTZFRUY0 OTExQUY3MTNGODNCQTVDNzcxNzFFMDBCNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvQoKEZ7mmlv60z9+p5Nwh6FwfkWctcQs404LJh1Xr5Ahk5V3z bnKdH5nLQO1kb/bB1UmydhWz8yoiXtXmySx6YnblduLHXQJV70ZjAMRSVBQQKokd DfSJPPlmymZ83IGswLRYiG3gPFqY81+Uz4SV2YPGOZZk7gRd/ptmsma9w7iT1Ajp ZWLkVOOYd6kmBsR7FcwT0pL7pO+48WKK9Fb/W+0XdNsyDL3hfXGZNEEkgh4m0WSW SeHs9sf9/yC9sctGHdcqPr2daa4TmjRyiYM0T3IkkKxSJZYJVyNS9m9lRmua0fKT SsuAP6nps9glEaaLE34Ee4BcXJRjaJFJ/YOjAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUlkGzdhbu9JEa9xP4O6XHcXHgC1EwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9sa0d6ZGhidTlKRWE5eFA0 TzZYSGNYSGdDMUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36CQMA0GCSqGSIb3DQEBCwUAA4IBAQA4AvXx+anoliOoXHqKp3pTJTqivYeNn1Gi VLdjdbkJb1AFPoDHrZljR7CuqpxjKgMhvIKwfoo5qFFlv+eBICdC9UWp0ILY33Ax DbHMO8yCLLyO6XEcCI95GKaB85xoiD+mM6yZg8Or1uOQR13OA4AfOT6p775DlWUN 4cWpELdbIc3sWzR9cixSeyk8KI4dXwv8Kim9h867OBrHRP2+klidRYBuPCu7diKt dH2C5Ke6B3ZvCTHSCQmj7ioKnLKQEeOqIhHjAaOWm1p+Xl1uw2N2lacK7PrrQ3of NMXVX5ZnUb8tB9f+FRGljlWvtMZoEqzp+olLa4SribNd1cdC/lou -----END CERTIFICATE-----Generated at Sun Jun 22 06:58:55 2025 by rpki-client