$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/nHUlXHhbaDoPCqQ94Fl1tYY_1lc.roa File: nHUlXHhbaDoPCqQ94Fl1tYY_1lc.roa (raw, json) Hash identifier: 7dzu8kpmAciuNDwErASf/ZhBVVfrZG1V5l8scuGb8VE= Subject key identifier: 9C:75:25:5C:78:5B:68:3A:0F:0A:A4:3D:E0:59:75:B5:86:3F:D6:57 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0815 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/nHUlXHhbaDoPCqQ94Fl1tYY_1lc.roa Signing time: Fri 23 May 2025 07:17:24 +0000 ROA not before: Fri 23 May 2025 07:17:24 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 56042 IP address blocks: 223.160.140.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:13:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2069 (0x815) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:17:24 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=9C75255C785B683A0F0AA43DE05975B5863FD657 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:86:0e:6e:6a:a2:6c:49:bc:6f:76:3d:4f:5a: b0:d7:96:4f:e7:64:b9:50:7c:17:18:59:66:28:47: 28:0d:f7:8d:07:cd:97:75:08:fe:68:4a:b9:8b:9c: 96:88:1c:11:ad:87:0e:ba:52:ad:75:5b:fc:ca:0b: fb:a5:50:01:d4:9c:57:0b:ca:8f:b7:9c:cf:70:a7: 66:89:10:b6:48:ca:e8:4d:a4:d1:1e:73:e0:77:65: 00:b4:65:a6:b7:4b:95:64:11:ef:74:f7:ff:bc:bc: 71:4a:0b:06:4c:e4:8b:32:cc:aa:44:88:9a:66:3a: 89:41:b8:90:92:96:90:dc:93:38:12:f0:9b:4f:54: d9:90:be:6f:1a:af:5a:2f:5c:bb:2f:3b:82:fd:49: 07:92:38:3d:c5:c0:66:d7:5a:0f:87:d8:b8:58:83: 78:16:02:9b:c8:7c:d5:b2:7b:26:99:f4:99:c2:fa: 4a:81:77:ea:04:80:d8:96:37:75:22:5d:da:1a:a5: 9d:fb:99:93:5d:fc:d5:5e:50:18:68:af:3d:76:9b: 78:08:d8:56:2b:ae:ca:14:7c:2a:d3:6a:25:b7:a2: 19:19:1a:e8:fa:f8:21:1d:4b:81:60:f8:3b:f8:01: f7:62:f2:14:ab:fa:30:09:e7:86:ac:f3:93:a5:78: 0a:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:75:25:5C:78:5B:68:3A:0F:0A:A4:3D:E0:59:75:B5:86:3F:D6:57 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/nHUlXHhbaDoPCqQ94Fl1tYY_1lc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.140.0/23 Signature Algorithm: sha256WithRSAEncryption 16:3d:b7:b0:eb:71:03:dc:1d:af:3d:8d:c6:02:f1:0d:fd:31: 34:f1:f7:05:30:a1:c0:fa:dd:1e:6b:c2:ef:9d:fc:91:a5:5f: 6f:71:b6:73:61:74:2b:52:d8:d1:f2:5f:25:05:ce:74:4e:b9: f7:aa:5e:b8:08:ab:6a:b4:ad:3e:9f:06:8b:0b:e9:8f:0c:34: 31:ca:18:dc:29:c9:31:c4:28:84:50:85:a3:60:c1:db:7f:9d: 0a:09:83:c8:93:8e:22:a5:f7:25:e9:28:28:1e:bb:96:9e:dd: c5:97:1a:68:8a:12:84:90:a9:01:9c:6d:a1:95:f5:bc:ec:b3: 74:83:8d:28:4e:1e:43:35:52:9e:78:ed:93:e1:d8:95:8e:92: 1d:2f:ff:da:5f:cd:4a:b1:db:9e:08:08:ea:5d:f8:3f:d6:de: 64:b6:59:5d:48:03:c6:df:48:56:9d:ab:8b:d2:85:69:15:00: 78:51:56:7c:25:91:51:ce:c5:6f:b4:19:a8:d6:45:d3:97:7e: 58:07:04:1a:97:90:22:56:54:bf:10:94:65:d7:86:c9:83:c2: 44:c4:9d:c0:04:4e:7f:4c:e0:c6:f5:51:83:f8:21:44:45:c1: 07:14:d6:88:85:94:75:f3:fd:f7:99:01:75:43:d8:b1:d4:3d: 90:f5:2f:e8 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCBUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzE3MjRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDlDNzUyNTVDNzg1QjY4 M0EwRjBBQTQzREUwNTk3NUI1ODYzRkQ2NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYhg5uaqJsSbxvdj1PWrDXlk/nZLlQfBcYWWYoRygN940HzZd1 CP5oSrmLnJaIHBGthw66Uq11W/zKC/ulUAHUnFcLyo+3nM9wp2aJELZIyuhNpNEe c+B3ZQC0Zaa3S5VkEe909/+8vHFKCwZM5IsyzKpEiJpmOolBuJCSlpDckzgS8JtP VNmQvm8ar1ovXLsvO4L9SQeSOD3FwGbXWg+H2LhYg3gWApvIfNWyeyaZ9JnC+kqB d+oEgNiWN3UiXdoapZ37mZNd/NVeUBhorz12m3gI2FYrrsoUfCrTaiW3ohkZGuj6 +CEdS4Fg+Dv4Afdi8hSr+jAJ54as85OleApbAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUnHUlXHhbaDoPCqQ94Fl1tYY/1lcwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9uSFVsWEhoYmFEb1BDcVE5 NEZsMXRZWV8xbGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36CMMA0GCSqGSIb3DQEBCwUAA4IBAQAWPbew63ED3B2vPY3GAvEN/TE08fcFMKHA +t0ea8LvnfyRpV9vcbZzYXQrUtjR8l8lBc50Trn3ql64CKtqtK0+nwaLC+mPDDQx yhjcKckxxCiEUIWjYMHbf50KCYPIk44ipfcl6SgoHruWnt3FlxpoihKEkKkBnG2h lfW87LN0g40oTh5DNVKeeO2T4diVjpIdL//aX81KsdueCAjqXfg/1t5ktlldSAPG 30hWnauL0oVpFQB4UVZ8JZFRzsVvtBmo1kXTl35YBwQal5AiVlS/EJRl14bJg8JE xJ3ABE5/TODG9VGD+CFERcEHFNaIhZR18/33mQF1Q9ix1D2Q9S/o -----END CERTIFICATE-----Generated at Sat Jun 21 16:54:26 2025 by rpki-client