$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/xYlracIpl6DcfSbBG1GGhLlPt0w.roa File: xYlracIpl6DcfSbBG1GGhLlPt0w.roa (raw, json) Hash identifier: MdI/OfM3kJfYrXweUWnQvMEo3fwM+e+rjzySq4xJXGw= Subject key identifier: C5:89:6B:69:C2:29:97:A0:DC:7D:26:C1:1B:51:86:84:B9:4F:B7:4C Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0804 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/xYlracIpl6DcfSbBG1GGhLlPt0w.roa Signing time: Fri 23 May 2025 07:07:22 +0000 ROA not before: Fri 23 May 2025 07:07:22 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 9808 IP address blocks: 223.160.12.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 19:13:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2052 (0x804) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:07:22 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=C5896B69C22997A0DC7D26C11B518684B94FB74C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:d3:d3:51:54:f9:c7:6b:c7:c5:bc:2a:ab:f4: e5:e4:56:06:5f:7d:b0:c0:99:20:de:18:1b:ae:6f: 7c:25:2e:db:f2:a7:e2:8d:0e:d3:e4:2e:f4:a9:55: 21:5e:bb:c7:e4:e4:e5:06:73:ce:13:6c:95:e8:63: 8f:79:5a:04:29:dd:f7:b6:c5:2c:29:c0:d0:3c:2c: 7b:4e:b1:07:14:e6:01:9f:01:d8:31:85:9e:b5:e0: 28:5e:ae:27:df:f3:df:b3:89:93:68:80:c4:2c:b0: 30:dc:b2:6a:d1:1a:a9:6a:77:3f:be:c0:b2:67:d5: 7c:aa:ff:66:ab:74:8f:e9:52:36:ff:4b:00:72:08: d2:e1:a5:ed:45:c5:28:13:cb:9b:30:ba:88:cd:55: ae:39:73:eb:82:bd:fe:70:76:1f:07:eb:85:1f:92: 11:55:dd:ce:1d:a2:0a:d8:dd:ce:51:7e:ba:77:5f: 88:b5:ca:57:7f:93:5e:8e:fc:0a:e9:ba:72:a6:16: 10:ca:ae:1a:bd:58:75:2f:d3:64:58:36:f0:de:c5: 30:68:6e:e8:00:bc:5a:6b:c6:47:20:6a:21:02:04: 84:14:07:f5:78:3b:72:5a:b3:42:34:c2:b2:bc:14: da:a6:e7:45:a8:e3:fc:63:22:06:a0:29:39:1d:23: 31:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:89:6B:69:C2:29:97:A0:DC:7D:26:C1:1B:51:86:84:B9:4F:B7:4C X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/xYlracIpl6DcfSbBG1GGhLlPt0w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.12.0/23 Signature Algorithm: sha256WithRSAEncryption 49:72:25:63:60:c8:be:57:6f:47:33:ac:90:83:7f:0d:71:2f: 8c:b0:c0:9a:1a:e3:48:ee:e0:f6:8b:3c:cf:ba:85:a2:e0:b5: ff:39:af:a7:ba:0c:ee:78:a9:3d:70:3a:09:54:50:51:de:a5: 00:6b:40:1f:50:16:74:81:5c:75:81:b0:b1:95:f0:52:30:90: ee:83:d6:8c:75:ae:50:67:5e:f6:06:c3:13:71:49:82:c5:f8: 1e:82:68:5c:98:96:f3:83:2a:3e:aa:e8:e1:0c:6b:c6:e1:f9: 86:d7:c4:58:ab:0e:53:96:50:6f:0e:29:cf:4c:67:0d:60:77: 0b:07:a5:aa:00:64:f1:73:21:27:30:93:b9:bc:0b:4a:c8:95: 2b:06:41:fa:73:88:43:88:b9:24:22:f9:e2:1e:3d:79:39:b5: a3:ee:10:72:82:33:1d:84:a9:d9:d6:55:ca:41:bf:3f:bf:0f: e6:7e:db:35:a3:ba:97:4c:73:83:d3:ab:e1:44:33:0c:10:6e: 4d:a0:d9:85:df:48:93:15:7b:e9:d6:cf:06:51:62:75:a6:44: ea:7e:f9:30:57:8a:e3:cb:4f:75:aa:f7:e0:c3:0f:2a:19:f7: d9:f3:59:56:a0:fe:03:ed:86:32:fa:2a:ab:e7:d5:c6:0a:af: 57:44:c2:27 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCAQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzA3MjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM1ODk2QjY5QzIyOTk3 QTBEQzdEMjZDMTFCNTE4Njg0Qjk0RkI3NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDg09NRVPnHa8fFvCqr9OXkVgZffbDAmSDeGBuub3wlLtvyp+KN DtPkLvSpVSFeu8fk5OUGc84TbJXoY495WgQp3fe2xSwpwNA8LHtOsQcU5gGfAdgx hZ614Cheriff89+ziZNogMQssDDcsmrRGqlqdz++wLJn1Xyq/2ardI/pUjb/SwBy CNLhpe1FxSgTy5swuojNVa45c+uCvf5wdh8H64UfkhFV3c4dogrY3c5Rfrp3X4i1 yld/k16O/ArpunKmFhDKrhq9WHUv02RYNvDexTBobugAvFprxkcgaiECBIQUB/V4 O3Jas0I0wrK8FNqm50Wo4/xjIgagKTkdIzHhAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUxYlracIpl6DcfSbBG1GGhLlPt0wwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy94WWxyYWNJcGw2RGNmU2JC RzFHR2hMbFB0MHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36AMMA0GCSqGSIb3DQEBCwUAA4IBAQBJciVjYMi+V29HM6yQg38NcS+MsMCaGuNI 7uD2izzPuoWi4LX/Oa+nugzueKk9cDoJVFBR3qUAa0AfUBZ0gVx1gbCxlfBSMJDu g9aMda5QZ172BsMTcUmCxfgegmhcmJbzgyo+qujhDGvG4fmG18RYqw5TllBvDinP TGcNYHcLB6WqAGTxcyEnMJO5vAtKyJUrBkH6c4hDiLkkIvniHj15ObWj7hBygjMd hKnZ1lXKQb8/vw/mfts1o7qXTHOD06vhRDMMEG5NoNmF30iTFXvp1s8GUWJ1pkTq fvkwV4rjy091qvfgww8qGffZ81lWoP4D7YYy+iqr59XGCq9XRMIn -----END CERTIFICATE-----Generated at Sat Jun 21 16:56:09 2025 by rpki-client