$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/EC0cSkLvF1XrlKJ5N0KYO0_vabQ.roa File: EC0cSkLvF1XrlKJ5N0KYO0_vabQ.roa (raw, json) Hash identifier: Xawvh5t2K2TS486my8Cy2k18s+hwdhLtgjfxPlzT6ns= Subject key identifier: 10:2D:1C:4A:42:EF:17:55:EB:94:A2:79:37:42:98:3B:4F:EF:69:B4 Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1E89 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/EC0cSkLvF1XrlKJ5N0KYO0_vabQ.roa Signing time: Thu 05 Jun 2025 08:53:51 +0000 ROA not before: Thu 05 Jun 2025 08:53:51 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 103.200.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 18:41:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7817 (0x1e89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Jun 5 08:53:51 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=102D1C4A42EF1755EB94A2793742983B4FEF69B4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e4:c9:8c:93:0f:d6:0d:aa:ba:2a:ae:9b:16: b6:d2:27:91:58:f4:7f:b5:1c:ce:4a:7a:ba:99:e8: 11:26:57:b8:40:92:f7:a5:a9:7b:ef:1d:bb:3c:d5: 4b:80:dd:10:59:df:83:04:a9:30:32:52:ee:72:69: 43:4a:4a:f7:37:24:45:c6:99:c1:1c:90:c0:a8:45: 6a:2a:2d:d0:a0:1a:0e:c0:5a:b0:97:43:5d:ea:0c: b5:b2:b8:19:f6:12:77:8f:54:5b:e3:96:73:9c:07: d7:f4:58:79:74:2b:a8:23:3b:d4:82:a3:b6:8e:d1: 95:ee:32:0c:92:9f:b2:d0:e7:97:4e:c0:8f:78:37: 4f:09:cc:7e:98:e9:4e:5c:63:21:85:18:64:4a:3b: 02:d1:b3:5d:07:63:96:bd:73:7f:73:22:53:b3:86: 9f:40:fc:e8:60:20:f2:b0:e6:f7:18:6b:47:b6:e4: 69:15:c5:fc:60:37:2d:84:0e:21:55:a6:df:14:9b: 15:4d:77:ea:5b:c2:85:92:2b:55:62:5b:4b:2a:68: 40:83:a5:c9:fb:be:8e:42:fb:ac:55:7c:a2:52:57: ee:49:50:7d:ce:5e:13:60:cc:b6:9c:ee:c3:bf:e0: d9:fd:a3:7d:4f:31:32:df:5d:a4:dd:95:3e:6f:b1: 81:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:2D:1C:4A:42:EF:17:55:EB:94:A2:79:37:42:98:3B:4F:EF:69:B4 X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/EC0cSkLvF1XrlKJ5N0KYO0_vabQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.200.220.0/22 Signature Algorithm: sha256WithRSAEncryption 98:7c:0d:73:24:22:68:e8:00:25:0b:eb:06:d0:63:76:6b:a8: 33:06:c4:46:58:3a:8f:09:3a:fd:d4:0e:a0:1b:fa:44:96:c2: 9e:b2:27:7b:4d:9f:03:f4:dd:e3:29:b2:bb:d9:5d:6f:e6:e3: 92:62:bd:cf:62:4f:35:ba:9b:98:1d:cc:96:fa:cd:32:8e:c8: 13:c6:e3:d1:d0:de:f3:a5:14:1a:07:92:f0:d8:ac:3e:9a:20: 5f:19:cb:29:75:e3:9a:25:be:2a:d0:ba:ae:1d:13:1f:01:df: ba:22:80:1b:2c:d9:5b:b5:e8:53:0d:3c:09:3d:73:4f:a7:c6: 63:1e:29:69:4f:4a:00:80:c9:b9:cc:9e:8e:76:12:48:ac:25: 71:36:1d:08:dc:08:03:e7:b0:ef:da:62:33:0e:8a:d9:3a:a1: 64:50:6f:8f:54:3f:3d:e8:42:f7:b9:c7:9f:a1:7f:fa:f3:c6: eb:ed:78:ac:a4:a5:0c:40:9f:68:35:f9:ab:67:4f:78:da:2d: 11:49:82:b5:72:60:40:73:8e:62:9e:24:da:25:56:b0:45:79: a1:64:e7:c6:3d:e0:67:93:c1:75:7e:6b:3b:8b:cc:ed:61:95: a5:60:7d:d5:fd:b3:8a:81:0d:09:00:46:1b:c0:a2:51:a0:ea: 52:8a:04:e0 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA2MDUw ODUzNTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDEwMkQxQzRBNDJFRjE3 NTVFQjk0QTI3OTM3NDI5ODNCNEZFRjY5QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDA5MmMkw/WDaq6Kq6bFrbSJ5FY9H+1HM5KerqZ6BEmV7hAkvel qXvvHbs81UuA3RBZ34MEqTAyUu5yaUNKSvc3JEXGmcEckMCoRWoqLdCgGg7AWrCX Q13qDLWyuBn2EnePVFvjlnOcB9f0WHl0K6gjO9SCo7aO0ZXuMgySn7LQ55dOwI94 N08JzH6Y6U5cYyGFGGRKOwLRs10HY5a9c39zIlOzhp9A/OhgIPKw5vcYa0e25GkV xfxgNy2EDiFVpt8UmxVNd+pbwoWSK1ViW0sqaECDpcn7vo5C+6xVfKJSV+5JUH3O XhNgzLac7sO/4Nn9o31PMTLfXaTdlT5vsYFtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEC0cSkLvF1XrlKJ5N0KYO0/vabQwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL0VDMGNTa0x2RjFYcmxL SjVOMEtZTzBfdmFiUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnyNwwDQYJKoZIhvcNAQELBQADggEBAJh8DXMkImjoACUL6wbQY3ZrqDMGxEZY Oo8JOv3UDqAb+kSWwp6yJ3tNnwP03eMpsrvZXW/m45Jivc9iTzW6m5gdzJb6zTKO yBPG49HQ3vOlFBoHkvDYrD6aIF8Zyyl145olvirQuq4dEx8B37oigBss2Vu16FMN PAk9c0+nxmMeKWlPSgCAybnMno52EkisJXE2HQjcCAPnsO/aYjMOitk6oWRQb49U Pz3oQve5x5+hf/rzxuvteKykpQxAn2g1+atnT3jaLRFJgrVyYEBzjmKeJNolVrBF eaFk58Y94GeTwXV+azuLzO1hlaVgfdX9s4qBDQkARhvAolGg6lKKBOA= -----END CERTIFICATE-----Generated at Sat Jun 21 18:25:39 2025 by rpki-client