$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/IkZF2VORQzlbUojsrTphCdszKqc.roa File: IkZF2VORQzlbUojsrTphCdszKqc.roa (raw, json) Hash identifier: 0kC36+mVolBQQCuRyquKEScwAsSkdyyZX4x06kOmSiI= Subject key identifier: 22:46:45:D9:53:91:43:39:5B:52:88:EC:AD:3A:61:09:DB:33:2A:A7 Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1E90 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/IkZF2VORQzlbUojsrTphCdszKqc.roa Signing time: Thu 05 Jun 2025 09:02:28 +0000 ROA not before: Thu 05 Jun 2025 09:02:28 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4808 IP address blocks: 202.65.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 04:41:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7824 (0x1e90) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Jun 5 09:02:28 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=224645D9539143395B5288ECAD3A6109DB332AA7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:10:a8:4b:bc:5c:f1:08:a2:40:b2:00:f9:d1: 71:0f:2e:54:2a:e0:71:87:1e:73:ce:9a:ce:54:bc: 51:41:69:24:4f:5e:7a:bc:ab:a3:c0:65:3f:e1:df: 15:af:e8:4c:95:81:02:7b:f4:ee:59:42:3f:4a:e1: 99:64:8a:9a:72:53:e9:b4:94:07:86:eb:ce:61:d9: 12:70:3f:8d:5f:2e:75:2b:37:8a:33:69:50:f1:d0: ba:e5:d4:4e:1e:bf:9a:e7:74:5b:e5:2b:eb:4c:9f: a0:f7:5e:5d:23:02:e8:a9:83:f7:5e:b7:a1:a6:b0: 6f:b4:49:19:19:76:94:0d:e9:8e:8f:42:0c:1c:4d: fb:08:56:2a:55:d2:d7:21:11:37:a0:d9:b0:39:11: a7:52:eb:cd:98:62:cc:d8:7e:bd:33:4d:c9:71:d4: 2b:be:ce:68:12:08:6b:4e:e7:26:69:74:38:5e:8c: f6:93:be:0b:1d:10:b1:1d:ac:56:d8:fd:5e:b9:0c: b4:c5:72:ed:28:9a:e0:d8:01:7d:61:78:35:6c:b1: 04:b3:4a:0d:75:99:79:44:fc:d6:33:f0:ba:a3:ae: 16:93:b0:57:e3:71:c4:16:b0:55:0b:de:70:17:e8: 11:05:d1:7e:85:c8:1b:f8:00:42:64:16:d0:8e:96: 53:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:46:45:D9:53:91:43:39:5B:52:88:EC:AD:3A:61:09:DB:33:2A:A7 X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/IkZF2VORQzlbUojsrTphCdszKqc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.65.96.0/24 Signature Algorithm: sha256WithRSAEncryption 58:90:8c:ce:23:ea:88:93:be:a2:47:1a:ae:37:cd:cd:15:0c: ee:31:3a:92:be:52:19:d7:f5:37:6a:5d:04:49:68:84:2e:83: 09:78:e8:09:7c:47:de:05:6c:e3:42:d0:09:2e:45:a0:f0:84: 93:36:fe:4e:4e:d0:00:64:b4:fc:1e:fc:81:78:1d:fb:ae:97: f4:83:cf:4f:9f:1b:bd:0e:1e:8c:3e:98:cc:90:39:c3:8a:0b: 73:80:a7:0d:c9:cd:26:c4:b0:ff:ba:44:94:3e:f2:ca:20:7f: 21:79:6a:82:91:c5:c4:89:58:29:42:4c:ec:1f:8f:7f:93:e2: 84:a4:99:3e:33:f0:25:0d:53:23:39:0a:c9:f1:04:f7:05:ca: 4a:e4:41:6c:8a:cb:86:6e:31:bc:a7:5a:de:c3:c1:31:40:8e: ab:e1:dd:eb:57:62:5d:8a:9c:60:e8:ac:ab:b6:8b:d3:a6:75: 81:7c:f4:a1:39:e5:a8:5d:9f:5b:25:75:68:7f:3b:b1:66:f1: 58:be:8d:3e:ce:91:38:1c:11:93:09:5d:9e:80:f4:b0:81:2b: 65:2e:b3:81:10:70:c7:33:ad:f0:28:83:36:ab:3d:0d:94:cd: e7:c1:9c:ad:14:55:e4:fd:06:0e:ba:bd:00:1f:a9:d7:2b:1c: c5:fe:89:ed -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA2MDUw OTAyMjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIyNDY0NUQ5NTM5MTQz Mzk1QjUyODhFQ0FEM0E2MTA5REIzMzJBQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJEKhLvFzxCKJAsgD50XEPLlQq4HGHHnPOms5UvFFBaSRPXnq8 q6PAZT/h3xWv6EyVgQJ79O5ZQj9K4ZlkippyU+m0lAeG685h2RJwP41fLnUrN4oz aVDx0Lrl1E4ev5rndFvlK+tMn6D3Xl0jAuipg/det6GmsG+0SRkZdpQN6Y6PQgwc TfsIVipV0tchETeg2bA5EadS682YYszYfr0zTclx1Cu+zmgSCGtO5yZpdDhejPaT vgsdELEdrFbY/V65DLTFcu0omuDYAX1heDVssQSzSg11mXlE/NYz8LqjrhaTsFfj ccQWsFUL3nAX6BEF0X6FyBv4AEJkFtCOllO9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUIkZF2VORQzlbUojsrTphCdszKqcwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL0lrWkYyVk9SUXpsYlVv anNyVHBoQ2RzektxYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKQWAwDQYJKoZIhvcNAQELBQADggEBAFiQjM4j6oiTvqJHGq43zc0VDO4xOpK+ UhnX9TdqXQRJaIQugwl46Al8R94FbONC0AkuRaDwhJM2/k5O0ABktPwe/IF4Hfuu l/SDz0+fG70OHow+mMyQOcOKC3OApw3JzSbEsP+6RJQ+8sogfyF5aoKRxcSJWClC TOwfj3+T4oSkmT4z8CUNUyM5CsnxBPcFykrkQWyKy4ZuMbynWt7DwTFAjqvh3etX Yl2KnGDorKu2i9OmdYF89KE55ahdn1sldWh/O7Fm8Vi+jT7OkTgcEZMJXZ6A9LCB K2Uus4EQcMczrfAogzarPQ2UzefBnK0UVeT9Bg66vQAfqdcrHMX+ie0= -----END CERTIFICATE-----Generated at Sun Jun 22 03:55:51 2025 by rpki-client