$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/YHoC-Ib7VAPfOYMbo8u5Of10E5c.roa File: YHoC-Ib7VAPfOYMbo8u5Of10E5c.roa (raw, json) Hash identifier: 2QPtUsTGSjLGKyk0f7KmLP5/Lp4ZoaIrEQvVm6IKzOI= Subject key identifier: 60:7A:02:F8:86:FB:54:03:DF:39:83:1B:A3:CB:B9:39:FD:74:13:97 Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1E86 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/YHoC-Ib7VAPfOYMbo8u5Of10E5c.roa Signing time: Thu 05 Jun 2025 08:53:13 +0000 ROA not before: Thu 05 Jun 2025 08:53:13 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 131314 IP address blocks: 202.57.201.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 15 Jun 2025 09:26:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7814 (0x1e86) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Jun 5 08:53:13 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=607A02F886FB5403DF39831BA3CBB939FD741397 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f6:d7:0e:ca:7e:04:c4:0e:66:65:77:0c:fc: 4c:32:a1:78:12:85:50:d4:7f:dd:40:3a:68:e6:00: ff:70:96:ba:99:b5:f4:ea:ac:8d:6c:50:a4:ec:6f: 40:67:00:8c:47:1b:e6:63:3f:85:a5:f2:9a:6b:8e: b1:33:f0:e2:23:9b:b9:ef:6d:79:d6:ab:27:75:06: 8e:1a:c5:e6:51:91:2f:9e:11:32:6b:e2:aa:00:0e: 76:d0:ac:57:28:53:66:7f:12:01:88:9d:a6:6b:8b: 16:0c:e3:df:b5:ae:cc:6d:cb:98:4f:48:7b:a3:0b: ae:ed:4f:24:cb:5f:c8:66:01:51:98:83:14:6f:13: 5d:fa:c9:a5:19:62:22:03:a4:14:d2:9c:1c:ca:47: 33:c1:13:18:92:7d:5c:f3:d1:6c:3b:37:e1:27:58: 5b:f2:b8:6e:64:96:6a:22:98:e0:6b:53:a2:8c:9b: 8f:28:7d:ad:11:6b:9f:f3:35:97:fe:2c:ac:37:87: b3:86:e5:dd:07:d3:f1:19:a5:cb:3e:e5:84:25:40: 00:84:73:86:79:93:21:21:ec:75:e3:3f:ef:56:ff: ba:27:0b:8d:8f:77:f6:09:d8:a0:42:a5:15:9b:8a: 93:db:b3:ff:80:4c:aa:6c:31:09:39:05:b7:b4:48: e9:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:7A:02:F8:86:FB:54:03:DF:39:83:1B:A3:CB:B9:39:FD:74:13:97 X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/YHoC-Ib7VAPfOYMbo8u5Of10E5c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.57.201.0/24 Signature Algorithm: sha256WithRSAEncryption 08:f7:d2:25:d7:2b:3d:20:c2:bd:90:03:3e:8b:c1:f1:58:a0: d2:83:3b:56:d6:53:ef:42:23:4d:de:5f:81:78:6a:14:ee:90: 99:47:0f:dc:c4:43:f6:d4:3a:61:5d:01:97:2e:53:53:d2:33: 20:1e:9e:5c:0e:63:39:97:e1:84:f5:c9:ff:a2:ee:bc:1d:1b: bb:07:45:cc:57:34:58:03:6c:97:58:ee:21:e4:6b:59:ca:67: ca:e1:a1:19:48:b0:a1:8b:94:2d:2f:a8:2b:72:99:dc:14:8d: 17:01:a9:ff:e7:3d:57:3d:86:57:ca:45:c5:a1:9e:44:00:7e: e2:d9:e4:47:83:8a:58:48:27:8c:8f:fc:ec:ae:53:3c:ed:4c: 06:16:b7:15:13:16:a8:0e:ee:2b:fc:45:2e:d7:f9:7e:af:8a: eb:07:e2:21:3f:57:aa:99:ac:49:69:6d:6c:33:dc:fd:c1:92: 35:e0:71:4c:ff:15:61:3c:66:2c:5d:ee:11:39:67:d3:88:f0: ce:d5:d2:ab:e3:6f:66:35:ce:94:a7:50:ce:35:52:41:87:64: ec:0d:b2:b6:40:c5:48:2b:8f:b8:c6:8f:80:5a:a4:d0:65:3b: 4a:92:1e:17:9e:ec:ca:37:33:6c:6c:86:81:80:a2:84:d1:dd: 44:56:f6:5e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA2MDUw ODUzMTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYwN0EwMkY4ODZGQjU0 MDNERjM5ODMxQkEzQ0JCOTM5RkQ3NDEzOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDL9tcOyn4ExA5mZXcM/EwyoXgShVDUf91AOmjmAP9wlrqZtfTq rI1sUKTsb0BnAIxHG+ZjP4Wl8pprjrEz8OIjm7nvbXnWqyd1Bo4axeZRkS+eETJr 4qoADnbQrFcoU2Z/EgGInaZrixYM49+1rsxty5hPSHujC67tTyTLX8hmAVGYgxRv E136yaUZYiIDpBTSnBzKRzPBExiSfVzz0Ww7N+EnWFvyuG5klmoimOBrU6KMm48o fa0Ra5/zNZf+LKw3h7OG5d0H0/EZpcs+5YQlQACEc4Z5kyEh7HXjP+9W/7onC42P d/YJ2KBCpRWbipPbs/+ATKpsMQk5Bbe0SOkPAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUYHoC+Ib7VAPfOYMbo8u5Of10E5cwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL1lIb0MtSWI3VkFQZk9Z TWJvOHU1T2YxMEU1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKOckwDQYJKoZIhvcNAQELBQADggEBAAj30iXXKz0gwr2QAz6LwfFYoNKDO1bW U+9CI03eX4F4ahTukJlHD9zEQ/bUOmFdAZcuU1PSMyAenlwOYzmX4YT1yf+i7rwd G7sHRcxXNFgDbJdY7iHka1nKZ8rhoRlIsKGLlC0vqCtymdwUjRcBqf/nPVc9hlfK RcWhnkQAfuLZ5EeDilhIJ4yP/OyuUzztTAYWtxUTFqgO7iv8RS7X+X6viusH4iE/ V6qZrElpbWwz3P3BkjXgcUz/FWE8Zixd7hE5Z9OI8M7V0qvjb2Y1zpSnUM41UkGH ZOwNsrZAxUgrj7jGj4BapNBlO0qSHhee7Mo3M2xshoGAooTR3URW9l4= -----END CERTIFICATE-----Generated at Sun Jun 15 09:25:21 2025 by rpki-client