$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/64/PDflsZuvg8-6ap7hZ_S293XAEs8.roa File: PDflsZuvg8-6ap7hZ_S293XAEs8.roa (raw, json) Hash identifier: g7HtnFG2KoFpC4ixAAbI9CS9N4IAR7RNGgtVlUBc1Ic= Subject key identifier: 3C:37:E5:B1:9B:AF:83:CF:BA:6A:9E:E1:67:F4:B6:F7:75:C0:12:CF Certificate issuer: /CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Certificate serial: 04 Authority key identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/PDflsZuvg8-6ap7hZ_S293XAEs8.roa Signing time: Mon 26 May 2025 00:46:36 +0000 ROA not before: Mon 26 May 2025 00:46:36 +0000 ROA not after: Tue 26 May 2026 00:40:26 +0000 asID: 9803 IP address blocks: 211.150.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 18:41:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Validity Not Before: May 26 00:46:36 2025 GMT Not After : May 26 00:40:26 2026 GMT Subject: CN=3C37E5B19BAF83CFBA6A9EE167F4B6F775C012CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:bd:34:1c:79:f2:24:49:42:af:a6:9c:14:35: b8:03:3d:19:76:23:cb:75:9f:fc:9e:dd:1f:9c:a0: 27:30:fe:4a:22:b1:af:48:80:8b:95:52:5c:a7:81: 0c:0e:02:c8:db:57:dd:92:6f:e7:2a:0c:ec:b0:d5: bf:3e:20:b1:d8:9a:d2:4c:e8:23:7d:54:b5:66:7d: e3:25:43:3f:3f:d8:3c:9e:03:29:c7:b4:ae:8f:21: e1:ff:7b:d5:80:cc:80:0b:5b:10:6b:a2:fe:3d:3d: a2:47:ea:d6:41:53:96:2f:ab:91:2b:2c:4a:13:b5: ba:94:aa:ea:55:90:f6:71:67:d5:c8:a3:3d:20:87: a2:ab:16:cb:72:7e:ed:c9:b4:72:b6:73:f8:83:1c: 7b:38:bb:06:be:88:17:22:c4:f8:31:5e:44:8d:c9: 96:e4:c4:ab:3e:9c:53:b7:2e:19:d4:ff:40:37:42: ff:fa:ce:5c:f9:30:a6:1d:8b:ab:53:e1:ea:1d:f6: c2:3a:fb:5f:16:55:f1:55:21:6a:8f:40:b1:59:01: a7:e2:d7:63:80:50:5a:f8:d6:fb:ad:48:76:fe:a0: 7d:1d:cf:01:c0:0f:ae:60:1a:0f:90:33:ec:2c:ca: dc:c6:e3:ef:db:57:3a:15:51:e1:cf:f5:a9:b6:c2: 33:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:37:E5:B1:9B:AF:83:CF:BA:6A:9E:E1:67:F4:B6:F7:75:C0:12:CF X509v3 Authority Key Identifier: keyid:5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/PDflsZuvg8-6ap7hZ_S293XAEs8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.150.100.0/24 Signature Algorithm: sha256WithRSAEncryption 67:48:ed:f9:a4:c6:cb:dc:b2:99:1e:32:f0:0a:08:f0:d8:4b: 6e:ec:ca:fb:b8:54:e0:c7:92:20:5f:81:8c:f6:52:0d:0f:05: fd:c3:02:96:06:53:21:a8:a2:29:0d:5c:a2:81:f8:09:38:02: 5f:12:8e:b5:2b:9e:f7:5b:69:23:6e:ca:0b:f9:2d:36:97:e4: eb:e4:60:6a:7a:41:7c:b9:a5:3c:d8:69:d2:74:5e:d3:ac:76: 8f:45:bb:76:f3:c7:44:58:43:b5:5c:a6:e1:2a:51:fb:3a:be: 19:58:dc:66:75:b7:1c:92:0f:a9:5a:50:31:ea:ae:67:2e:f7: 43:16:cc:00:76:5e:ea:08:9b:dc:6b:e5:6b:ae:29:26:09:71: b6:d2:ed:e8:75:24:0a:98:0e:57:d8:4f:09:25:1d:e8:b9:49: cd:cc:78:4d:25:fe:e6:7b:f8:a0:0f:88:98:30:3f:b8:c1:01: be:a7:3f:2e:a0:dc:1f:73:12:c6:d9:dd:32:7e:25:5a:ed:2d: 17:ec:74:7f:72:e8:54:60:8e:a8:00:2c:01:a3:3b:35:b2:ca: f9:ee:d7:40:ab:65:35:c9:d8:bc:3e:ca:d5:54:30:aa:ba:8e: 9e:40:ee:46:92:c1:fa:ed:e0:5b:a3:07:46:34:05:2d:58:17: 0f:7b:e7:4b -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RUI4 QzU3RDcyRjc5NDZERDdCMjQyMDU5OTI4OEVDQTE1M0NCNzA5MB4XDTI1MDUyNjAw NDYzNloXDTI2MDUyNjAwNDAyNlowMzExMC8GA1UEAxMoM0MzN0U1QjE5QkFGODND RkJBNkE5RUUxNjdGNEI2Rjc3NUMwMTJDRjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOC9NBx58iRJQq+mnBQ1uAM9GXYjy3Wf/J7dH5ygJzD+SiKxr0iA i5VSXKeBDA4CyNtX3ZJv5yoM7LDVvz4gsdia0kzoI31UtWZ94yVDPz/YPJ4DKce0 ro8h4f971YDMgAtbEGui/j09okfq1kFTli+rkSssShO1upSq6lWQ9nFn1cijPSCH oqsWy3J+7cm0crZz+IMcezi7Br6IFyLE+DFeRI3JluTEqz6cU7cuGdT/QDdC//rO XPkwph2Lq1Ph6h32wjr7XxZV8VUhao9AsVkBp+LXY4BQWvjW+61Idv6gfR3PAcAP rmAaD5Az7CzK3Mbj79tXOhVR4c/1qbbCM48CAwEAAaOCAe8wggHrMB0GA1UdDgQW BBQ8N+Wxm6+Dz7pqnuFn9Lb3dcASzzAfBgNVHSMEGDAWgBReuMV9cveUbdeyQgWZ KI7KFTy3CTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NC9Y cmpGZlhMM2xHM1hza0lGbVNpT3loVTh0d2suY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL1hyakZmWEwzbEczWHNrSUZtU2lPeWhVOHR3ay5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0L1BEZmxzWnV2ZzgtNmFwN2ha X1MyOTNYQUVzOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADT lmQwDQYJKoZIhvcNAQELBQADggEBAGdI7fmkxsvcspkeMvAKCPDYS27syvu4VODH kiBfgYz2Ug0PBf3DApYGUyGooikNXKKB+Ak4Al8SjrUrnvdbaSNuygv5LTaX5Ovk YGp6QXy5pTzYadJ0XtOsdo9Fu3bzx0RYQ7VcpuEqUfs6vhlY3GZ1txySD6laUDHq rmcu90MWzAB2XuoIm9xr5WuuKSYJcbbS7eh1JAqYDlfYTwklHei5Sc3MeE0l/uZ7 +KAPiJgwP7jBAb6nPy6g3B9zEsbZ3TJ+JVrtLRfsdH9y6FRgjqgALAGjOzWyyvnu 10CrZTXJ2Lw+ytVUMKq6jp5A7kaSwfrt4FujB0Y0BS1YFw9750s= -----END CERTIFICATE-----Generated at Sat Jun 21 18:10:47 2025 by rpki-client