$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/64/ghPaf9745tJbRM2YiaM4gRBGbIQ.roa File: ghPaf9745tJbRM2YiaM4gRBGbIQ.roa (raw, json) Hash identifier: c5pyLTuOnotoKT0S1QS5Zk7365IadK9YXzhpFYcEJ8U= Subject key identifier: 82:13:DA:7F:DE:F8:E6:D2:5B:44:CD:98:89:A3:38:81:10:46:6C:84 Certificate issuer: /CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Certificate serial: 0F Authority key identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/ghPaf9745tJbRM2YiaM4gRBGbIQ.roa Signing time: Mon 26 May 2025 00:56:39 +0000 ROA not before: Mon 26 May 2025 00:56:39 +0000 ROA not after: Tue 26 May 2026 00:40:26 +0000 asID: 23724 IP address blocks: 119.61.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 04:41:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15 (0xf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Validity Not Before: May 26 00:56:39 2025 GMT Not After : May 26 00:40:26 2026 GMT Subject: CN=8213DA7FDEF8E6D25B44CD9889A3388110466C84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:09:4d:5f:2c:af:7d:37:1c:51:f1:a7:26:8b: 3e:bd:58:8d:66:8e:63:42:32:b6:9b:da:cb:e2:69: ce:79:05:8a:c2:64:0f:26:a3:99:9f:0a:96:29:b1: 3d:d3:d7:05:d0:0b:39:02:8e:99:db:4d:11:b0:e0: 17:ae:1f:73:3e:dd:ff:1c:3b:f5:ad:70:67:be:51: 8e:df:84:2e:f2:16:e7:0c:f1:cc:a5:2c:81:a6:d6: 0a:76:a6:65:b7:53:94:d5:3a:39:b0:08:ff:c5:7f: f9:6b:6b:e7:36:86:97:0d:96:ae:d3:3c:4a:50:c0: c9:46:69:ce:2a:3b:18:02:90:ff:af:21:00:94:65: 09:a9:49:a3:f9:ea:0b:f9:bc:f5:7f:36:83:71:47: fa:aa:b7:84:a3:ba:d6:f4:47:3f:15:03:82:9e:7e: 0c:ba:08:da:c2:bb:d7:71:e2:76:ab:91:4e:c4:40: 31:70:2f:ae:39:d2:b3:f3:94:cc:53:e8:01:66:04: b3:b3:c6:69:31:32:57:7d:e9:dc:88:41:dd:6f:55: fc:26:84:61:6f:2b:c4:32:9d:d6:59:76:de:3b:84: 1a:28:d7:f2:52:cd:87:94:a5:00:29:e7:14:cd:79: 32:96:c6:26:09:4e:28:b9:1e:a5:cd:a3:9b:41:97: 21:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:13:DA:7F:DE:F8:E6:D2:5B:44:CD:98:89:A3:38:81:10:46:6C:84 X509v3 Authority Key Identifier: keyid:5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/ghPaf9745tJbRM2YiaM4gRBGbIQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.61.0.0/17 Signature Algorithm: sha256WithRSAEncryption 24:ea:f8:c6:7a:62:69:3c:a8:ae:e2:bd:b4:42:12:98:13:36: 0e:6a:18:01:a0:90:56:0f:da:d1:06:d7:f1:25:f4:f1:d7:e0: e7:e4:76:24:18:de:9b:a3:8e:db:ae:46:64:ae:8e:05:39:dd: 24:51:45:de:1d:c6:15:1a:bb:b3:a8:53:05:0c:b3:80:2e:78: 07:57:e0:5a:22:bd:4d:f7:6a:57:93:1b:b7:73:d0:d6:20:f5: 2a:6e:70:a4:b6:99:26:0f:f0:3c:c0:20:29:ab:8b:65:37:29: 12:be:56:78:5f:61:89:44:bf:61:b5:1e:e8:ac:3a:02:26:29: f4:bb:45:db:51:d8:ce:ea:2a:36:7a:d4:87:d7:6c:c5:a3:b4: 87:37:2d:e8:51:8f:8e:92:60:56:9f:94:aa:74:b5:46:cc:67: 89:e3:31:49:76:ca:8b:b9:30:83:74:71:89:e5:e8:c6:cb:ee: 4b:50:78:fb:0a:17:4b:c2:bc:8c:50:4b:8b:f4:2c:fb:27:4e: e5:35:97:64:b0:2c:8e:78:6e:09:b9:0e:a1:d3:5e:ea:6a:dd: 2c:2f:f7:7e:9b:2f:cb:93:99:c5:66:d4:aa:36:68:21:00:52: a1:63:e3:70:09:1e:ba:8e:da:d3:b7:95:3f:4f:7f:7e:b1:b7: 9a:c1:3d:39 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIBDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RUI4 QzU3RDcyRjc5NDZERDdCMjQyMDU5OTI4OEVDQTE1M0NCNzA5MB4XDTI1MDUyNjAw NTYzOVoXDTI2MDUyNjAwNDAyNlowMzExMC8GA1UEAxMoODIxM0RBN0ZERUY4RTZE MjVCNDRDRDk4ODlBMzM4ODExMDQ2NkM4NDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOYJTV8sr303HFHxpyaLPr1YjWaOY0Iytpvay+JpznkFisJkDyaj mZ8KlimxPdPXBdALOQKOmdtNEbDgF64fcz7d/xw79a1wZ75Rjt+ELvIW5wzxzKUs gabWCnamZbdTlNU6ObAI/8V/+Wtr5zaGlw2WrtM8SlDAyUZpzio7GAKQ/68hAJRl CalJo/nqC/m89X82g3FH+qq3hKO61vRHPxUDgp5+DLoI2sK713HidquRTsRAMXAv rjnSs/OUzFPoAWYEs7PGaTEyV33p3IhB3W9V/CaEYW8rxDKd1ll23juEGijX8lLN h5SlACnnFM15MpbGJglOKLkepc2jm0GXIcUCAwEAAaOCAe8wggHrMB0GA1UdDgQW BBSCE9p/3vjm0ltEzZiJoziBEEZshDAfBgNVHSMEGDAWgBReuMV9cveUbdeyQgWZ KI7KFTy3CTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NC9Y cmpGZlhMM2xHM1hza0lGbVNpT3loVTh0d2suY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL1hyakZmWEwzbEczWHNrSUZtU2lPeWhVOHR3ay5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0L2doUGFmOTc0NXRKYlJNMllp YU00Z1JCR2JJUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAd3 PQAwDQYJKoZIhvcNAQELBQADggEBACTq+MZ6Ymk8qK7ivbRCEpgTNg5qGAGgkFYP 2tEG1/El9PHX4OfkdiQY3pujjtuuRmSujgU53SRRRd4dxhUau7OoUwUMs4AueAdX 4FoivU33aleTG7dz0NYg9SpucKS2mSYP8DzAICmri2U3KRK+VnhfYYlEv2G1Huis OgImKfS7RdtR2M7qKjZ61IfXbMWjtIc3LehRj46SYFaflKp0tUbMZ4njMUl2you5 MIN0cYnl6MbL7ktQePsKF0vCvIxQS4v0LPsnTuU1l2SwLI54bgm5DqHTXupq3Swv 936bL8uTmcVm1Ko2aCEAUqFj43AJHrqO2tO3lT9Pf36xt5rBPTk= -----END CERTIFICATE-----Generated at Sun Jun 22 00:20:08 2025 by rpki-client