$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/CsbL2zc06qlI5qiGhv8iWDSiHpo.roa File: CsbL2zc06qlI5qiGhv8iWDSiHpo.roa (raw, json) Hash identifier: WRx0mQaFMO/zcpfEjAPiBz7zQ4TDgEAoJmPOhrxqLqM= Subject key identifier: 0A:C6:CB:DB:37:34:EA:A9:48:E6:A8:86:86:FF:22:58:34:A2:1E:9A Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Certificate serial: 1661 Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/CsbL2zc06qlI5qiGhv8iWDSiHpo.roa Signing time: Mon 23 Jun 2025 02:38:36 +0000 ROA not before: Mon 23 Jun 2025 02:38:36 +0000 ROA not after: Thu 09 Apr 2026 06:41:24 +0000 asID: 174 IP address blocks: 218.98.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 09:14:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5729 (0x1661) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Validity Not Before: Jun 23 02:38:36 2025 GMT Not After : Apr 9 06:41:24 2026 GMT Subject: CN=0AC6CBDB3734EAA948E6A88686FF225834A21E9A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:03:c6:fa:2e:37:0a:68:54:2f:85:3a:ff:8e: ef:dd:e2:89:c2:80:62:61:a1:2e:99:3d:f3:5a:a8: 39:43:8e:87:a2:7c:f6:ea:79:65:69:17:be:89:95: ef:b4:1d:a2:3c:fa:4b:d1:92:d3:6c:1b:e2:11:cf: 94:2c:09:25:76:6b:85:f8:b1:06:d2:48:54:95:30: d3:fe:a3:db:1c:9a:b9:9a:8d:5f:1d:42:d5:8e:83: bb:61:c2:8f:43:e0:b9:7d:5c:9f:ea:d2:64:bc:bd: f1:d2:05:b9:1b:10:8f:72:05:55:c6:cb:d2:1b:bd: 62:b2:98:0e:f2:3c:47:f1:08:61:b3:1a:65:a8:d1: 61:c1:6a:54:07:0d:1c:c9:65:db:15:ad:8c:b6:55: 51:1d:c3:30:f1:d6:a9:28:b1:59:a5:35:34:35:d3: 0c:39:cd:0c:2a:57:e3:f2:bb:25:55:f2:92:0f:27: f4:c6:7d:6b:f2:a2:db:7a:61:89:7b:a3:1a:a0:52: 83:1d:f1:d9:5a:40:3d:c1:0f:73:8a:ed:a6:af:95: ab:e1:08:cc:6d:40:a9:f6:95:99:45:15:e9:db:71: 3c:91:0c:6c:ec:65:7e:6f:aa:d9:d6:41:3f:bc:1d: 70:d3:20:72:4e:6b:67:c7:29:6d:10:b4:87:84:36: 85:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:C6:CB:DB:37:34:EA:A9:48:E6:A8:86:86:FF:22:58:34:A2:1E:9A X509v3 Authority Key Identifier: keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/CsbL2zc06qlI5qiGhv8iWDSiHpo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.98.64.0/19 Signature Algorithm: sha256WithRSAEncryption 67:68:3c:be:61:90:80:72:d7:ae:0c:50:e1:07:06:69:c1:98: b9:3a:d1:94:4d:10:b1:60:f0:2d:4a:d3:6f:91:ff:21:50:e6: a0:78:d6:ad:9c:55:23:89:5d:2b:ca:38:1d:ad:4f:3e:73:8d: 87:c3:3c:11:8c:46:f3:75:c1:af:03:8c:38:7e:42:07:86:7a: bb:af:f9:b8:96:7c:2c:c9:86:77:c9:0c:ce:33:eb:50:f2:21: 1a:8c:b0:47:99:6d:e9:7c:79:17:b8:6d:43:96:f0:2d:eb:1a: ac:05:71:ad:7c:e3:ee:25:3b:d5:aa:76:9b:07:3a:09:13:d2: b4:cc:00:53:6c:0d:ab:a5:28:cd:ef:b1:3e:89:97:b6:2e:b9: a9:80:24:54:14:f5:75:e8:17:d7:df:bf:24:92:53:86:a6:a8: c4:b9:db:1b:3c:3a:cb:41:67:1e:db:b7:06:6a:b3:eb:ee:27: 96:ea:56:b4:ee:8c:02:01:7c:40:01:91:4d:71:a6:d2:89:61: e2:80:f8:ed:1c:b1:e6:f1:d1:17:67:3f:40:cd:70:e6:71:e6: 31:0a:39:b4:53:f7:86:e9:9a:63:2b:da:dd:87:e9:b0:d2:c3: c1:18:ce:8e:f4:1c:5e:e8:ac:32:d3:2e:db:a1:1d:ce:45:1e: 24:0f:fc:8c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2 ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA2MjMw MjM4MzZaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKDBBQzZDQkRCMzczNEVB QTk0OEU2QTg4Njg2RkYyMjU4MzRBMjFFOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCTA8b6LjcKaFQvhTr/ju/d4onCgGJhoS6ZPfNaqDlDjoeifPbq eWVpF76Jle+0HaI8+kvRktNsG+IRz5QsCSV2a4X4sQbSSFSVMNP+o9scmrmajV8d QtWOg7thwo9D4Ll9XJ/q0mS8vfHSBbkbEI9yBVXGy9IbvWKymA7yPEfxCGGzGmWo 0WHBalQHDRzJZdsVrYy2VVEdwzDx1qkosVmlNTQ10ww5zQwqV+PyuyVV8pIPJ/TG fWvyott6YYl7oxqgUoMd8dlaQD3BD3OK7aavlavhCMxtQKn2lZlFFenbcTyRDGzs ZX5vqtnWQT+8HXDTIHJOa2fHKW0QtIeENoVTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCsbL2zc06qlI5qiGhv8iWDSiHpowHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvQ3NiTDJ6YzA2cWxJ NXFpR2h2OGlXRFNpSHBvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBdpiQDANBgkqhkiG9w0BAQsFAAOCAQEAZ2g8vmGQgHLXrgxQ4QcGacGYuTrR lE0QsWDwLUrTb5H/IVDmoHjWrZxVI4ldK8o4Ha1PPnONh8M8EYxG83XBrwOMOH5C B4Z6u6/5uJZ8LMmGd8kMzjPrUPIhGoywR5lt6Xx5F7htQ5bwLesarAVxrXzj7iU7 1ap2mwc6CRPStMwAU2wNq6Uoze+xPomXti65qYAkVBT1degX19+/JJJThqaoxLnb Gzw6y0FnHtu3Bmqz6+4nlupWtO6MAgF8QAGRTXGm0olh4oD47Ryx5vHRF2c/QM1w 5nHmMQo5tFP3humaYyva3YfpsNLDwRjOjvQcXuisMtMu26EdzkUeJA/8jA== -----END CERTIFICATE-----Generated at Tue Jul 1 08:03:28 2025 by rpki-client