$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/XhUoeoz9VJqqIq46N3RDeT_yZEE.roa File: XhUoeoz9VJqqIq46N3RDeT_yZEE.roa (raw, json) Hash identifier: tXItQfPXQIdUmohhpDIXLj/1/DGqLBI7gNct3iexofo= Subject key identifier: 5E:15:28:7A:8C:FD:54:9A:AA:22:AE:3A:37:74:43:79:3F:F2:64:41 Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Certificate serial: 165E Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/XhUoeoz9VJqqIq46N3RDeT_yZEE.roa Signing time: Mon 23 Jun 2025 02:19:05 +0000 ROA not before: Mon 23 Jun 2025 02:19:05 +0000 ROA not after: Thu 09 Apr 2026 06:41:24 +0000 asID: 174 IP address blocks: 114.66.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 14:14:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5726 (0x165e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Validity Not Before: Jun 23 02:19:05 2025 GMT Not After : Apr 9 06:41:24 2026 GMT Subject: CN=5E15287A8CFD549AAA22AE3A377443793FF26441 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:15:1e:64:d5:30:b4:6e:64:21:d6:a8:07:7f: 3c:b3:d2:03:34:7d:b4:be:20:95:9e:93:1c:de:a1: 5e:5e:23:7f:d2:fb:af:91:55:3f:e5:0a:df:36:4b: 7f:b2:22:47:10:18:02:b7:56:24:db:aa:8b:36:3b: ca:f4:4e:3a:11:87:6a:3f:4e:d2:28:f1:dc:2b:83: e0:c3:99:94:2a:c0:4f:d6:2e:1b:27:57:0f:8b:84: c5:5a:83:5f:ce:b9:ac:bc:49:e8:8f:6d:d2:3f:2e: f3:91:60:89:a7:33:1a:67:5d:40:20:41:74:4f:ed: 5a:25:ac:f5:59:ef:97:09:33:d4:63:5e:69:2b:8c: 6a:dc:b2:49:99:1e:5f:63:7b:f5:34:15:5d:c5:e9: 38:f5:d3:b7:15:0c:bf:9c:0a:d4:55:d2:49:d2:c1: c9:2e:4d:79:de:f0:fa:3b:3a:24:7d:10:c9:1e:ef: 45:24:18:8d:40:40:b4:32:1a:c8:91:ca:87:1f:47: a8:a0:c2:d2:52:de:9b:27:01:45:17:15:38:68:a9: 97:38:c4:84:e0:d4:bd:ae:d2:4c:24:5c:11:85:85: 97:58:b4:aa:63:6f:80:c1:ee:f1:2b:c8:56:08:ea: 0f:a3:16:18:25:90:f0:f5:20:99:5f:33:74:5d:2c: 32:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:15:28:7A:8C:FD:54:9A:AA:22:AE:3A:37:74:43:79:3F:F2:64:41 X509v3 Authority Key Identifier: keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/XhUoeoz9VJqqIq46N3RDeT_yZEE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.66.232.0/22 Signature Algorithm: sha256WithRSAEncryption 80:17:f5:37:7f:e0:84:a5:cb:44:fe:72:af:c0:4b:f3:fd:f4: a0:30:7d:9a:aa:69:19:42:d0:8b:1c:f1:3f:e7:0f:c4:7a:68: bd:c5:d3:9b:7e:8a:2f:f0:88:86:eb:21:29:9e:52:5a:0b:98: ee:4a:ba:20:66:8d:24:d7:de:bd:0e:22:7b:d6:9e:d5:04:67: 58:b0:8e:6c:aa:d1:72:e9:a8:f9:60:28:5a:cd:ba:4c:7c:39: 7d:de:8a:c8:aa:ec:a0:26:7d:0f:f5:f4:54:73:b2:d4:8f:bd: a1:e1:11:cd:f7:91:5e:74:a2:36:8c:bf:5b:54:48:e1:ba:9a: c9:5d:79:68:05:3a:2e:71:b2:22:ad:db:1f:f0:d6:f3:80:9b: 63:b0:fc:9c:41:b3:a3:74:8d:f0:fc:6b:a6:e4:10:7a:9a:b5: cf:27:94:15:1c:f5:f2:90:c1:c2:d2:03:14:3d:6a:c2:57:81: 1e:76:ba:d2:4a:f0:86:db:7b:45:6c:65:25:10:99:04:15:bc: b9:49:15:85:23:54:60:f1:d7:0e:f3:ae:01:c3:a8:c8:72:d0: 8b:70:b5:48:a4:3a:dc:a0:6c:b9:f8:92:b0:73:46:01:54:d0: e8:dd:1b:17:07:bb:f1:ce:d7:91:51:15:c3:78:a7:23:6f:42: bc:64:22:e0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2 ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA2MjMw MjE5MDVaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKDVFMTUyODdBOENGRDU0 OUFBQTIyQUUzQTM3NzQ0Mzc5M0ZGMjY0NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3FR5k1TC0bmQh1qgHfzyz0gM0fbS+IJWekxzeoV5eI3/S+6+R VT/lCt82S3+yIkcQGAK3ViTbqos2O8r0TjoRh2o/TtIo8dwrg+DDmZQqwE/WLhsn Vw+LhMVag1/Ouay8SeiPbdI/LvORYImnMxpnXUAgQXRP7VolrPVZ75cJM9RjXmkr jGrcskmZHl9je/U0FV3F6Tj107cVDL+cCtRV0knSwckuTXne8Po7OiR9EMke70Uk GI1AQLQyGsiRyocfR6igwtJS3psnAUUXFThoqZc4xITg1L2u0kwkXBGFhZdYtKpj b4DB7vEryFYI6g+jFhglkPD1IJlfM3RdLDJhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXhUoeoz9VJqqIq46N3RDeT/yZEEwHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvWGhVb2VvejlWSnFx SXE0Nk4zUkRlVF95WkVFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnJC6DANBgkqhkiG9w0BAQsFAAOCAQEAgBf1N3/ghKXLRP5yr8BL8/30oDB9 mqppGULQixzxP+cPxHpovcXTm36KL/CIhushKZ5SWguY7kq6IGaNJNfevQ4ie9ae 1QRnWLCObKrRcumo+WAoWs26THw5fd6KyKrsoCZ9D/X0VHOy1I+9oeERzfeRXnSi Noy/W1RI4bqayV15aAU6LnGyIq3bH/DW84CbY7D8nEGzo3SN8PxrpuQQepq1zyeU FRz18pDBwtIDFD1qwleBHna60krwhtt7RWxlJRCZBBW8uUkVhSNUYPHXDvOuAcOo yHLQi3C1SKQ63KBsufiSsHNGAVTQ6N0bFwe78c7XkVEVw3inI29CvGQi4A== -----END CERTIFICATE-----Generated at Tue Jul 1 13:51:20 2025 by rpki-client