$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/aGbshMTCsokWooKVA9PeMNUJ-G8.roa File: aGbshMTCsokWooKVA9PeMNUJ-G8.roa (raw, json) Hash identifier: 16o5mskag/BXbkBmolzej0Dyn4GYuPSqvKt9AV5x/D8= Subject key identifier: 68:66:EC:84:C4:C2:B2:89:16:A2:82:95:03:D3:DE:30:D5:09:F8:6F Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Certificate serial: 1663 Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/aGbshMTCsokWooKVA9PeMNUJ-G8.roa Signing time: Mon 23 Jun 2025 02:58:17 +0000 ROA not before: Mon 23 Jun 2025 02:58:17 +0000 ROA not after: Thu 09 Apr 2026 06:41:24 +0000 asID: 174 IP address blocks: 114.66.228.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 01 Jul 2025 14:14:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5731 (0x1663) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Validity Not Before: Jun 23 02:58:17 2025 GMT Not After : Apr 9 06:41:24 2026 GMT Subject: CN=6866EC84C4C2B28916A2829503D3DE30D509F86F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:aa:e8:bc:3f:0f:06:da:5f:e7:a3:ca:0f:09: a0:6a:b1:ba:04:e5:14:e0:38:d2:d7:4b:9f:10:ae: b7:99:a2:de:e7:ec:33:70:78:c3:52:10:81:1e:43: ac:1f:cc:e8:91:e7:8f:b8:f0:1f:d1:bc:ff:5c:cc: 1e:84:dd:95:3b:46:dd:4b:c8:e8:bf:23:e3:8e:b5: ad:f5:db:33:f2:6c:2e:c8:c5:de:4c:ca:d2:f2:cf: 1d:aa:05:ee:5a:69:6a:cb:9c:9a:0b:f9:ea:4d:94: c5:d2:1b:4a:55:19:5a:e2:15:36:b4:c7:01:c4:2c: 83:f6:5a:63:97:2d:1b:1f:ca:54:0c:05:20:45:b8: 0c:34:af:cf:53:82:0e:8c:7c:51:f0:fc:c5:9a:1a: 0d:0c:3b:5a:69:e0:2e:50:b3:c5:81:67:e0:ee:3b: 83:4a:3e:99:a7:82:7d:27:87:b0:3b:3f:40:73:0c: 04:fa:e5:ac:d2:8c:b6:33:80:c4:45:45:21:74:bb: eb:59:72:77:43:77:3c:e6:f9:0d:c1:a5:47:30:fb: 56:77:98:5d:c6:68:24:bb:b6:95:cd:3d:80:fd:fa: 27:2d:11:b4:fc:65:98:51:ea:58:1f:8e:02:d3:8e: 2b:d4:66:49:0c:08:91:07:14:9c:30:7e:5a:64:df: 6c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:66:EC:84:C4:C2:B2:89:16:A2:82:95:03:D3:DE:30:D5:09:F8:6F X509v3 Authority Key Identifier: keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/aGbshMTCsokWooKVA9PeMNUJ-G8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.66.228.0/22 Signature Algorithm: sha256WithRSAEncryption 65:66:35:25:77:1a:13:a2:d9:f0:e1:d7:f0:8d:2f:92:13:f8: e7:2b:5f:35:23:0e:f0:26:0f:5b:4f:7d:b2:7c:64:01:61:4e: b2:31:96:33:8a:99:24:87:97:a8:8b:53:8f:2b:91:60:f5:4a: 2a:6a:96:cc:d5:32:4f:e6:31:79:3c:4e:15:59:54:20:05:11: 60:de:48:9e:90:cd:83:88:54:1a:6b:27:93:fa:c9:9a:9b:3a: 9e:03:c7:7c:2a:bc:9c:84:1f:cc:e7:86:8f:a7:89:ae:fd:02: 4b:e0:b0:99:e2:a6:ba:55:f7:1a:13:03:ff:66:31:f2:f7:2a: 1c:17:96:b8:04:26:ff:00:bc:6a:10:9d:03:98:72:c2:e1:89: 2d:36:ad:d8:c4:fa:ea:62:05:2f:89:70:69:52:83:95:1a:fd: 1b:aa:c2:6e:1d:c5:e4:49:a7:30:8a:2a:c6:2e:57:4e:ee:2a: 0d:75:35:ca:fc:d2:a7:87:b0:c1:05:0c:b2:ef:af:6b:38:9e: a4:ab:73:53:6e:d3:db:2a:da:24:1a:77:b7:74:87:f4:e4:92: d8:12:e5:93:41:de:f9:c3:2d:e8:eb:81:d5:b2:2d:e4:0f:5d: c1:16:81:33:85:71:a9:4c:c3:ab:b9:30:0f:3e:a3:ac:56:34: b3:3a:ce:85 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFmMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2 ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA2MjMw MjU4MTdaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKDY4NjZFQzg0QzRDMkIy ODkxNkEyODI5NTAzRDNERTMwRDUwOUY4NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwqui8Pw8G2l/no8oPCaBqsboE5RTgONLXS58QrreZot7n7DNw eMNSEIEeQ6wfzOiR54+48B/RvP9czB6E3ZU7Rt1LyOi/I+OOta312zPybC7Ixd5M ytLyzx2qBe5aaWrLnJoL+epNlMXSG0pVGVriFTa0xwHELIP2WmOXLRsfylQMBSBF uAw0r89Tgg6MfFHw/MWaGg0MO1pp4C5Qs8WBZ+DuO4NKPpmngn0nh7A7P0BzDAT6 5azSjLYzgMRFRSF0u+tZcndDdzzm+Q3BpUcw+1Z3mF3GaCS7tpXNPYD9+ictEbT8 ZZhR6lgfjgLTjivUZkkMCJEHFJwwflpk32xnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUaGbshMTCsokWooKVA9PeMNUJ+G8wHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvYUdic2hNVENzb2tX b29LVkE5UGVNTlVKLUc4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnJC5DANBgkqhkiG9w0BAQsFAAOCAQEAZWY1JXcaE6LZ8OHX8I0vkhP45ytf NSMO8CYPW099snxkAWFOsjGWM4qZJIeXqItTjyuRYPVKKmqWzNUyT+YxeTxOFVlU IAURYN5InpDNg4hUGmsnk/rJmps6ngPHfCq8nIQfzOeGj6eJrv0CS+CwmeKmulX3 GhMD/2Yx8vcqHBeWuAQm/wC8ahCdA5hywuGJLTat2MT66mIFL4lwaVKDlRr9G6rC bh3F5EmnMIoqxi5XTu4qDXU1yvzSp4ewwQUMsu+vaziepKtzU27T2yraJBp3t3SH 9OSS2BLlk0He+cMt6OuB1bIt5A9dwRaBM4VxqUzDq7kwDz6jrFY0szrOhQ== -----END CERTIFICATE-----Generated at Tue Jul 1 13:50:21 2025 by rpki-client