$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/cXiSf5yZyj3VPYYCKSaNq56a2rg.roa File: cXiSf5yZyj3VPYYCKSaNq56a2rg.roa (raw, json) Hash identifier: Rt6GnFaeomDApDENIxrkjqoB1bSFUS0qhjpljRCPndU= Subject key identifier: 71:78:92:7F:9C:99:CA:3D:D5:3D:86:02:29:26:8D:AB:9E:9A:DA:B8 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1434 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/cXiSf5yZyj3VPYYCKSaNq56a2rg.roa Signing time: Mon 26 May 2025 23:39:28 +0000 ROA not before: Mon 26 May 2025 23:39:28 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146806 IP address blocks: 45.250.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:11:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5172 (0x1434) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: May 26 23:39:28 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=7178927F9C99CA3DD53D860229268DAB9E9ADAB8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:54:d4:ef:5b:b9:a4:32:23:05:a6:3a:36:83: af:b6:27:9a:8f:a4:98:17:e0:15:c8:3d:76:4e:b4: 05:b0:5a:06:b1:db:42:19:31:5e:6a:d2:6a:4c:2c: 1e:32:7d:f6:01:81:90:7c:28:85:5b:5b:45:3f:b5: f9:15:6c:77:87:89:f9:51:44:71:73:d5:bf:a0:9a: 3c:d1:6c:4a:d1:15:b7:c6:d9:79:8b:2c:7c:3f:ae: 3c:9b:20:d7:b8:e5:05:7f:b6:05:ca:0e:62:97:e9: 42:b5:8e:fc:6a:e8:74:7b:4c:11:eb:e5:1c:6f:cf: 75:f5:58:6a:2b:60:06:0b:f1:06:19:1e:46:bc:ad: 87:64:71:6e:b0:02:d7:a3:5c:04:38:98:bc:60:c4: 2d:9b:93:42:d3:a9:92:1d:0d:0c:87:17:37:ad:87: 4f:5e:14:38:f3:dc:95:23:94:e2:12:6a:23:b3:02: c7:2d:e7:f1:82:89:36:0b:4f:2b:89:30:80:7e:74: 25:48:a5:a9:bc:3c:ab:d0:77:c2:12:db:00:55:0a: 06:98:2d:2b:4b:6b:37:47:7b:61:91:a4:8d:4d:63: 56:ff:f8:ca:46:cb:af:c1:a2:d3:e2:b2:14:f4:ba: ab:ba:a8:5b:26:4a:c3:3f:cb:6f:05:b2:61:ff:5e: 34:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:78:92:7F:9C:99:CA:3D:D5:3D:86:02:29:26:8D:AB:9E:9A:DA:B8 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/cXiSf5yZyj3VPYYCKSaNq56a2rg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.152.0/24 Signature Algorithm: sha256WithRSAEncryption e2:65:13:bb:e0:3e:8a:3f:1a:fd:41:90:07:11:5f:c1:87:4f: 47:2f:62:07:65:0f:3a:63:e8:af:52:10:89:b5:8c:0b:cc:94: 8b:b2:31:50:2d:7b:2f:43:98:8c:92:b6:01:10:81:6d:2f:f9: 15:e6:77:e2:9c:cc:e4:75:03:29:11:d3:5c:4b:51:b1:30:5b: 5e:1b:ff:eb:4b:00:ef:c2:d7:06:be:42:7b:0f:7b:81:57:1b: 91:40:e7:78:03:50:36:a8:2e:16:88:1a:69:2c:3b:b4:dd:3b: a7:bb:e4:e3:e1:00:39:ec:3b:ac:26:6f:14:69:f4:8d:6f:9b: 8e:c5:43:be:4e:c1:5b:18:f9:96:c7:45:6b:fb:99:48:89:85: 20:ad:fc:06:15:51:28:69:86:98:dc:07:ec:24:3f:c8:83:80: 48:77:23:00:a5:95:3b:66:16:16:bc:19:c9:57:ef:94:67:75: b0:bf:ba:70:57:3b:e2:34:cd:1d:69:53:3e:e7:8b:d1:2e:98: c4:df:ba:2a:9a:19:82:90:93:e7:aa:36:2a:5a:2f:14:1c:8f: 22:2d:35:e9:7c:74:ab:8d:53:8b:ae:1c:87:c2:c3:12:af:6a: c8:b9:8a:d4:b5:9e:85:8a:aa:0a:e4:01:9c:11:0b:83:78:7e: e1:af:15:86 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFDQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA1MjYy MzM5MjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDcxNzg5MjdGOUM5OUNB M0RENTNEODYwMjI5MjY4REFCOUU5QURBQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsVNTvW7mkMiMFpjo2g6+2J5qPpJgX4BXIPXZOtAWwWgax20IZ MV5q0mpMLB4yffYBgZB8KIVbW0U/tfkVbHeHiflRRHFz1b+gmjzRbErRFbfG2XmL LHw/rjybINe45QV/tgXKDmKX6UK1jvxq6HR7TBHr5Rxvz3X1WGorYAYL8QYZHka8 rYdkcW6wAtejXAQ4mLxgxC2bk0LTqZIdDQyHFzeth09eFDjz3JUjlOISaiOzAsct 5/GCiTYLTyuJMIB+dCVIpam8PKvQd8IS2wBVCgaYLStLazdHe2GRpI1NY1b/+MpG y6/BotPishT0uqu6qFsmSsM/y28FsmH/XjQ7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUcXiSf5yZyj3VPYYCKSaNq56a2rgwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvY1hpU2Y1eVp5ajNW UFlZQ0tTYU5xNTZhMnJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC36mDANBgkqhkiG9w0BAQsFAAOCAQEA4mUTu+A+ij8a/UGQBxFfwYdPRy9i B2UPOmPor1IQibWMC8yUi7IxUC17L0OYjJK2ARCBbS/5FeZ34pzM5HUDKRHTXEtR sTBbXhv/60sA78LXBr5Cew97gVcbkUDneANQNqguFogaaSw7tN07p7vk4+EAOew7 rCZvFGn0jW+bjsVDvk7BWxj5lsdFa/uZSImFIK38BhVRKGmGmNwH7CQ/yIOASHcj AKWVO2YWFrwZyVfvlGd1sL+6cFc74jTNHWlTPueL0S6YxN+6KpoZgpCT56o2Klov FByPIi016Xx0q41Ti64ch8LDEq9qyLmK1LWehYqqCuQBnBELg3h+4a8Vhg== -----END CERTIFICATE-----Generated at Wed Jun 4 01:03:32 2025 by rpki-client