$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/iuW7OASYxTbyLYOF3CjyalJ_5oM.roa File: iuW7OASYxTbyLYOF3CjyalJ_5oM.roa (raw, json) Hash identifier: k9Or3BQMtCIUl4N8wxLUc62+5EDuHRziekJOqB1/coI= Subject key identifier: 8A:E5:BB:38:04:98:C5:36:F2:2D:83:85:DC:28:F2:6A:52:7F:E6:83 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1439 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/iuW7OASYxTbyLYOF3CjyalJ_5oM.roa Signing time: Mon 26 May 2025 23:39:30 +0000 ROA not before: Mon 26 May 2025 23:39:30 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146806 IP address blocks: 45.250.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:11:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5177 (0x1439) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: May 26 23:39:30 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=8AE5BB380498C536F22D8385DC28F26A527FE683 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:4d:6e:22:aa:aa:c4:06:ea:b4:94:95:e8:15: b0:7e:88:0d:bc:8f:c8:70:b6:b0:5b:6c:28:2e:4c: df:68:a2:c9:22:ed:97:9f:21:06:e3:2a:1c:6d:68: d3:95:8c:b5:bc:60:cf:4f:cf:de:ca:03:6d:4f:e3: d0:18:8d:04:82:9f:13:76:5f:00:09:09:d8:6d:28: ff:9d:10:51:1f:85:46:7c:95:f5:14:94:00:72:e6: 9c:a2:2b:dc:5a:0c:ef:76:b6:b7:cd:61:12:9d:f0: 34:01:93:ae:89:ba:09:13:40:30:3c:d7:98:9c:9e: 72:c4:f9:81:70:d5:93:9a:cb:48:d4:c1:da:cf:2b: 1a:7a:c0:bc:87:b5:bf:3b:f6:8d:7b:66:1d:6c:d4: b5:be:ca:03:21:f5:f8:6e:52:8f:74:c1:bd:92:2b: 46:eb:1f:bd:64:e1:8a:a9:6c:bf:76:9e:78:17:ce: 44:ef:1f:fa:c0:9d:13:db:38:47:87:0c:aa:e1:69: d4:26:32:59:89:2a:e2:69:5a:52:35:5f:dd:d5:45: 65:2a:e2:81:ad:86:27:ef:94:ea:d5:e9:f2:fa:78: 1a:5c:44:a6:f9:63:5a:95:08:75:19:3c:6f:39:3d: 64:31:54:3e:89:b0:f1:89:e4:b4:0d:36:b9:09:53: 44:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:E5:BB:38:04:98:C5:36:F2:2D:83:85:DC:28:F2:6A:52:7F:E6:83 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/iuW7OASYxTbyLYOF3CjyalJ_5oM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.153.0/24 Signature Algorithm: sha256WithRSAEncryption a2:84:89:89:c2:71:10:5d:97:a9:55:b5:9f:00:3e:f4:05:c0: 43:e7:51:6c:e3:bc:6d:57:07:08:5c:10:3d:4e:13:ee:8d:b4: ba:d0:c6:08:19:a6:bd:c8:57:2b:f7:72:15:99:3a:05:08:62: 40:a2:03:16:49:87:28:d8:6e:7d:ee:01:3f:2b:6d:e3:21:e7: c2:0a:22:d6:a8:b3:90:96:ea:eb:74:a3:bf:0a:e9:a2:18:2b: 5d:a3:8e:48:bb:f8:53:3f:c4:d6:5b:cc:a1:52:40:04:7b:9f: a0:b8:c8:57:74:e6:48:1e:a1:fc:1a:33:f5:96:ac:76:df:07: 6d:35:89:ce:4c:01:91:f1:75:0f:7f:53:fe:e8:40:22:f2:2c: e3:b8:6d:50:27:83:88:fc:43:85:ef:27:21:79:b7:0d:1d:ff: d4:4c:8f:07:f2:1d:7f:bb:7b:bc:c7:fa:86:91:73:63:e0:9f: 81:2f:e6:3f:2f:64:38:56:eb:c8:0a:91:27:10:c9:ea:88:0d: 8d:77:d8:e1:2c:ab:3c:10:57:61:45:7e:c8:6b:1f:f7:9e:58: 33:0b:78:8b:7d:e4:a1:28:1f:a0:61:1e:cc:fb:4f:7e:74:21: 63:d4:74:c1:61:d4:d5:75:69:ae:09:3b:4b:55:a4:c8:55:11: 12:f9:b7:fb -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFDkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA1MjYy MzM5MzBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhBRTVCQjM4MDQ5OEM1 MzZGMjJEODM4NURDMjhGMjZBNTI3RkU2ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCXTW4iqqrEBuq0lJXoFbB+iA28j8hwtrBbbCguTN9ooski7Zef IQbjKhxtaNOVjLW8YM9Pz97KA21P49AYjQSCnxN2XwAJCdhtKP+dEFEfhUZ8lfUU lABy5pyiK9xaDO92trfNYRKd8DQBk66JugkTQDA815icnnLE+YFw1ZOay0jUwdrP Kxp6wLyHtb879o17Zh1s1LW+ygMh9fhuUo90wb2SK0brH71k4YqpbL92nngXzkTv H/rAnRPbOEeHDKrhadQmMlmJKuJpWlI1X93VRWUq4oGthifvlOrV6fL6eBpcRKb5 Y1qVCHUZPG85PWQxVD6JsPGJ5LQNNrkJU0RjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUiuW7OASYxTbyLYOF3CjyalJ/5oMwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvaXVXN09BU1l4VGJ5 TFlPRjNDanlhbEpfNW9NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC36mTANBgkqhkiG9w0BAQsFAAOCAQEAooSJicJxEF2XqVW1nwA+9AXAQ+dR bOO8bVcHCFwQPU4T7o20utDGCBmmvchXK/dyFZk6BQhiQKIDFkmHKNhufe4BPytt 4yHnwgoi1qizkJbq63SjvwrpohgrXaOOSLv4Uz/E1lvMoVJABHufoLjIV3TmSB6h /Boz9Zasdt8HbTWJzkwBkfF1D39T/uhAIvIs47htUCeDiPxDhe8nIXm3DR3/1EyP B/Idf7t7vMf6hpFzY+CfgS/mPy9kOFbryAqRJxDJ6ogNjXfY4SyrPBBXYUV+yGsf 955YMwt4i33koSgfoGEezPtPfnQhY9R0wWHU1XVprgk7S1WkyFUREvm3+w== -----END CERTIFICATE-----Generated at Wed Jun 4 01:04:02 2025 by rpki-client