$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3282/CFAswhBnRmzys5EG_RnDZoJ67xU.roa File: CFAswhBnRmzys5EG_RnDZoJ67xU.roa (raw, json) Hash identifier: 9J3EVHTS0qReXMU+XLU0kajttFwzT6Li9MKj9+Ovv00= Subject key identifier: 08:50:2C:C2:10:67:46:6C:F2:B3:91:06:FD:19:C3:66:82:7A:EF:15 Certificate issuer: /CN=4CF09146DE604C0E442D56C68FC86CC50400AD21 Certificate serial: 0764 Authority key identifier: 4C:F0:91:46:DE:60:4C:0E:44:2D:56:C6:8F:C8:6C:C5:04:00:AD:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TPCRRt5gTA5ELVbGj8hsxQQArSE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/CFAswhBnRmzys5EG_RnDZoJ67xU.roa Signing time: Wed 28 May 2025 15:42:08 +0000 ROA not before: Wed 28 May 2025 15:42:08 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 151261 IP address blocks: 160.19.82.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TPCRRt5gTA5ELVbGj8hsxQQArSE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:11:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1892 (0x764) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4CF09146DE604C0E442D56C68FC86CC50400AD21 Validity Not Before: May 28 15:42:08 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=08502CC21067466CF2B39106FD19C366827AEF15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:63:d8:05:38:7d:b8:39:d9:89:9e:b5:a6:03: 08:8e:29:84:76:b1:4a:8e:78:af:8f:77:d2:51:94: 70:d9:23:9b:a6:40:66:2f:46:ed:f8:7f:00:de:6b: f1:d2:b0:cf:fc:50:dd:c3:4e:23:6a:4e:69:92:d5: a1:be:57:40:ae:20:fa:19:4d:e1:27:f3:ee:ff:05: 4c:8f:8c:92:99:72:04:0f:69:b1:76:9b:45:2a:67: c3:d9:dd:4e:6c:15:28:e6:12:27:28:89:66:cc:0c: 11:08:cd:4d:f3:fd:b8:96:dc:dc:52:0a:79:a9:01: 35:e1:b6:65:55:17:67:28:da:25:b5:da:7b:ff:33: 50:26:f3:fe:0a:03:7f:28:40:cd:df:a7:fd:9f:91: 27:64:e1:4a:68:a7:1b:f6:fb:02:6d:a0:17:e8:70: 90:5a:23:9f:f7:08:57:2e:8d:1f:40:89:df:0d:18: a1:40:a4:d4:f6:94:59:5c:2c:f9:49:7e:e9:5a:87: fe:bc:ff:63:6a:38:f0:a3:d7:7a:3f:19:d5:1e:37: 42:c2:aa:b1:33:24:29:01:02:62:4e:f9:14:4a:73: 12:0e:01:f3:64:94:03:ce:ca:0f:e2:4a:33:db:fd: 65:e1:79:5e:61:0e:bd:63:43:2f:1f:d9:25:14:b4: 42:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:50:2C:C2:10:67:46:6C:F2:B3:91:06:FD:19:C3:66:82:7A:EF:15 X509v3 Authority Key Identifier: keyid:4C:F0:91:46:DE:60:4C:0E:44:2D:56:C6:8F:C8:6C:C5:04:00:AD:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/TPCRRt5gTA5ELVbGj8hsxQQArSE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TPCRRt5gTA5ELVbGj8hsxQQArSE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3282/CFAswhBnRmzys5EG_RnDZoJ67xU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 160.19.82.0/23 Signature Algorithm: sha256WithRSAEncryption 06:dd:16:48:95:c7:4c:ef:f3:b5:c5:eb:a2:f1:00:4d:9b:c8: 2a:8e:10:b0:cf:47:16:00:14:5f:74:d8:3c:37:8b:0b:20:40: 60:8d:8e:32:51:04:76:df:29:bb:a2:8e:1e:c3:33:8c:9f:58: ec:28:0a:c3:3a:53:a0:00:c8:0c:43:c0:d2:17:99:ef:65:da: 54:aa:88:2d:cc:06:e4:5e:39:3b:3b:ff:96:0e:12:3b:6b:8d: 45:87:6c:24:45:40:20:64:61:5e:3d:2f:7b:54:32:da:c0:7b: 71:17:c8:ed:9c:76:09:34:8b:a6:9c:f2:4b:2b:18:99:0c:c6: bb:83:6f:a6:60:7d:b5:13:6c:c2:10:2e:76:64:94:72:39:ea: 18:79:96:7c:ba:dd:84:2f:22:10:5d:af:81:44:8f:98:86:a6: fb:29:ae:b8:ca:77:be:e1:e3:4b:ac:75:67:7c:d1:19:a2:a0: 18:3a:26:27:cc:ef:a8:72:e6:76:25:0f:c8:2f:5d:e7:f6:28: c0:90:b5:9e:57:2b:a8:62:fb:fd:78:83:4f:c6:b4:d9:a4:52: 48:8a:c4:72:bb:d4:a5:e0:1d:7a:75:5b:f8:f3:4f:00:ae:e2: 38:6b:2a:25:a4:57:65:5d:99:12:75:50:28:58:7a:11:0d:f0: 8f:d3:aa:a3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICB2QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNENG MDkxNDZERTYwNEMwRTQ0MkQ1NkM2OEZDODZDQzUwNDAwQUQyMTAeFw0yNTA1Mjgx NTQyMDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA4NTAyQ0MyMTA2NzQ2 NkNGMkIzOTEwNkZEMTlDMzY2ODI3QUVGMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/Y9gFOH24OdmJnrWmAwiOKYR2sUqOeK+Pd9JRlHDZI5umQGYv Ru34fwDea/HSsM/8UN3DTiNqTmmS1aG+V0CuIPoZTeEn8+7/BUyPjJKZcgQPabF2 m0UqZ8PZ3U5sFSjmEicoiWbMDBEIzU3z/biW3NxSCnmpATXhtmVVF2co2iW12nv/ M1Am8/4KA38oQM3fp/2fkSdk4Upopxv2+wJtoBfocJBaI5/3CFcujR9Aid8NGKFA pNT2lFlcLPlJfulah/68/2NqOPCj13o/GdUeN0LCqrEzJCkBAmJO+RRKcxIOAfNk lAPOyg/iSjPb/WXheV5hDr1jQy8f2SUUtEJrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUCFAswhBnRmzys5EG/RnDZoJ67xUwHwYDVR0jBBgwFoAUTPCRRt5gTA5ELVbG j8hsxQQArSEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4 Mi9UUENSUnQ1Z1RBNUVMVmJHajhoc3hRUUFyU0UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RQQ1JSdDVnVEE1RUxWYkdqOGhzeFFRQXJTRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODIvQ0ZBc3doQm5SbXp5 czVFR19SbkRab0o2N3hVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAaATUjANBgkqhkiG9w0BAQsFAAOCAQEABt0WSJXHTO/ztcXrovEATZvIKo4Q sM9HFgAUX3TYPDeLCyBAYI2OMlEEdt8pu6KOHsMzjJ9Y7CgKwzpToADIDEPA0heZ 72XaVKqILcwG5F45Ozv/lg4SO2uNRYdsJEVAIGRhXj0ve1Qy2sB7cRfI7Zx2CTSL ppzySysYmQzGu4NvpmB9tRNswhAudmSUcjnqGHmWfLrdhC8iEF2vgUSPmIam+ymu uMp3vuHjS6x1Z3zRGaKgGDomJ8zvqHLmdiUPyC9d5/YowJC1nlcrqGL7/XiDT8a0 2aRSSIrEcrvUpeAdenVb+PNPAK7iOGsqJaRXZV2ZEnVQKFh6EQ3wj9Oqow== -----END CERTIFICATE-----Generated at Wed Jun 4 01:23:17 2025 by rpki-client