$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/-8IGttLfojDcSTWRcb4iUGPAkbI.roa File: -8IGttLfojDcSTWRcb4iUGPAkbI.roa (raw, json) Hash identifier: mwaUDUFpUsPg0HlxKJGxBjMJe1C9LI2EmugGukbbQGg= Subject key identifier: FB:C2:06:B6:D2:DF:A2:30:DC:49:35:91:71:BE:22:50:63:C0:91:B2 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 07FA Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/-8IGttLfojDcSTWRcb4iUGPAkbI.roa Signing time: Fri 23 May 2025 07:07:19 +0000 ROA not before: Fri 23 May 2025 07:07:19 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 56040 IP address blocks: 223.160.20.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2042 (0x7fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:07:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=FBC206B6D2DFA230DC49359171BE225063C091B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:36:d9:2f:91:55:98:f8:e1:2a:d1:64:41:40: d4:8c:52:45:dd:bc:59:e8:2b:be:5a:5b:6f:ff:16: e1:50:6c:6f:83:ce:29:e2:f4:61:6b:23:6e:1e:ce: 21:b3:c2:a0:3d:88:c1:1f:98:2d:57:9e:24:bd:ec: b5:cd:de:7f:79:b5:b5:07:89:69:4c:bd:48:b2:c8: 90:eb:d2:7f:a9:23:0b:fc:d1:a3:40:fc:18:c6:ba: 35:d9:fd:40:6f:60:dd:d6:f7:64:b4:a2:04:7d:ca: 4b:2f:27:43:7a:67:00:d5:84:8f:72:41:4c:58:37: 2f:e2:f3:3b:77:f0:54:d1:d2:0a:20:26:f8:2c:18: 82:21:cb:92:fc:d6:7f:33:7f:4c:47:0a:b8:6b:9c: b5:ca:11:97:d1:90:8f:20:1d:c3:c4:74:5a:78:7a: 40:35:64:34:f1:22:5e:53:9e:9f:44:0c:18:7e:7a: 90:0f:6f:20:a8:9e:a4:4e:26:0c:96:5e:9f:e5:ee: 64:5a:63:f3:67:69:e2:a9:6e:c4:31:fe:fb:9d:59: f8:5c:e7:c8:93:e0:87:2d:35:aa:a1:1e:02:99:f8: 85:4f:86:7c:3c:99:d4:9d:a8:61:72:d6:ac:a1:86: 06:a8:f1:43:d9:bb:75:eb:86:e2:0b:01:5c:fc:3a: 82:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:C2:06:B6:D2:DF:A2:30:DC:49:35:91:71:BE:22:50:63:C0:91:B2 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/-8IGttLfojDcSTWRcb4iUGPAkbI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.20.0/22 Signature Algorithm: sha256WithRSAEncryption 45:bb:0b:24:e8:4d:1d:9b:4e:e6:f6:5c:41:4e:05:b0:58:8b: bc:45:fa:54:b8:99:b7:bd:3d:93:78:15:14:4c:c8:66:12:e9: c3:fe:7a:1e:35:d7:8c:f4:7d:11:ee:8d:35:c9:1a:51:c6:86: 25:28:47:ae:f8:e3:d8:67:91:44:a0:34:1d:38:01:28:df:e6: ca:1f:7a:27:bb:35:86:d4:a8:16:b6:5f:cd:f8:c7:2f:69:ce: 13:19:bf:81:f5:d1:e1:b9:34:99:2a:84:dd:a8:04:04:0f:7f: c5:9d:62:0f:84:d9:43:a0:0c:09:94:90:11:12:e4:0a:8a:b9: ee:8e:22:71:b2:c4:35:f7:d8:dd:b9:e0:3d:d3:4c:9f:e5:fd: 07:f5:3b:25:2c:98:88:ad:dc:f4:ae:7d:e2:2c:7c:bd:c1:ad: a4:a4:a5:91:52:93:1e:a0:81:d1:ba:f2:2c:4f:24:f7:f7:31: 8e:83:4d:17:98:a3:7e:bb:95:a3:b3:c4:f7:26:82:aa:15:8e: 48:a8:86:9b:3c:be:da:2a:6c:76:ba:10:92:21:ab:90:f8:67: e3:56:ed:21:ba:78:e4:3b:69:2d:dd:13:51:19:05:6e:e1:be: 68:66:3f:4c:2a:3b:b1:83:5c:91:61:ef:25:4f:21:37:d2:ad: 4a:c3:d7:1e -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICB/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzA3MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZCQzIwNkI2RDJERkEy MzBEQzQ5MzU5MTcxQkUyMjUwNjNDMDkxQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlNtkvkVWY+OEq0WRBQNSMUkXdvFnoK75aW2//FuFQbG+Dzini 9GFrI24eziGzwqA9iMEfmC1XniS97LXN3n95tbUHiWlMvUiyyJDr0n+pIwv80aNA /BjGujXZ/UBvYN3W92S0ogR9yksvJ0N6ZwDVhI9yQUxYNy/i8zt38FTR0gogJvgs GIIhy5L81n8zf0xHCrhrnLXKEZfRkI8gHcPEdFp4ekA1ZDTxIl5Tnp9EDBh+epAP byConqROJgyWXp/l7mRaY/NnaeKpbsQx/vudWfhc58iT4IctNaqhHgKZ+IVPhnw8 mdSdqGFy1qyhhgao8UPZu3XrhuILAVz8OoLfAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQU+8IGttLfojDcSTWRcb4iUGPAkbIwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy8tOElHdHRMZm9qRGNTVFdS Y2I0aVVHUEFrYkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC 36AUMA0GCSqGSIb3DQEBCwUAA4IBAQBFuwsk6E0dm07m9lxBTgWwWIu8RfpUuJm3 vT2TeBUUTMhmEunD/noeNdeM9H0R7o01yRpRxoYlKEeu+OPYZ5FEoDQdOAEo3+bK H3onuzWG1KgWtl/N+Mcvac4TGb+B9dHhuTSZKoTdqAQED3/FnWIPhNlDoAwJlJAR EuQKirnujiJxssQ199jdueA900yf5f0H9TslLJiIrdz0rn3iLHy9wa2kpKWRUpMe oIHRuvIsTyT39zGOg00XmKN+u5Wjs8T3JoKqFY5IqIabPL7aKmx2uhCSIauQ+Gfj Vu0hunjkO2kt3RNRGQVu4b5oZj9MKjuxg1yRYe8lTyE30q1Kw9ce -----END CERTIFICATE-----Generated at Wed Jun 4 01:02:08 2025 by rpki-client