$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/5uAiQZ05durBeksYbXMt0Bo-PiM.roa File: 5uAiQZ05durBeksYbXMt0Bo-PiM.roa (raw, json) Hash identifier: c/lJiz4dYjbbu8fq0m5BFpzjO0LiK4zNrex6olGAyP8= Subject key identifier: E6:E0:22:41:9D:39:76:EA:C1:7A:4B:18:6D:73:2D:D0:1A:3E:3E:23 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0827 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/5uAiQZ05durBeksYbXMt0Bo-PiM.roa Signing time: Fri 23 May 2025 07:36:34 +0000 ROA not before: Fri 23 May 2025 07:36:34 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 56041 IP address blocks: 223.161.220.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2087 (0x827) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:36:34 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E6E022419D3976EAC17A4B186D732DD01A3E3E23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:dd:ad:ec:99:5e:67:67:53:f7:4d:30:64:23: 48:1b:d1:c1:10:0e:cf:33:d2:98:e1:bf:cd:38:11: 2b:aa:93:c2:51:4e:51:21:95:cd:ef:db:3e:74:18: 97:58:02:5a:42:3d:d5:95:5f:b4:4f:d9:96:3a:d5: cb:ce:57:4c:10:74:e3:1f:b5:65:01:2b:18:ca:d3: c0:54:76:95:bb:e0:62:27:c2:4d:8c:7d:28:18:21: a0:2c:98:e5:b4:3b:86:a0:e4:31:a8:82:fd:1b:e3: 62:19:b6:6a:c1:ea:82:66:ae:e7:fd:a8:5a:41:90: a1:bf:6a:b5:66:a3:c9:42:16:b2:f7:65:8a:20:14: 3c:3a:51:60:fc:6d:fe:dc:9e:c8:1d:d2:8f:a5:c5: 39:52:c2:8d:5d:8d:f3:1c:28:ee:7e:65:ed:70:6c: 5f:80:fc:52:1c:4d:ca:96:af:7c:07:d1:94:a0:2b: 50:a7:ac:53:9a:8e:a6:cc:1b:9a:09:91:1d:b7:e6: d7:b2:ae:c2:a1:b6:2b:48:c1:d1:c3:13:c0:5e:a5: 30:65:99:d2:21:82:d3:54:9f:ed:91:5a:a2:c7:e0: 42:52:9d:99:d2:2f:86:61:b8:13:7d:dc:94:6a:63: 3a:2e:d8:ee:d0:a1:21:a3:3f:56:76:c4:d8:31:a4: 55:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:E0:22:41:9D:39:76:EA:C1:7A:4B:18:6D:73:2D:D0:1A:3E:3E:23 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/5uAiQZ05durBeksYbXMt0Bo-PiM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.161.220.0/23 Signature Algorithm: sha256WithRSAEncryption 61:2d:f5:05:1b:e9:e6:12:54:76:b7:00:b3:3a:68:46:6a:9a: 1d:e7:fe:92:fe:55:57:48:38:d1:47:8c:19:eb:89:50:6f:0c: 15:50:7d:de:9d:bc:94:03:6e:6b:8e:89:0b:a3:07:e3:19:f4: 56:6b:0b:ba:cc:2c:e1:d7:10:9b:d5:9d:c5:74:2d:13:a2:d4: ca:a7:90:9c:4c:11:0c:e9:c0:eb:95:a2:37:70:3a:e5:5d:20: ba:5f:79:0c:29:41:e6:64:22:ff:79:6b:c5:ad:4e:71:3d:8e: 33:b1:94:7e:40:99:d4:92:a8:05:96:98:c8:8d:24:92:91:66: 64:0e:82:83:1a:bd:ec:3a:9e:ee:5d:5d:29:45:a6:b8:84:79: e8:0a:77:53:d2:c7:5b:4f:4f:f4:31:e6:ef:af:ed:41:f5:99: ea:7d:22:e8:cc:43:48:dd:0d:7f:4d:c2:61:5c:45:e7:3f:50: 2a:06:af:26:db:3c:3e:f0:a7:f8:04:65:f5:18:c3:04:29:fd: 41:af:be:44:08:89:2c:4d:e0:dd:07:9f:cf:a1:fe:cb:0d:84: 40:49:96:d2:fb:95:4a:bf:34:87:3d:8c:f7:e1:65:f4:23:25: d0:a6:ff:98:21:7d:b8:10:4b:a0:f0:9d:58:26:d6:25:c2:e6: ca:52:5d:06 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCCcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzM2MzRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU2RTAyMjQxOUQzOTc2 RUFDMTdBNEIxODZENzMyREQwMUEzRTNFMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDg3a3smV5nZ1P3TTBkI0gb0cEQDs8z0pjhv804ESuqk8JRTlEh lc3v2z50GJdYAlpCPdWVX7RP2ZY61cvOV0wQdOMftWUBKxjK08BUdpW74GInwk2M fSgYIaAsmOW0O4ag5DGogv0b42IZtmrB6oJmruf9qFpBkKG/arVmo8lCFrL3ZYog FDw6UWD8bf7cnsgd0o+lxTlSwo1djfMcKO5+Ze1wbF+A/FIcTcqWr3wH0ZSgK1Cn rFOajqbMG5oJkR235teyrsKhtitIwdHDE8BepTBlmdIhgtNUn+2RWqLH4EJSnZnS L4ZhuBN93JRqYzou2O7QoSGjP1Z2xNgxpFWrAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQU5uAiQZ05durBeksYbXMt0Bo+PiMwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy81dUFpUVowNWR1ckJla3NZ YlhNdDBCby1QaU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36HcMA0GCSqGSIb3DQEBCwUAA4IBAQBhLfUFG+nmElR2twCzOmhGapod5/6S/lVX SDjRR4wZ64lQbwwVUH3enbyUA25rjokLowfjGfRWawu6zCzh1xCb1Z3FdC0TotTK p5CcTBEM6cDrlaI3cDrlXSC6X3kMKUHmZCL/eWvFrU5xPY4zsZR+QJnUkqgFlpjI jSSSkWZkDoKDGr3sOp7uXV0pRaa4hHnoCndT0sdbT0/0Mebvr+1B9ZnqfSLozENI 3Q1/TcJhXEXnP1AqBq8m2zw+8Kf4BGX1GMMEKf1Br75ECIksTeDdB5/Pof7LDYRA SZbS+5VKvzSHPYz34WX0IyXQpv+YIX24EEug8J1YJtYlwubKUl0G -----END CERTIFICATE-----Generated at Wed Jun 4 00:55:51 2025 by rpki-client