$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/JH36kv3BYVtBJUKeHBNkQ8LSMKg.roa File: JH36kv3BYVtBJUKeHBNkQ8LSMKg.roa (raw, json) Hash identifier: Pcoq/KXeV0HGfHNloftKMkQny2XnTjf8wbZlD1k36FY= Subject key identifier: 24:7D:FA:92:FD:C1:61:5B:41:25:42:9E:1C:13:64:43:C2:D2:30:A8 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0816 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/JH36kv3BYVtBJUKeHBNkQ8LSMKg.roa Signing time: Fri 23 May 2025 07:17:24 +0000 ROA not before: Fri 23 May 2025 07:17:24 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 38019 IP address blocks: 223.160.134.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2070 (0x816) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:17:24 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=247DFA92FDC1615B4125429E1C136443C2D230A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:9f:77:dd:44:02:dc:95:d5:6e:0a:af:bd:c2: ff:f8:6b:ca:b8:25:82:d5:3b:53:3b:80:f5:3d:bb: af:8a:ab:8d:9e:dc:e0:82:ae:b8:f9:85:67:3d:09: e3:06:a7:b4:ab:0b:79:1d:d1:71:9f:9a:11:35:07: 44:4e:d5:54:a2:98:8d:73:d9:43:a6:82:05:50:b5: c0:ac:54:15:01:f3:f3:f9:f0:a8:d4:ba:ce:f0:d5: 96:65:f2:a2:17:b5:5a:d3:b1:ff:2f:29:ee:29:e3: d1:09:5c:85:78:99:d6:7f:3a:79:76:8c:fc:93:83: a5:2e:80:f8:79:54:6f:cb:76:1b:33:11:85:ba:1b: 95:d1:47:39:5f:52:37:1f:6f:41:26:38:2e:8b:ec: 11:c2:83:ac:0a:1b:b5:e1:fe:24:98:fb:70:eb:f8: 45:a7:6b:64:4c:88:61:e0:bc:ce:72:f0:e3:cd:e1: c1:72:4e:62:c2:a7:9f:d5:10:3e:3b:26:e0:c9:66: 7f:2d:67:0b:4e:98:0f:f2:1a:3c:93:f9:0e:1a:28: a4:e9:1b:fd:e6:38:93:53:fb:2f:1d:d5:34:42:9e: 99:fe:7e:7d:70:88:b5:19:06:5e:24:62:7b:7b:ce: 07:72:23:a8:35:04:41:be:e8:0f:c9:db:32:5b:13: 27:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:7D:FA:92:FD:C1:61:5B:41:25:42:9E:1C:13:64:43:C2:D2:30:A8 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/JH36kv3BYVtBJUKeHBNkQ8LSMKg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.134.0/23 Signature Algorithm: sha256WithRSAEncryption 71:2f:05:2e:70:1d:72:79:47:ed:55:3d:4e:a4:f0:6b:fe:65: 8d:17:21:e9:67:37:d4:3b:56:c7:cb:61:16:3a:cf:d5:6c:3a: 71:81:27:62:37:e5:a9:75:d6:51:15:ba:91:11:e2:9e:15:17: 71:6e:5d:5f:df:b8:c6:e9:f6:3d:31:41:8f:53:d1:80:c4:c5: 3b:3d:3e:6f:4f:dd:a5:21:9f:f0:39:fb:17:e2:95:59:2b:a1: f9:76:da:c7:c7:c5:2e:63:52:de:95:1e:94:b9:4e:eb:e3:61: 93:d2:eb:9f:bc:e9:ac:9f:24:70:36:c8:c8:08:cd:c1:92:2a: a7:15:9d:92:ce:0e:a7:ff:c3:c5:0f:c8:44:6c:a3:3a:b1:1f: 0d:6b:ce:07:92:cb:a3:0c:6e:53:60:98:bb:82:e9:00:4e:a2: 0d:9b:70:44:af:f1:9c:92:a8:fd:05:fe:82:1f:9e:aa:d7:02: e8:bc:29:b1:65:61:cc:5b:d4:e1:ec:b1:b8:1c:bf:44:b7:64: 2a:15:38:73:92:26:bc:c4:a3:68:d6:2d:3d:ac:39:23:98:e1: 9a:fb:5f:24:68:e6:57:b7:21:56:71:03:ec:06:d0:d7:e5:af: ce:21:f0:b1:a9:38:0f:04:11:ce:2a:4b:0c:b1:b4:fb:4e:e3: ab:68:54:00 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCBYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzE3MjRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI0N0RGQTkyRkRDMTYx NUI0MTI1NDI5RTFDMTM2NDQzQzJEMjMwQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfn3fdRALcldVuCq+9wv/4a8q4JYLVO1M7gPU9u6+Kq42e3OCC rrj5hWc9CeMGp7SrC3kd0XGfmhE1B0RO1VSimI1z2UOmggVQtcCsVBUB8/P58KjU us7w1ZZl8qIXtVrTsf8vKe4p49EJXIV4mdZ/Onl2jPyTg6UugPh5VG/LdhszEYW6 G5XRRzlfUjcfb0EmOC6L7BHCg6wKG7Xh/iSY+3Dr+EWna2RMiGHgvM5y8OPN4cFy TmLCp5/VED47JuDJZn8tZwtOmA/yGjyT+Q4aKKTpG/3mOJNT+y8d1TRCnpn+fn1w iLUZBl4kYnt7zgdyI6g1BEG+6A/J2zJbEydFAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUJH36kv3BYVtBJUKeHBNkQ8LSMKgwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9KSDM2a3YzQllWdEJKVUtl SEJOa1E4TFNNS2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36CGMA0GCSqGSIb3DQEBCwUAA4IBAQBxLwUucB1yeUftVT1OpPBr/mWNFyHpZzfU O1bHy2EWOs/VbDpxgSdiN+WpddZRFbqREeKeFRdxbl1f37jG6fY9MUGPU9GAxMU7 PT5vT92lIZ/wOfsX4pVZK6H5dtrHx8UuY1LelR6UuU7r42GT0uufvOmsnyRwNsjI CM3BkiqnFZ2Szg6n/8PFD8hEbKM6sR8Na84HksujDG5TYJi7gukATqINm3BEr/Gc kqj9Bf6CH56q1wLovCmxZWHMW9Th7LG4HL9Et2QqFThzkia8xKNo1i09rDkjmOGa +18kaOZXtyFWcQPsBtDX5a/OIfCxqTgPBBHOKksMsbT7TuOraFQA -----END CERTIFICATE-----Generated at Wed Jun 4 01:23:01 2025 by rpki-client