$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/ThcL-VrN2Ud8GgWOdSHkx2CQUec.roa File: ThcL-VrN2Ud8GgWOdSHkx2CQUec.roa (raw, json) Hash identifier: 2x/QEhlPhoFNg0i5fLOw8Gow2tx2hTsnDQPDTNLngLk= Subject key identifier: 4E:17:0B:F9:5A:CD:D9:47:7C:1A:05:8E:75:21:E4:C7:60:90:51:E7 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 080A Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/ThcL-VrN2Ud8GgWOdSHkx2CQUec.roa Signing time: Fri 23 May 2025 07:17:20 +0000 ROA not before: Fri 23 May 2025 07:17:20 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 56044 IP address blocks: 223.160.148.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2058 (0x80a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:17:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=4E170BF95ACDD9477C1A058E7521E4C7609051E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:73:a9:76:43:a9:13:55:15:fd:01:18:34:67: cd:7a:b8:91:22:90:bd:d6:12:90:d6:86:9d:88:64: 3d:46:97:24:85:06:fa:cc:89:13:0b:c9:c4:21:a4: a9:88:e0:24:72:8f:09:14:48:76:b2:19:ff:f2:ee: e7:cc:bc:b7:1a:f2:b6:0f:5f:20:be:6c:9a:27:b2: d2:87:f7:04:6e:0d:d4:52:29:02:94:cb:5a:5e:b1: b3:33:3c:5e:b3:7f:5e:b6:33:89:f5:1a:67:7e:7d: f3:53:37:7a:ae:d8:87:14:4b:8b:48:f6:c0:2d:6d: 22:32:73:89:21:f1:b9:3d:13:e6:94:31:04:cb:7b: d9:78:1d:34:c2:4b:5f:99:f7:47:bc:82:62:a1:a2: a4:52:4a:c9:61:30:60:f4:15:98:d8:84:d4:2c:b6: 23:48:76:71:e4:a2:c0:98:c8:43:50:4f:ab:21:79: ae:19:e7:99:e7:f6:ef:a1:42:8d:d8:16:7d:52:08: 61:5d:db:3b:f4:94:9f:3d:1f:0d:14:21:46:c0:41: 5e:cd:79:e8:45:ba:56:a6:e3:44:58:c2:c8:20:c5: 46:41:78:cd:7a:f6:81:de:5b:13:8a:a9:71:68:3d: ce:01:c6:ca:d6:98:f7:b8:20:40:bc:da:9f:10:7f: 91:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:17:0B:F9:5A:CD:D9:47:7C:1A:05:8E:75:21:E4:C7:60:90:51:E7 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/ThcL-VrN2Ud8GgWOdSHkx2CQUec.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.148.0/22 Signature Algorithm: sha256WithRSAEncryption 24:8d:27:d9:05:5c:34:65:e2:fd:ae:a5:1f:b7:25:35:f7:07: 98:2e:eb:6e:f0:b2:da:5a:a5:07:6e:e7:f0:55:d8:78:e5:6c: d3:bc:9b:14:a2:4a:d8:2a:dc:f6:c3:d6:86:d2:95:f6:28:01: 4f:07:90:6b:76:d1:01:9b:4f:b2:9d:2f:e7:0f:75:ac:78:26: 00:e6:cd:6b:83:a2:2f:1f:2f:09:e7:81:64:70:55:75:30:d6: 30:f3:77:13:56:5a:cc:10:1c:9e:d8:44:1e:5c:c0:83:3a:71: 8b:f0:5f:c8:74:ed:c6:c7:5a:7a:62:1a:98:fb:c5:29:eb:17: 9f:4f:2f:05:5c:15:5a:84:c7:82:bf:8a:36:55:30:14:e9:50: 12:c8:9b:0f:ed:08:8e:d4:ff:9a:9c:d0:4e:0c:42:82:a5:05: f1:6a:54:08:33:60:79:d0:e7:64:2c:b5:b0:5f:51:e5:f7:5d: f0:46:0d:94:79:b3:23:8c:b3:ea:06:85:ff:9b:ab:f5:e0:e7: 23:c2:1b:8b:72:4a:fb:3c:97:3e:49:ad:b0:e2:46:e9:05:69: 24:79:d9:35:f0:80:8c:7f:47:76:15:c6:26:9f:28:1e:ac:4f: 84:88:42:94:77:98:e5:09:de:98:62:64:79:77:b7:67:d6:93: d7:dd:ff:a6 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCAowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzE3MjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRFMTcwQkY5NUFDREQ5 NDc3QzFBMDU4RTc1MjFFNEM3NjA5MDUxRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcc6l2Q6kTVRX9ARg0Z816uJEikL3WEpDWhp2IZD1GlySFBvrM iRMLycQhpKmI4CRyjwkUSHayGf/y7ufMvLca8rYPXyC+bJonstKH9wRuDdRSKQKU y1pesbMzPF6zf162M4n1Gmd+ffNTN3qu2IcUS4tI9sAtbSIyc4kh8bk9E+aUMQTL e9l4HTTCS1+Z90e8gmKhoqRSSslhMGD0FZjYhNQstiNIdnHkosCYyENQT6shea4Z 55nn9u+hQo3YFn1SCGFd2zv0lJ89Hw0UIUbAQV7NeehFulam40RYwsggxUZBeM16 9oHeWxOKqXFoPc4BxsrWmPe4IEC82p8Qf5ErAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUThcL+VrN2Ud8GgWOdSHkx2CQUecwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9UaGNMLVZyTjJVZDhHZ1dP ZFNIa3gyQ1FVZWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC 36CUMA0GCSqGSIb3DQEBCwUAA4IBAQAkjSfZBVw0ZeL9rqUftyU19weYLutu8LLa WqUHbufwVdh45WzTvJsUokrYKtz2w9aG0pX2KAFPB5BrdtEBm0+ynS/nD3WseCYA 5s1rg6IvHy8J54FkcFV1MNYw83cTVlrMEBye2EQeXMCDOnGL8F/IdO3Gx1p6YhqY +8Up6xefTy8FXBVahMeCv4o2VTAU6VASyJsP7QiO1P+anNBODEKCpQXxalQIM2B5 0OdkLLWwX1Hl913wRg2UebMjjLPqBoX/m6v14OcjwhuLckr7PJc+Sa2w4kbpBWkk edk18ICMf0d2FcYmnygerE+EiEKUd5jlCd6YYmR5d7dn1pPX3f+m -----END CERTIFICATE-----Generated at Wed Jun 4 01:23:15 2025 by rpki-client