$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/XkYdqGGYZeb2GUedt16ciUPW-xk.roa File: XkYdqGGYZeb2GUedt16ciUPW-xk.roa (raw, json) Hash identifier: Dc/gnMKBqI9uG6sbWVDCoGZvairhqYq6jkPCsE8XguA= Subject key identifier: 5E:46:1D:A8:61:98:65:E6:F6:19:47:9D:B7:5E:9C:89:43:D6:FB:19 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0833 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/XkYdqGGYZeb2GUedt16ciUPW-xk.roa Signing time: Fri 23 May 2025 07:41:07 +0000 ROA not before: Fri 23 May 2025 07:41:07 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 9808 IP address blocks: 223.161.244.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 00:39:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2099 (0x833) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:41:07 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=5E461DA8619865E6F619479DB75E9C8943D6FB19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:5b:f3:78:02:2a:19:76:2c:9f:a3:75:8d:8b: 73:be:13:91:28:56:1d:7d:41:ba:c6:3b:c1:f5:12: d4:d0:7a:f5:6f:69:1e:0d:72:a0:be:03:97:5e:ad: 16:de:95:7a:5e:76:c1:56:89:de:66:22:73:fd:33: 0b:c4:a9:d9:6b:dd:34:d2:a5:61:82:32:93:45:2b: aa:fc:2b:b9:33:e4:a3:1d:2e:1c:fe:c1:4b:ac:8b: ab:b7:f8:0b:55:e4:0a:a7:7b:97:30:4b:5b:da:8e: a6:6b:90:8d:dc:5b:89:89:c7:c5:d0:0a:f4:01:9c: 4b:0b:ec:75:e5:1c:c1:f9:de:37:ea:b9:42:e7:e0: 24:0f:28:70:d3:81:f9:aa:d0:9e:4f:8b:56:29:27: 21:20:f9:1d:58:1c:e4:e8:15:87:d8:c3:33:99:9f: b8:9a:2f:bd:9f:8f:fd:49:2f:e2:64:4b:da:9f:40: 7d:3e:62:e6:5c:f2:46:4a:42:35:13:a9:76:d3:10: d8:9d:74:5f:bc:01:8d:6a:6f:f2:49:9b:85:53:78: 6d:0a:2c:eb:64:37:cf:2d:54:a4:d5:d3:6e:9d:6e: d7:b7:34:96:8e:29:4b:04:50:05:e0:7c:ab:56:a2: 6d:dd:50:e1:05:50:56:44:65:50:8c:19:3e:0f:ff: f1:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:46:1D:A8:61:98:65:E6:F6:19:47:9D:B7:5E:9C:89:43:D6:FB:19 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/XkYdqGGYZeb2GUedt16ciUPW-xk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.161.244.0/23 Signature Algorithm: sha256WithRSAEncryption 45:4c:cb:42:f3:cc:53:7b:d1:18:20:e3:49:42:c4:1e:3a:cb: c6:1f:e3:50:1b:f8:8a:6e:7e:0d:77:f2:c2:03:16:a0:ae:01: e7:c7:fc:14:fc:af:cb:81:65:39:7f:c3:ef:c6:fd:b2:4b:63: 9a:79:98:1b:66:d2:5b:d2:73:73:70:f6:79:a1:5a:0b:ff:28: ef:b4:3e:68:e5:8d:cf:80:4f:0e:59:3f:fb:74:14:05:45:7a: 72:e6:0b:0b:9c:80:07:ee:58:7d:92:6b:4e:33:51:5c:14:04: 10:4e:94:04:9c:a7:ad:19:21:22:b1:ca:48:e9:29:69:6a:98: 3c:45:35:9d:0d:35:f9:8c:0e:84:d6:51:d3:05:b3:dc:ee:8e: 7e:7e:e9:be:55:38:4f:06:8c:20:54:56:0f:d3:f9:6b:2f:b5: 42:fd:e5:31:0d:13:28:b3:3e:4d:73:63:a1:0f:e0:09:34:40: 07:4c:1c:1d:13:fd:bd:69:24:11:a6:ae:77:bb:2b:ef:bd:4e: 66:aa:d6:9f:a1:6d:9c:aa:f2:e4:fe:61:4c:6e:9c:59:c4:b4: 63:fd:61:85:55:3f:02:91:93:7d:ed:49:54:ae:3b:47:6e:6b: 26:8b:89:b2:27:c6:1e:28:cd:45:89:be:32:58:a5:7c:26:b2: a6:33:75:49 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCDMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzQxMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVFNDYxREE4NjE5ODY1 RTZGNjE5NDc5REI3NUU5Qzg5NDNENkZCMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpW/N4AioZdiyfo3WNi3O+E5EoVh19QbrGO8H1EtTQevVvaR4N cqC+A5derRbelXpedsFWid5mInP9MwvEqdlr3TTSpWGCMpNFK6r8K7kz5KMdLhz+ wUusi6u3+AtV5Aqne5cwS1vajqZrkI3cW4mJx8XQCvQBnEsL7HXlHMH53jfquULn 4CQPKHDTgfmq0J5Pi1YpJyEg+R1YHOToFYfYwzOZn7iaL72fj/1JL+JkS9qfQH0+ YuZc8kZKQjUTqXbTENiddF+8AY1qb/JJm4VTeG0KLOtkN88tVKTV026dbte3NJaO KUsEUAXgfKtWom3dUOEFUFZEZVCMGT4P//G/AgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUXkYdqGGYZeb2GUedt16ciUPW+xkwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9Ya1lkcUdHWVplYjJHVWVk dDE2Y2lVUFcteGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36H0MA0GCSqGSIb3DQEBCwUAA4IBAQBFTMtC88xTe9EYIONJQsQeOsvGH+NQG/iK bn4Nd/LCAxagrgHnx/wU/K/LgWU5f8Pvxv2yS2OaeZgbZtJb0nNzcPZ5oVoL/yjv tD5o5Y3PgE8OWT/7dBQFRXpy5gsLnIAH7lh9kmtOM1FcFAQQTpQEnKetGSEiscpI 6Slpapg8RTWdDTX5jA6E1lHTBbPc7o5+fum+VThPBowgVFYP0/lrL7VC/eUxDRMo sz5Nc2OhD+AJNEAHTBwdE/29aSQRpq53uyvvvU5mqtafoW2cqvLk/mFMbpxZxLRj /WGFVT8CkZN97UlUrjtHbmsmi4myJ8YeKM1Fib4yWKV8JrKmM3VJ -----END CERTIFICATE-----Generated at Thu Jun 5 20:35:29 2025 by rpki-client