$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/hzyxdbobNBJiH2AI6IPSNMN-LPk.roa File: hzyxdbobNBJiH2AI6IPSNMN-LPk.roa (raw, json) Hash identifier: P5Q3dLke/Z0XtSSdKl/Yt97P1rorDA4nvG1K5BbxlKc= Subject key identifier: 87:3C:B1:75:BA:1B:34:12:62:1F:60:08:E8:83:D2:34:C3:7E:2C:F9 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0835 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/hzyxdbobNBJiH2AI6IPSNMN-LPk.roa Signing time: Fri 23 May 2025 07:41:07 +0000 ROA not before: Fri 23 May 2025 07:41:07 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24444 IP address blocks: 223.161.252.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2101 (0x835) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:41:07 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=873CB175BA1B3412621F6008E883D234C37E2CF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:72:cf:92:16:56:e6:cd:0f:30:d4:ab:52:bf: e8:e3:d3:59:2e:6d:11:e0:01:b4:92:d7:5a:15:58: 3f:20:4e:77:2b:23:4f:17:26:f0:9d:74:b1:64:48: 65:ef:e5:ba:a9:d3:8d:93:ce:d7:90:41:58:be:95: 82:1b:a4:8c:3f:ee:7c:72:63:1b:f7:89:05:f8:8b: d1:09:1e:68:5c:8b:c4:8a:14:8c:a1:80:10:66:9d: 68:13:13:62:8e:be:2b:c0:a4:06:77:f1:ce:d4:82: c9:5f:b0:9b:9c:d7:1e:06:a6:f5:63:01:84:72:76: 3f:02:49:bb:90:cb:13:85:9f:dd:52:8f:b8:66:a6: ce:00:52:ff:e9:19:e1:fd:6b:43:0e:b3:52:b3:ba: b2:00:eb:ed:fe:cd:af:0b:23:fe:a7:e8:30:07:6f: 2c:32:fc:4e:bf:01:fd:57:ab:2e:4e:70:c1:7b:91: 47:c9:00:e2:62:0f:a8:c2:47:17:e6:7f:37:77:7f: c6:55:7c:a0:6c:e2:bf:e1:22:f9:d0:35:98:39:15: 47:74:e2:5d:66:8e:78:b6:fa:f1:5c:e4:fe:c9:04: 47:8a:7e:5a:3b:45:35:09:e1:31:8b:41:31:26:51: d4:7d:4d:60:b9:2a:ed:08:cf:bf:ee:90:f4:fe:4c: 80:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:3C:B1:75:BA:1B:34:12:62:1F:60:08:E8:83:D2:34:C3:7E:2C:F9 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/hzyxdbobNBJiH2AI6IPSNMN-LPk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.161.252.0/23 Signature Algorithm: sha256WithRSAEncryption 43:af:13:73:17:75:9e:ba:0d:5b:c5:d2:27:46:b4:c0:0b:9f: 04:70:eb:49:3f:19:b8:ca:db:05:d0:5d:c6:98:d9:5e:88:78: 9c:cb:99:ff:b8:7e:bf:35:ad:09:44:3c:15:07:14:0d:15:9b: a3:b2:55:c9:9d:27:27:ba:b9:01:23:7b:bd:08:9e:59:8f:2b: f2:15:c8:99:98:93:af:30:c9:70:a2:82:1d:7a:8f:a2:6f:e9: 68:90:f8:bc:8c:22:02:9c:7c:b8:da:66:f0:dc:1d:60:c0:e4: 0e:1b:14:fa:5a:13:aa:a9:cf:54:ad:e4:bd:c7:f6:23:37:d9: 63:e8:b6:12:af:34:de:55:28:1d:4a:d9:f9:ef:ec:af:58:1e: 24:85:e3:74:17:33:2c:14:bc:99:53:b4:c1:b5:7d:ef:cb:69: 65:54:34:6b:9b:76:28:5c:83:9f:ac:bf:77:f6:84:7c:26:15: 9f:4c:f2:62:77:41:1f:45:2f:b5:c9:78:5f:c3:34:81:20:73: 82:13:20:c5:eb:76:72:a4:8b:22:04:b3:0e:e7:a5:21:0b:06: 75:14:ea:be:ba:fb:68:71:ca:59:d2:43:b4:8e:02:7a:7f:b6: 1b:a0:18:e3:93:48:54:2d:22:0e:63:e7:50:9a:23:58:6e:23: b7:54:24:07 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCDUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzQxMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg3M0NCMTc1QkExQjM0 MTI2MjFGNjAwOEU4ODNEMjM0QzM3RTJDRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCWcs+SFlbmzQ8w1KtSv+jj01kubRHgAbSS11oVWD8gTncrI08X JvCddLFkSGXv5bqp042TzteQQVi+lYIbpIw/7nxyYxv3iQX4i9EJHmhci8SKFIyh gBBmnWgTE2KOvivApAZ38c7UgslfsJuc1x4GpvVjAYRydj8CSbuQyxOFn91Sj7hm ps4AUv/pGeH9a0MOs1KzurIA6+3+za8LI/6n6DAHbywy/E6/Af1Xqy5OcMF7kUfJ AOJiD6jCRxfmfzd3f8ZVfKBs4r/hIvnQNZg5FUd04l1mjni2+vFc5P7JBEeKflo7 RTUJ4TGLQTEmUdR9TWC5Ku0Iz7/ukPT+TIARAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUhzyxdbobNBJiH2AI6IPSNMN+LPkwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9oenl4ZGJvYk5CSmlIMkFJ NklQU05NTi1MUGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36H8MA0GCSqGSIb3DQEBCwUAA4IBAQBDrxNzF3Weug1bxdInRrTAC58EcOtJPxm4 ytsF0F3GmNleiHicy5n/uH6/Na0JRDwVBxQNFZujslXJnScnurkBI3u9CJ5Zjyvy FciZmJOvMMlwooIdeo+ib+lokPi8jCICnHy42mbw3B1gwOQOGxT6WhOqqc9UreS9 x/YjN9lj6LYSrzTeVSgdStn57+yvWB4kheN0FzMsFLyZU7TBtX3vy2llVDRrm3Yo XIOfrL939oR8JhWfTPJid0EfRS+1yXhfwzSBIHOCEyDF63ZypIsiBLMO56UhCwZ1 FOq+uvtoccpZ0kO0jgJ6f7YboBjjk0hULSIOY+dQmiNYbiO3VCQH -----END CERTIFICATE-----Generated at Wed Jun 4 00:57:39 2025 by rpki-client