$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/iQWwvROj4pSzmcQRUSv3c-ZtQcE.roa File: iQWwvROj4pSzmcQRUSv3c-ZtQcE.roa (raw, json) Hash identifier: gr28kn8CeT+Xb+RhdEnIJ+B1c/P7wiTWu150D4v2IvQ= Subject key identifier: 89:05:B0:BD:13:A3:E2:94:B3:99:C4:11:51:2B:F7:73:E6:6D:41:C1 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 082E Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/iQWwvROj4pSzmcQRUSv3c-ZtQcE.roa Signing time: Fri 23 May 2025 07:36:37 +0000 ROA not before: Fri 23 May 2025 07:36:37 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 9808 IP address blocks: 223.161.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2094 (0x82e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:36:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=8905B0BD13A3E294B399C411512BF773E66D41C1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:7e:f4:19:66:ab:aa:79:ab:f5:c6:49:de:36: bd:4f:cd:2d:4a:62:81:f4:04:47:63:b0:1b:3a:68: 0f:08:fb:8b:cb:73:80:f3:ed:13:d2:d6:52:45:f9: 30:e5:db:7e:e4:40:56:38:ff:6f:d4:15:59:44:c1: df:a7:79:2c:ff:d6:92:8b:ed:78:45:22:29:01:75: 71:d2:da:f3:c6:f1:3e:e0:e5:2b:59:d3:0e:fc:96: 2a:95:c2:74:43:a0:a3:42:c3:61:84:36:ab:ef:00: ae:b4:6e:7c:6f:51:80:aa:67:07:67:af:ce:37:ac: ba:9a:cf:8d:3b:80:ab:9b:b9:0b:6c:0d:c7:d8:d5: 51:b6:5c:47:bc:39:2d:4c:46:80:e9:30:23:bd:b8: 27:1c:63:2b:b4:63:7a:85:53:99:88:6f:9b:22:45: bc:6d:bd:9d:00:bf:92:93:d8:23:99:00:92:b2:8d: 26:5f:ba:dd:72:9b:61:6b:18:15:9b:9a:79:98:a5: 66:d4:bc:ff:c4:11:1a:41:bd:5d:76:aa:75:88:9a: c6:a2:9b:9d:6c:2f:9e:6f:a3:d9:bf:c8:d2:d0:4d: 2a:53:a4:60:c2:c4:49:43:29:16:5f:83:6c:33:82: 5b:b2:12:b0:e2:96:b1:c0:55:c3:24:f7:1b:e6:33: f2:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:05:B0:BD:13:A3:E2:94:B3:99:C4:11:51:2B:F7:73:E6:6D:41:C1 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/iQWwvROj4pSzmcQRUSv3c-ZtQcE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.161.212.0/22 Signature Algorithm: sha256WithRSAEncryption 85:d4:df:59:10:8d:b0:4c:4f:3b:e1:77:83:cf:96:13:d2:5e: 47:74:89:a2:f9:7d:60:3b:c6:ee:bf:b8:f0:25:2c:d6:f6:ba: 36:6a:58:d7:ee:90:5d:c0:8b:b6:9a:39:da:dd:00:20:d0:c9: fd:9e:96:c4:2f:18:04:e3:b0:b1:dd:d0:03:18:09:d7:3d:5d: 9b:da:63:2a:45:f5:75:a0:e2:d0:03:40:aa:f9:42:8b:5c:e5: b2:91:95:d7:3b:04:7e:56:51:6c:ce:91:8b:b6:ff:fa:8c:c5: 6e:f9:d9:52:4d:22:bb:70:56:de:ee:64:bc:8b:d1:4a:0f:2a: 39:b3:10:15:c9:c5:cb:fa:96:ed:2d:7c:64:59:c9:99:58:44: 3c:02:f1:15:94:3b:ea:75:8f:f7:3e:a9:26:2d:91:54:2d:e2: 42:f9:3b:da:9f:b1:19:5b:b2:74:1d:f2:98:45:05:34:37:fd: cb:2b:5c:16:39:4c:51:50:db:91:8b:d8:58:b1:b5:4d:00:15: 0a:3e:7a:0b:60:40:10:23:68:6a:9d:57:7b:5f:b4:4d:73:65: 71:1e:45:62:44:7a:6d:90:82:78:14:93:9c:50:ed:d6:58:52: 69:fa:39:1f:8f:83:2f:d2:88:c1:ad:92:ac:de:2f:9e:02:14: e3:a1:5f:a5 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzM2MzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg5MDVCMEJEMTNBM0Uy OTRCMzk5QzQxMTUxMkJGNzczRTY2RDQxQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDtfvQZZquqeav1xkneNr1PzS1KYoH0BEdjsBs6aA8I+4vLc4Dz 7RPS1lJF+TDl237kQFY4/2/UFVlEwd+neSz/1pKL7XhFIikBdXHS2vPG8T7g5StZ 0w78liqVwnRDoKNCw2GENqvvAK60bnxvUYCqZwdnr843rLqaz407gKubuQtsDcfY 1VG2XEe8OS1MRoDpMCO9uCccYyu0Y3qFU5mIb5siRbxtvZ0Av5KT2COZAJKyjSZf ut1ym2FrGBWbmnmYpWbUvP/EERpBvV12qnWImsaim51sL55vo9m/yNLQTSpTpGDC xElDKRZfg2wzgluyErDilrHAVcMk9xvmM/KjAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUiQWwvROj4pSzmcQRUSv3c+ZtQcEwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9pUVd3dlJPajRwU3ptY1FS VVN2M2MtWnRRY0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC 36HUMA0GCSqGSIb3DQEBCwUAA4IBAQCF1N9ZEI2wTE874XeDz5YT0l5HdImi+X1g O8buv7jwJSzW9ro2aljX7pBdwIu2mjna3QAg0Mn9npbELxgE47Cx3dADGAnXPV2b 2mMqRfV1oOLQA0Cq+UKLXOWykZXXOwR+VlFszpGLtv/6jMVu+dlSTSK7cFbe7mS8 i9FKDyo5sxAVycXL+pbtLXxkWcmZWEQ8AvEVlDvqdY/3PqkmLZFULeJC+Tvan7EZ W7J0HfKYRQU0N/3LK1wWOUxRUNuRi9hYsbVNABUKPnoLYEAQI2hqnVd7X7RNc2Vx HkViRHptkIJ4FJOcUO3WWFJp+jkfj4Mv0ojBrZKs3i+eAhTjoV+l -----END CERTIFICATE-----Generated at Wed Jun 4 00:59:02 2025 by rpki-client