$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/lqFbqSBdJa1ubJFrR4J91BhL0rs.roa File: lqFbqSBdJa1ubJFrR4J91BhL0rs.roa (raw, json) Hash identifier: yBosI+UpQHkCPjyAMgwJ1jkW24IOiDg5hBvFHXWbnfw= Subject key identifier: 96:A1:5B:A9:20:5D:25:AD:6E:6C:91:6B:47:82:7D:D4:18:4B:D2:BB Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0821 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/lqFbqSBdJa1ubJFrR4J91BhL0rs.roa Signing time: Fri 23 May 2025 07:36:32 +0000 ROA not before: Fri 23 May 2025 07:36:32 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 9808 IP address blocks: 223.161.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2081 (0x821) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:36:32 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=96A15BA9205D25AD6E6C916B47827DD4184BD2BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:43:d8:9f:41:31:ab:c2:f2:f4:11:7e:ae:0a: 5c:d0:1c:d8:d5:13:58:6d:43:a1:dc:0d:8a:37:1a: 63:db:f1:82:6c:89:b8:81:b2:e6:f4:38:8e:24:dd: 2e:1f:11:f0:20:8b:4f:6d:dd:16:71:31:aa:6a:98: 4a:2a:05:08:bd:71:95:33:c1:13:7a:4f:d5:88:b9: 97:f7:f4:e2:e8:82:2f:c4:b7:fd:a5:52:4a:d8:49: 90:1b:84:80:58:ce:e2:a4:98:02:34:9c:45:50:56: c0:f0:a8:75:1e:63:fd:d3:c6:13:8b:88:d5:6f:d4: c0:ab:92:a0:28:4a:8a:25:08:4a:56:95:49:27:cc: fa:3b:12:5f:85:54:08:bc:f6:69:4d:59:49:c1:3a: 25:91:79:50:c5:65:21:12:fd:cc:5e:66:78:b6:b2: 35:65:ea:4b:a4:fb:11:16:a0:72:82:9e:ef:13:11: bc:c1:10:4c:44:d4:7a:55:dd:75:97:f9:fc:c0:2a: 27:68:3a:43:58:3f:aa:46:77:b1:ea:c1:3d:80:51: 71:13:a4:f3:8d:dc:9c:e8:21:ee:72:b3:a5:a6:e3: eb:bf:ac:d0:66:66:79:02:01:26:df:2e:e2:97:14: 29:37:b1:67:6e:43:1b:2c:12:31:48:fd:65:bf:ad: bd:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:A1:5B:A9:20:5D:25:AD:6E:6C:91:6B:47:82:7D:D4:18:4B:D2:BB X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/lqFbqSBdJa1ubJFrR4J91BhL0rs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.161.240.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:51:cc:fc:e3:6a:62:a7:e2:d3:cc:f1:47:d3:eb:99:c7:12: b3:cc:88:a1:96:2e:f4:68:db:12:d1:e4:16:3e:b5:bc:41:12: ee:f3:0e:6d:53:99:3e:d1:a1:14:40:4a:f2:80:5c:a8:42:5c: d4:61:da:21:1f:06:5d:78:84:eb:d4:81:e6:75:d7:a5:4e:54: 5e:b7:e5:7c:eb:05:8b:8c:99:49:27:6c:65:c9:02:e0:53:84: 52:e3:65:6f:92:e6:e9:3c:ce:d8:a4:5a:ba:f9:9f:34:a1:b0: f1:1c:33:a6:a9:d9:02:97:3e:6c:3e:86:77:c1:34:df:16:23: 58:d9:27:ba:9c:db:aa:1a:9b:da:44:a4:aa:38:bf:ee:d4:d9: aa:1d:96:4a:b4:9d:80:dd:24:ba:f8:0b:5c:b2:a0:5c:29:3a: 47:e9:d2:1e:93:eb:37:e6:bd:68:4a:69:75:43:11:38:62:89: 15:0a:84:68:e9:f0:1c:4a:34:3f:38:50:8f:5a:f8:ad:af:8b: 15:6e:09:c0:eb:c9:14:dc:20:43:0a:8b:26:d9:c1:d3:61:28: 75:5e:d0:ec:86:f3:8d:c4:ed:f0:d2:6f:4a:3d:70:1e:e3:a8: 9e:24:5c:46:93:a7:8d:e9:09:aa:ed:6b:26:10:cc:74:95:3b: e8:10:ad:86 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCCEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzM2MzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDk2QTE1QkE5MjA1RDI1 QUQ2RTZDOTE2QjQ3ODI3REQ0MTg0QkQyQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAQ9ifQTGrwvL0EX6uClzQHNjVE1htQ6HcDYo3GmPb8YJsibiB sub0OI4k3S4fEfAgi09t3RZxMapqmEoqBQi9cZUzwRN6T9WIuZf39OLogi/Et/2l UkrYSZAbhIBYzuKkmAI0nEVQVsDwqHUeY/3TxhOLiNVv1MCrkqAoSoolCEpWlUkn zPo7El+FVAi89mlNWUnBOiWReVDFZSES/cxeZni2sjVl6kuk+xEWoHKCnu8TEbzB EExE1HpV3XWX+fzAKidoOkNYP6pGd7HqwT2AUXETpPON3JzoIe5ys6Wm4+u/rNBm ZnkCASbfLuKXFCk3sWduQxssEjFI/WW/rb1xAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUlqFbqSBdJa1ubJFrR4J91BhL0rswHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9scUZicVNCZEphMXViSkZy UjRKOTFCaEwwcnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC 36HwMA0GCSqGSIb3DQEBCwUAA4IBAQAvUcz842pip+LTzPFH0+uZxxKzzIihli70 aNsS0eQWPrW8QRLu8w5tU5k+0aEUQErygFyoQlzUYdohHwZdeITr1IHmddelTlRe t+V86wWLjJlJJ2xlyQLgU4RS42VvkubpPM7YpFq6+Z80obDxHDOmqdkClz5sPoZ3 wTTfFiNY2Se6nNuqGpvaRKSqOL/u1NmqHZZKtJ2A3SS6+AtcsqBcKTpH6dIek+s3 5r1oSml1QxE4YokVCoRo6fAcSjQ/OFCPWvitr4sVbgnA68kU3CBDCosm2cHTYSh1 XtDshvONxO3w0m9KPXAe46ieJFxGk6eN6Qmq7WsmEMx0lTvoEK2G -----END CERTIFICATE-----Generated at Wed Jun 4 01:30:53 2025 by rpki-client