$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/wCERb8eOnK-60IIcnJ-3yQW-Aho.roa File: wCERb8eOnK-60IIcnJ-3yQW-Aho.roa (raw, json) Hash identifier: qTo0JtijhUxdq2rz8W6Sc3BbL19JTjJpaGH7VnK7kMY= Subject key identifier: C0:21:11:6F:C7:8E:9C:AF:BA:D0:82:1C:9C:9F:B7:C9:05:BE:02:1A Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 080E Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/wCERb8eOnK-60IIcnJ-3yQW-Aho.roa Signing time: Fri 23 May 2025 07:17:22 +0000 ROA not before: Fri 23 May 2025 07:17:22 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 9808 IP address blocks: 223.160.216.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2062 (0x80e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:17:22 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=C021116FC78E9CAFBAD0821C9C9FB7C905BE021A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:19:be:ad:d2:8d:81:95:0d:e1:3c:a0:e4:fd: 1d:71:f2:69:1d:96:60:fa:59:c7:bf:3c:21:8f:b6: 6c:65:cf:b4:14:b7:78:9a:53:91:5e:66:68:0b:af: ac:53:fa:c1:bc:57:75:49:0b:8e:2b:a2:60:79:f0: 48:3d:4d:62:62:26:f1:51:da:aa:25:8d:b0:ff:50: 70:fc:5b:0c:74:aa:5c:c3:7a:be:20:16:e7:95:5c: b8:9c:2c:33:a8:7b:64:98:bd:2c:9e:11:18:da:93: ea:df:6c:25:cf:04:d4:84:b2:36:18:db:f4:db:56: c2:8f:39:89:b5:ed:d5:fa:3f:4d:9e:47:13:d9:48: e8:eb:29:64:61:e3:4b:f9:72:80:55:a8:52:50:8d: ed:c5:92:dd:bf:02:2f:3b:c5:f4:3a:7d:0a:c5:e0: 42:ef:97:31:bb:66:6f:40:6d:e9:90:cf:01:ab:a5: 83:ac:db:fa:c4:0e:a5:89:d1:65:d4:26:d4:65:a3: 00:9f:d4:6d:de:40:1d:a6:98:41:41:85:b5:22:2f: ac:5e:5d:69:f6:f8:38:0e:7c:5e:0e:34:18:1a:75: df:16:58:f0:f6:97:69:57:c7:10:e4:d1:99:5b:46: ac:fa:76:10:0b:30:91:9c:7e:ec:cb:e8:d1:3a:0e: 41:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:21:11:6F:C7:8E:9C:AF:BA:D0:82:1C:9C:9F:B7:C9:05:BE:02:1A X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/wCERb8eOnK-60IIcnJ-3yQW-Aho.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.160.216.0/21 Signature Algorithm: sha256WithRSAEncryption 53:6a:88:d5:f8:fe:27:a3:36:fa:f9:cc:96:44:ca:52:9d:2a: 48:18:14:04:ca:89:5a:3e:a7:35:83:cd:81:88:c0:bc:d6:e7: 87:84:25:c4:0d:4e:d3:24:5e:3d:0f:c7:1b:53:ec:29:2c:b9: 11:fa:a2:34:c7:01:fc:e5:6b:17:f9:d0:96:77:50:09:c6:2c: 23:19:e2:c7:76:2c:12:c1:06:17:a1:f9:86:69:f0:fa:0b:06: 92:04:eb:cb:bf:02:46:1b:99:18:b2:e3:d7:9f:82:ba:3f:9c: 16:3a:d5:73:7d:65:09:80:5a:77:b9:d8:7b:09:13:e2:31:53: fd:4e:c5:2b:2b:0c:3a:f6:a7:62:d8:40:37:03:67:17:fa:5d: c3:99:01:f4:3a:ca:63:f2:1c:92:2a:80:b6:3c:67:b8:a2:bb: dc:c9:39:65:53:30:fd:4d:db:cb:da:d7:8a:53:50:d8:52:55: b7:fa:dc:0d:2b:ef:c0:33:f8:86:07:9f:49:91:75:9f:3a:04: 13:3f:4c:6a:85:44:aa:e7:36:86:ee:4f:e3:bf:9e:e8:c3:16: c2:8a:11:f1:d7:62:d8:48:6d:04:8d:91:7f:05:ce:27:5c:92: 3e:b8:c6:25:c7:72:b2:a1:43:e5:27:c7:7a:a4:ee:f3:b5:4d: 58:ef:af:71 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzE3MjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEMwMjExMTZGQzc4RTlD QUZCQUQwODIxQzlDOUZCN0M5MDVCRTAyMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDyGb6t0o2BlQ3hPKDk/R1x8mkdlmD6Wce/PCGPtmxlz7QUt3ia U5FeZmgLr6xT+sG8V3VJC44romB58Eg9TWJiJvFR2qoljbD/UHD8Wwx0qlzDer4g FueVXLicLDOoe2SYvSyeERjak+rfbCXPBNSEsjYY2/TbVsKPOYm17dX6P02eRxPZ SOjrKWRh40v5coBVqFJQje3Fkt2/Ai87xfQ6fQrF4ELvlzG7Zm9AbemQzwGrpYOs 2/rEDqWJ0WXUJtRlowCf1G3eQB2mmEFBhbUiL6xeXWn2+DgOfF4ONBgadd8WWPD2 l2lXxxDk0ZlbRqz6dhALMJGcfuzL6NE6DkFvAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUwCERb8eOnK+60IIcnJ+3yQW+AhowHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy93Q0VSYjhlT25LLTYwSUlj bkotM3lRVy1BaG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD 36DYMA0GCSqGSIb3DQEBCwUAA4IBAQBTaojV+P4nozb6+cyWRMpSnSpIGBQEyola Pqc1g82BiMC81ueHhCXEDU7TJF49D8cbU+wpLLkR+qI0xwH85WsX+dCWd1AJxiwj GeLHdiwSwQYXofmGafD6CwaSBOvLvwJGG5kYsuPXn4K6P5wWOtVzfWUJgFp3udh7 CRPiMVP9TsUrKww69qdi2EA3A2cX+l3DmQH0Ospj8hySKoC2PGe4orvcyTllUzD9 TdvL2teKU1DYUlW3+twNK+/AM/iGB59JkXWfOgQTP0xqhUSq5zaG7k/jv57owxbC ihHx12LYSG0EjZF/Bc4nXJI+uMYlx3KyoUPlJ8d6pO7ztU1Y769x -----END CERTIFICATE-----Generated at Wed Jun 4 00:52:45 2025 by rpki-client