$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/8s_bHXEkGfDphZK40c_QLrHy7Is.roa File: 8s_bHXEkGfDphZK40c_QLrHy7Is.roa (raw, json) Hash identifier: AMCxQuJ5tzynj2ZxB3wziDhXYAJbbKRS+q8CIWOh1kg= Subject key identifier: F2:CF:DB:1D:71:24:19:F0:E9:85:92:B8:D1:CF:D0:2E:B1:F2:EC:8B Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1E8E Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/8s_bHXEkGfDphZK40c_QLrHy7Is.roa Signing time: Thu 05 Jun 2025 09:02:28 +0000 ROA not before: Thu 05 Jun 2025 09:02:27 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4847 IP address blocks: 202.65.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 14:39:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7822 (0x1e8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Jun 5 09:02:27 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F2CFDB1D712419F0E98592B8D1CFD02EB1F2EC8B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:4b:fa:69:4d:4d:ad:57:a4:5f:fc:99:ba:c0: 54:fa:aa:40:d9:f6:93:67:f6:e3:c7:a9:89:61:62: 25:6d:2e:e5:41:c4:6c:aa:5a:cf:ac:11:71:db:2e: 66:d9:f9:75:19:48:ed:a8:6e:1a:25:f3:c3:23:c7: de:44:0d:43:f1:7c:f8:4b:f9:bf:84:49:65:f6:2c: a0:dc:4d:33:39:98:6f:3c:f7:0a:88:17:d8:09:3f: d3:8e:38:dd:ee:16:f5:a7:11:01:e0:4a:65:f3:ce: aa:47:75:53:d5:d1:07:b6:1d:9a:6c:c7:d4:be:9b: d1:84:14:a4:4f:b2:24:e9:4d:8e:ef:77:fb:c6:72: 03:cd:fe:bf:7c:41:e2:cc:0c:a3:8b:49:be:a4:94: 1c:ad:d5:fa:0f:68:9f:03:ff:5a:e4:f5:08:23:64: a9:f0:40:f7:a1:a6:85:02:2a:8c:14:8d:3b:ae:29: 35:42:1c:c2:fb:92:09:1a:fa:c7:2e:2d:61:c3:19: fc:3f:62:fb:75:fe:19:ce:d7:92:48:1c:07:ad:ea: b8:c9:cb:40:99:04:45:39:7b:bb:41:7c:7d:d0:88: a5:57:ea:f6:e4:a9:8a:2c:83:6e:da:c9:ce:db:07: 94:a2:05:4c:48:2e:41:c7:96:df:d4:57:8b:42:f3: 39:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:CF:DB:1D:71:24:19:F0:E9:85:92:B8:D1:CF:D0:2E:B1:F2:EC:8B X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/8s_bHXEkGfDphZK40c_QLrHy7Is.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.65.96.0/24 Signature Algorithm: sha256WithRSAEncryption 99:9a:b4:51:24:02:b3:59:60:ee:81:e1:13:d9:b4:7c:4d:fe: 1c:2b:c0:29:b3:e7:90:ea:32:66:b7:58:ed:dd:50:f4:8d:78: 93:8b:1d:3b:4b:50:03:d8:a3:87:59:78:4a:ec:4e:f2:9f:02: f6:d8:67:6f:d8:f5:a8:53:f9:65:55:aa:33:46:ab:91:de:79: 8f:49:dc:62:1b:f5:d3:bf:15:05:fa:ea:5a:5c:6b:76:ae:41: 88:c3:19:1e:44:38:a3:65:33:ca:42:eb:b3:6b:b0:19:79:d4: 5e:ef:a0:1a:0a:1b:09:50:cb:e3:c9:78:dd:ab:1d:71:c7:43: f3:77:03:90:c4:90:27:a5:44:83:b4:01:42:2e:7c:a4:f0:e9: 10:6d:0c:a1:12:38:2d:57:52:00:9c:da:03:ff:2e:d7:9b:f9: 18:26:6c:81:83:f4:8f:a0:db:c8:60:ab:7b:62:2f:58:be:d7: 7a:cd:db:3a:2e:19:27:4c:e0:88:65:60:16:2d:bf:9f:b0:62: 34:02:5e:a4:74:29:10:e6:fc:30:54:3c:f2:9a:ff:ba:31:86: 18:33:f7:03:7a:13:29:37:3c:d8:48:ed:ed:9e:cf:1b:a3:1e: 6b:fd:ea:ed:d9:99:bd:22:77:57:5b:3d:7d:61:30:aa:a2:cd: 8c:a0:58:ee -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA2MDUw OTAyMjdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYyQ0ZEQjFENzEyNDE5 RjBFOTg1OTJCOEQxQ0ZEMDJFQjFGMkVDOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUS/ppTU2tV6Rf/Jm6wFT6qkDZ9pNn9uPHqYlhYiVtLuVBxGyq Ws+sEXHbLmbZ+XUZSO2obhol88Mjx95EDUPxfPhL+b+ESWX2LKDcTTM5mG889wqI F9gJP9OOON3uFvWnEQHgSmXzzqpHdVPV0Qe2HZpsx9S+m9GEFKRPsiTpTY7vd/vG cgPN/r98QeLMDKOLSb6klByt1foPaJ8D/1rk9QgjZKnwQPehpoUCKowUjTuuKTVC HML7kgka+scuLWHDGfw/Yvt1/hnO15JIHAet6rjJy0CZBEU5e7tBfH3QiKVX6vbk qYosg27ayc7bB5SiBUxILkHHlt/UV4tC8znpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU8s/bHXEkGfDphZK40c/QLrHy7IswHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxLzhzX2JIWEVrR2ZEcGha SzQwY19RTHJIeTdJcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKQWAwDQYJKoZIhvcNAQELBQADggEBAJmatFEkArNZYO6B4RPZtHxN/hwrwCmz 55DqMma3WO3dUPSNeJOLHTtLUAPYo4dZeErsTvKfAvbYZ2/Y9ahT+WVVqjNGq5He eY9J3GIb9dO/FQX66lpca3auQYjDGR5EOKNlM8pC67NrsBl51F7voBoKGwlQy+PJ eN2rHXHHQ/N3A5DEkCelRIO0AUIufKTw6RBtDKESOC1XUgCc2gP/Lteb+RgmbIGD 9I+g28hgq3tiL1i+13rN2zouGSdM4IhlYBYtv5+wYjQCXqR0KRDm/DBUPPKa/7ox hhgz9wN6Eyk3PNhI7e2ezxujHmv96u3Zmb0id1dbPX1hMKqizYygWO4= -----END CERTIFICATE-----Generated at Sun Jun 8 13:47:06 2025 by rpki-client