$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/UKnEpu_7TQDxqomh1t0VKL7mRP0.roa File: UKnEpu_7TQDxqomh1t0VKL7mRP0.roa (raw, json) Hash identifier: oV/7ebQhrgEkCPghcVsYEGx/USOiFZHU0fs2+qg8yG0= Subject key identifier: 50:A9:C4:A6:EF:FB:4D:00:F1:AA:89:A1:D6:DD:15:28:BE:E6:44:FD Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1215 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UKnEpu_7TQDxqomh1t0VKL7mRP0.roa Signing time: Mon 05 May 2025 12:06:27 +0000 ROA not before: Mon 05 May 2025 12:06:27 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.108.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 04:40:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4629 (0x1215) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: May 5 12:06:27 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=50A9C4A6EFFB4D00F1AA89A1D6DD1528BEE644FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:68:cc:a9:c4:4d:2a:79:cd:2d:b0:9c:36:a6: 65:e7:75:0e:ec:38:7c:e3:8b:c7:92:f3:e0:55:d9: 48:a2:3d:bf:c3:94:b5:6d:91:9e:e3:e8:8d:63:c7: 69:6b:42:f2:3a:71:b8:ce:97:63:33:5b:2d:c0:3e: 61:ca:29:a6:4d:9e:a6:04:eb:22:e8:a7:ca:e6:27: 23:76:6e:58:42:8e:99:d3:e4:06:f9:a8:ed:67:fb: 1a:9e:c8:af:68:39:c2:b2:94:a8:82:89:16:d2:97: 10:26:1e:52:9d:07:b1:03:71:f1:42:7e:db:ff:6c: 42:ca:d5:58:68:d5:e7:52:d8:4c:cc:d9:81:0a:e7: 4b:64:2f:cc:57:32:b6:90:4c:ca:bd:70:df:05:6a: 3e:3f:0a:12:7b:de:67:34:ea:2e:50:8e:0b:ad:4d: 53:04:60:86:4f:9b:40:f4:a2:79:5c:d9:ce:d0:ad: ff:33:28:94:39:90:50:33:a7:6c:3a:96:e3:b1:de: d5:87:86:a7:5d:2f:7f:25:99:db:30:b9:24:62:15: 08:74:d6:c1:14:2f:ad:e0:91:a4:dd:1a:49:e9:94: c8:e9:bb:06:5b:f4:2c:98:1c:24:dd:98:8a:3b:97: 49:05:8e:d6:cd:c1:3d:01:32:e1:4f:13:d3:ed:dc: 3d:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:A9:C4:A6:EF:FB:4D:00:F1:AA:89:A1:D6:DD:15:28:BE:E6:44:FD X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/UKnEpu_7TQDxqomh1t0VKL7mRP0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.108.0/22 Signature Algorithm: sha256WithRSAEncryption 8a:24:87:db:b1:5c:7d:9a:71:67:33:7a:9b:db:cd:82:25:4d: 87:19:66:70:1f:2c:cc:1c:9b:ee:14:6f:86:62:e0:e3:80:fa: db:29:34:55:ef:8d:55:cf:bc:de:a4:76:37:eb:30:1d:4a:a6: 81:1b:fb:02:eb:af:61:64:ab:51:f2:e4:cf:e0:d2:6f:10:bc: ba:53:7f:9a:41:0f:24:e6:63:28:52:25:21:11:74:fc:f4:7c: 6a:34:6a:b6:cf:32:36:dd:fd:68:4f:fe:f2:3e:42:ec:2c:c8: 09:00:cf:e9:48:fa:3d:8f:4f:33:53:60:4f:6e:19:69:c2:53: f1:02:55:df:d9:c0:6d:54:3b:b6:f4:1e:86:bf:bf:86:fa:d7: a5:28:ea:1b:c3:26:a0:45:0d:f5:67:fd:58:59:23:2e:d1:03: 90:d3:ee:b3:b7:d4:a5:da:60:f2:13:a4:83:2d:ec:a2:c3:5c: 09:cd:a7:77:f1:e2:81:44:ef:87:b0:bc:76:aa:a3:53:fe:ea: d3:e8:66:57:7a:dd:78:fa:81:0a:06:a6:33:11:ef:63:a0:fb: 6b:50:69:b4:f9:4e:e4:d7:6f:d1:5f:25:94:66:48:ce:cf:a8: fd:8e:47:66:8f:3e:25:bb:bb:6f:41:cd:f0:9d:93:2f:22:96: f6:e0:57:c7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEhUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA1MDUx MjA2MjdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDUwQTlDNEE2RUZGQjRE MDBGMUFBODlBMUQ2REQxNTI4QkVFNjQ0RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeaMypxE0qec0tsJw2pmXndQ7sOHzji8eS8+BV2UiiPb/DlLVt kZ7j6I1jx2lrQvI6cbjOl2MzWy3APmHKKaZNnqYE6yLop8rmJyN2blhCjpnT5Ab5 qO1n+xqeyK9oOcKylKiCiRbSlxAmHlKdB7EDcfFCftv/bELK1Vho1edS2EzM2YEK 50tkL8xXMraQTMq9cN8Faj4/ChJ73mc06i5QjgutTVMEYIZPm0D0onlc2c7Qrf8z KJQ5kFAzp2w6luOx3tWHhqddL38lmdswuSRiFQh01sEUL63gkaTdGknplMjpuwZb 9CyYHCTdmIo7l0kFjtbNwT0BMuFPE9Pt3D2tAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUUKnEpu/7TQDxqomh1t0VKL7mRP0wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1VLbkVwdV83VFFEeHFv bWgxdDBWS0w3bVJQMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6GwwDQYJKoZIhvcNAQELBQADggEBAIokh9uxXH2acWczepvbzYIlTYcZZnAf LMwcm+4Ub4Zi4OOA+tspNFXvjVXPvN6kdjfrMB1KpoEb+wLrr2Fkq1Hy5M/g0m8Q vLpTf5pBDyTmYyhSJSERdPz0fGo0arbPMjbd/WhP/vI+QuwsyAkAz+lI+j2PTzNT YE9uGWnCU/ECVd/ZwG1UO7b0Hoa/v4b616Uo6hvDJqBFDfVn/VhZIy7RA5DT7rO3 1KXaYPITpIMt7KLDXAnNp3fx4oFE74ewvHaqo1P+6tPoZld63Xj6gQoGpjMR72Og +2tQabT5TuTXb9FfJZRmSM7PqP2OR2aPPiW7u29BzfCdky8ilvbgV8c= -----END CERTIFICATE-----Generated at Wed Jun 4 04:08:34 2025 by rpki-client