$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/VcIYvsAKh56nc3QpgpV3axumUKs.roa File: VcIYvsAKh56nc3QpgpV3axumUKs.roa (raw, json) Hash identifier: kV17UYWONAWrMuFbeSZ2HAHbFPfM7PmFhcbjl911f5w= Subject key identifier: 55:C2:18:BE:C0:0A:87:9E:A7:73:74:29:82:95:77:6B:1B:A6:50:AB Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 11ED Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/VcIYvsAKh56nc3QpgpV3axumUKs.roa Signing time: Tue 29 Apr 2025 17:02:25 +0000 ROA not before: Tue 29 Apr 2025 17:02:25 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:11:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4589 (0x11ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Apr 29 17:02:25 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=55C218BEC00A879EA77374298295776B1BA650AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:c6:45:83:fa:2a:1b:52:2f:b9:ce:30:b7:1f: 9e:c8:c1:15:b2:3d:d4:57:56:97:5f:b3:eb:9b:6c: 46:d4:90:7e:71:8b:4a:63:bf:8c:d9:2c:cb:ee:0c: 05:54:fa:9e:74:1c:00:6a:9b:a5:56:b8:92:56:53: 44:eb:db:2e:ea:98:25:57:3e:34:0c:20:f1:b9:ce: 4c:ce:be:50:6f:50:ee:67:0b:fd:e9:c9:f3:f7:03: 37:57:b2:5c:86:90:0c:1a:3b:94:d3:4c:3f:8d:02: ae:5d:fc:1a:36:5e:5b:7b:b3:df:f3:3b:1a:4e:3a: f3:6d:25:8c:99:79:c4:fe:99:00:ad:cc:ab:4b:e5: 42:bd:24:e5:70:fb:28:43:f5:87:3b:d9:76:92:86: 8f:a7:3f:87:3a:91:ac:4f:b1:60:0f:aa:4c:03:6c: 4e:df:f4:2f:e3:74:93:6c:67:d2:83:f0:d3:ed:8b: 0b:6e:d7:47:0b:14:84:db:7e:3f:19:5c:aa:87:bd: 4e:9b:24:bf:54:9e:97:a8:b4:f6:a2:37:f7:2a:ef: 73:1a:87:c9:7d:a8:cf:ef:14:45:fc:84:f4:f2:69: 27:ce:54:5f:c8:77:b3:2c:ab:2f:c6:58:c8:e5:f9: 2e:9c:29:ec:57:1a:f3:e1:97:6d:d3:b9:23:79:cc: c5:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:C2:18:BE:C0:0A:87:9E:A7:73:74:29:82:95:77:6B:1B:A6:50:AB X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/VcIYvsAKh56nc3QpgpV3axumUKs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.0.0/22 Signature Algorithm: sha256WithRSAEncryption 87:53:df:38:d9:2d:7a:9c:1b:bb:0a:e5:27:df:33:76:1f:86: ea:70:bc:5c:6a:99:54:d2:40:24:91:63:50:fe:ca:87:6d:41: db:62:39:5e:66:29:0b:c9:2c:21:38:08:5d:1f:3d:1d:01:32: aa:77:ed:ca:7d:dd:ff:5d:87:cd:42:4c:73:5a:cd:30:41:6b: e9:17:7e:5e:67:e3:8c:73:e1:b6:10:1e:fc:8a:26:ee:1f:76: 64:7a:a7:6f:9e:0c:f9:ac:88:7c:5b:ee:0e:a6:4d:29:85:87: 37:69:eb:c1:29:bb:d2:ab:07:d5:54:bb:36:26:f7:d1:90:14: 57:c2:e9:c5:50:c8:11:ea:c2:c3:75:0c:73:82:90:56:6e:63: 51:1e:93:22:d7:df:93:a9:92:de:c0:42:de:a2:c6:74:a5:75: 6a:8e:4c:e4:4c:ed:85:cf:0f:d0:84:20:4a:31:ca:d5:e6:67: b0:bb:6b:84:0c:d0:c7:9c:c8:b3:bc:4c:8e:a3:1d:54:cd:9e: d0:9c:3d:a5:b5:84:3a:81:4c:41:62:24:a5:ea:09:1f:78:29: 06:a7:ac:bd:a6:cf:df:52:ad:18:e5:09:cc:c2:66:bd:4f:c3: 35:d5:93:f9:71:f3:ad:f5:f2:91:53:92:88:23:56:f6:3e:5b: b4:15:f9:0b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA0Mjkx NzAyMjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDU1QzIxOEJFQzAwQTg3 OUVBNzczNzQyOTgyOTU3NzZCMUJBNjUwQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSxkWD+iobUi+5zjC3H57IwRWyPdRXVpdfs+ubbEbUkH5xi0pj v4zZLMvuDAVU+p50HABqm6VWuJJWU0Tr2y7qmCVXPjQMIPG5zkzOvlBvUO5nC/3p yfP3AzdXslyGkAwaO5TTTD+NAq5d/Bo2Xlt7s9/zOxpOOvNtJYyZecT+mQCtzKtL 5UK9JOVw+yhD9Yc72XaSho+nP4c6kaxPsWAPqkwDbE7f9C/jdJNsZ9KD8NPtiwtu 10cLFITbfj8ZXKqHvU6bJL9UnpeotPaiN/cq73Mah8l9qM/vFEX8hPTyaSfOVF/I d7Msqy/GWMjl+S6cKexXGvPhl23TuSN5zMULAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUVcIYvsAKh56nc3QpgpV3axumUKswHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1ZjSVl2c0FLaDU2bmMz UXBncFYzYXh1bVVLcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6AAwDQYJKoZIhvcNAQELBQADggEBAIdT3zjZLXqcG7sK5SffM3YfhupwvFxq mVTSQCSRY1D+yodtQdtiOV5mKQvJLCE4CF0fPR0BMqp37cp93f9dh81CTHNazTBB a+kXfl5n44xz4bYQHvyKJu4fdmR6p2+eDPmsiHxb7g6mTSmFhzdp68Epu9KrB9VU uzYm99GQFFfC6cVQyBHqwsN1DHOCkFZuY1EekyLX35Opkt7AQt6ixnSldWqOTORM 7YXPD9CEIEoxytXmZ7C7a4QM0MecyLO8TI6jHVTNntCcPaW1hDqBTEFiJKXqCR94 KQanrL2mz99SrRjlCczCZr1PwzXVk/lx86318pFTkogjVvY+W7QV+Qs= -----END CERTIFICATE-----Generated at Fri Jun 6 17:28:14 2025 by rpki-client