$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/501/lmXgnMAQGCosCvMVRXtiWNNYoXw.roa File: lmXgnMAQGCosCvMVRXtiWNNYoXw.roa (raw, json) Hash identifier: VpAgRnQqVaTrf0jqRvtqvgVAq4S5PgI+4vgaIE1exZw= Subject key identifier: 96:65:E0:9C:C0:10:18:2A:2C:0A:F3:15:45:7B:62:58:D3:58:A1:7C Certificate issuer: /CN=C572F996D9799F68FB3D559D895D0AF83B53C579 Certificate serial: 0C Authority key identifier: C5:72:F9:96:D9:79:9F:68:FB:3D:55:9D:89:5D:0A:F8:3B:53:C5:79 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xXL5ltl5n2j7PVWdiV0K-DtTxXk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/501/lmXgnMAQGCosCvMVRXtiWNNYoXw.roa Signing time: Wed 28 May 2025 06:35:43 +0000 ROA not before: Wed 28 May 2025 06:35:43 +0000 ROA not after: Tue 26 May 2026 10:30:48 +0000 asID: 4859 IP address blocks: 2404:c300::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/501/xXL5ltl5n2j7PVWdiV0K-DtTxXk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/501/xXL5ltl5n2j7PVWdiV0K-DtTxXk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xXL5ltl5n2j7PVWdiV0K-DtTxXk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:08:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12 (0xc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C572F996D9799F68FB3D559D895D0AF83B53C579 Validity Not Before: May 28 06:35:43 2025 GMT Not After : May 26 10:30:48 2026 GMT Subject: CN=9665E09CC010182A2C0AF315457B6258D358A17C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:31:12:06:e8:c3:35:45:58:f6:98:d0:7f:17: c2:f0:f2:12:96:7b:80:a5:f6:98:81:d5:d4:ed:17: d1:de:e3:38:d9:11:c7:36:42:f4:21:d8:91:93:da: 3a:db:cc:3e:c3:67:bd:47:fb:77:6c:49:c3:a0:45: 6c:07:f4:3a:11:33:c4:33:24:6a:22:47:63:6f:fa: ea:56:3a:4d:49:75:a3:61:5a:62:00:c8:43:ff:d1: fb:ba:f3:d2:b1:05:ac:2a:e8:ff:fb:12:2e:d7:c2: c7:f0:b3:ee:9f:7a:50:13:bb:5a:cd:cf:bb:7f:61: 1d:98:e5:58:f6:3e:97:e1:7c:91:b5:c6:5d:7e:d9: ad:fa:2f:af:ad:4e:48:84:17:11:5d:76:c1:eb:ef: a9:d1:65:d2:4a:63:6a:9d:84:e0:31:51:8d:76:6b: 77:91:ec:7a:60:ca:db:9d:7b:1e:96:38:11:71:6b: dd:4b:82:8e:4b:d0:0d:2f:26:81:2d:40:c3:d0:d9: 64:e1:95:0e:c4:0b:91:77:5f:c7:25:bd:a0:61:cf: a8:9a:61:04:b3:3f:2b:00:cb:21:af:08:9a:53:fa: ab:76:2d:cd:91:ed:d7:00:24:9e:90:0a:f3:0f:33: 29:c4:4e:ab:9d:8f:e4:04:0b:4f:89:be:b4:1e:28: 42:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:65:E0:9C:C0:10:18:2A:2C:0A:F3:15:45:7B:62:58:D3:58:A1:7C X509v3 Authority Key Identifier: keyid:C5:72:F9:96:D9:79:9F:68:FB:3D:55:9D:89:5D:0A:F8:3B:53:C5:79 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/501/xXL5ltl5n2j7PVWdiV0K-DtTxXk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xXL5ltl5n2j7PVWdiV0K-DtTxXk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/501/lmXgnMAQGCosCvMVRXtiWNNYoXw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2404:c300::/32 Signature Algorithm: sha256WithRSAEncryption 9e:7e:28:92:71:8e:77:92:6a:7e:2b:a1:25:7b:84:9a:99:43: 61:e1:e5:5f:9a:e5:0a:d1:96:a8:c9:41:3f:7a:7c:2a:9d:df: 93:9e:79:08:5b:93:a0:e6:b3:e7:7c:d8:e6:10:75:ad:a8:d9: eb:6b:a1:48:a4:d8:c9:a6:b4:87:35:0e:74:85:ee:63:a1:1f: 2c:c9:2f:ab:d3:d4:12:03:42:5c:df:ac:28:cf:d6:07:82:6f: a6:9f:bd:b0:f2:bd:21:e6:5c:db:d7:7a:9d:31:7e:3d:52:19: 70:b1:9b:b9:e1:94:71:72:d8:c3:db:85:0c:73:40:78:f6:1b: c9:9c:9f:73:b7:95:ef:1c:22:fa:44:48:97:47:a5:64:ff:07: f5:69:67:b1:82:bf:ca:08:b2:ea:d7:af:af:2e:56:10:00:ba: ad:a9:bc:8a:4b:bd:40:45:e1:1e:64:6c:cc:90:57:83:6b:ec: 93:54:aa:2e:b0:fa:3f:63:3c:c5:ab:36:e0:3d:88:e3:ec:11: 0f:4b:cb:13:fe:b8:9e:c0:19:a9:41:33:56:93:c0:c8:c9:77: f7:30:c8:aa:14:c0:13:a1:d5:6d:3f:74:7e:34:93:d1:18:66: 22:a2:e7:f0:8a:b0:97:c9:27:de:28:9f:3e:0b:4e:35:71:81: c9:2c:bd:44 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgIBDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhDNTcy Rjk5NkQ5Nzk5RjY4RkIzRDU1OUQ4OTVEMEFGODNCNTNDNTc5MB4XDTI1MDUyODA2 MzU0M1oXDTI2MDUyNjEwMzA0OFowMzExMC8GA1UEAxMoOTY2NUUwOUNDMDEwMTgy QTJDMEFGMzE1NDU3QjYyNThEMzU4QTE3QzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALUxEgbowzVFWPaY0H8XwvDyEpZ7gKX2mIHV1O0X0d7jONkRxzZC 9CHYkZPaOtvMPsNnvUf7d2xJw6BFbAf0OhEzxDMkaiJHY2/66lY6TUl1o2FaYgDI Q//R+7rz0rEFrCro//sSLtfCx/Cz7p96UBO7Ws3Pu39hHZjlWPY+l+F8kbXGXX7Z rfovr61OSIQXEV12wevvqdFl0kpjap2E4DFRjXZrd5HsemDK2517HpY4EXFr3UuC jkvQDS8mgS1Aw9DZZOGVDsQLkXdfxyW9oGHPqJphBLM/KwDLIa8ImlP6q3YtzZHt 1wAknpAK8w8zKcROq52P5AQLT4m+tB4oQm8CAwEAAaOCAfIwggHuMB0GA1UdDgQW BBSWZeCcwBAYKiwK8xVFe2JY01ihfDAfBgNVHSMEGDAWgBTFcvmW2XmfaPs9VZ2J XQr4O1PFeTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81MDEv eFhMNWx0bDVuMmo3UFZXZGlWMEstRHRUeFhrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC94WEw1bHRsNW4yajdQVldkaVYwSy1EdFR4WGsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81MDEvbG1YZ25NQVFHQ29zQ3ZN VlJYdGlXTk5Zb1h3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMF ACQEwwAwDQYJKoZIhvcNAQELBQADggEBAJ5+KJJxjneSan4roSV7hJqZQ2Hh5V+a 5QrRlqjJQT96fCqd35OeeQhbk6Dms+d82OYQda2o2etroUik2MmmtIc1DnSF7mOh HyzJL6vT1BIDQlzfrCjP1geCb6afvbDyvSHmXNvXep0xfj1SGXCxm7nhlHFy2MPb hQxzQHj2G8mcn3O3le8cIvpESJdHpWT/B/VpZ7GCv8oIsurXr68uVhAAuq2pvIpL vUBF4R5kbMyQV4Nr7JNUqi6w+j9jPMWrNuA9iOPsEQ9LyxP+uJ7AGalBM1aTwMjJ d/cwyKoUwBOh1W0/dH40k9EYZiKi5/CKsJfJJ94onz4LTjVxgcksvUQ= -----END CERTIFICATE-----Generated at Wed Jun 4 00:51:50 2025 by rpki-client