$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/623/uhE7JZutOBemnA4B93VEirDrC98.roa File: uhE7JZutOBemnA4B93VEirDrC98.roa (raw, json) Hash identifier: 3eVtJLdoXdqXrqE4Ga8pJoC8MzdA8SbgxV7FNdUWZus= Subject key identifier: BA:11:3B:25:9B:AD:38:17:A6:9C:0E:01:F7:75:44:8A:B0:EB:0B:DF Certificate issuer: /CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Certificate serial: 07EE Authority key identifier: DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/uhE7JZutOBemnA4B93VEirDrC98.roa Signing time: Fri 23 May 2025 07:21:02 +0000 ROA not before: Fri 23 May 2025 07:21:02 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 58834 IP address blocks: 202.168.160.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 21:38:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2030 (0x7ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DEBFC900EDC34F81DA4827F1F9F63D04E0E2F756 Validity Not Before: May 23 07:21:02 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=BA113B259BAD3817A69C0E01F775448AB0EB0BDF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:42:d0:29:74:80:2f:d0:97:2d:fe:5e:35:3a: 6b:99:ea:45:48:92:d6:c1:0a:e6:b6:e4:c2:7a:a6: b0:02:36:84:ed:97:87:9b:61:7a:5d:ce:17:f1:42: f3:7b:22:3d:71:83:ba:e4:ff:39:d0:d3:04:ab:5a: be:df:8f:b7:b1:0b:41:8c:a6:0e:dd:11:a9:e2:7e: be:20:9e:bc:15:fc:61:89:92:d2:28:40:b7:42:3b: 61:85:c3:7e:86:64:22:32:b9:65:a9:84:de:64:ff: 2b:2b:2e:34:90:fa:88:71:fa:42:85:3e:a9:05:9d: f7:59:2b:ba:1a:86:44:0d:ba:d3:05:74:9e:f3:bc: 31:65:1c:3d:3f:9f:da:61:5b:a0:33:d9:ec:91:30: 6f:ba:50:58:eb:d6:80:3c:34:55:45:8d:60:1e:43: 6c:75:9a:9f:62:41:7f:be:5c:a8:bb:31:d6:03:f4: ea:f4:b3:bc:fb:ca:59:e6:f6:40:42:b2:b6:10:c6: dd:a4:46:96:72:6a:d6:7f:e4:be:0d:55:2a:cf:63: 35:6d:43:65:0d:38:64:d1:16:ed:a1:09:11:e6:c7: 79:d7:56:5e:91:75:7f:08:90:20:28:74:97:da:e5: b8:53:f6:cd:35:f9:d8:b1:87:85:e4:02:32:41:bd: 17:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:11:3B:25:9B:AD:38:17:A6:9C:0E:01:F7:75:44:8A:B0:EB:0B:DF X509v3 Authority Key Identifier: keyid:DE:BF:C9:00:ED:C3:4F:81:DA:48:27:F1:F9:F6:3D:04:E0:E2:F7:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/3r_JAO3DT4HaSCfx-fY9BODi91Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3r_JAO3DT4HaSCfx-fY9BODi91Y.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/623/uhE7JZutOBemnA4B93VEirDrC98.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.168.160.0/19 Signature Algorithm: sha256WithRSAEncryption 4a:bc:66:4b:17:09:c6:d1:ad:ea:cd:ed:d9:55:9b:ed:f7:80: 68:91:51:27:e9:fa:e4:e4:5d:35:a8:61:e8:cc:65:37:bb:f0: 12:34:8f:4b:68:63:cb:0d:85:c0:23:c7:82:8b:ea:ac:e0:91: c8:20:59:b4:fc:46:50:cf:17:3b:d3:91:7b:bd:a2:07:a4:36: 31:5b:c2:c4:0b:3c:c1:3b:94:b0:ea:56:58:8e:06:cd:6a:7d: 5e:e1:28:43:fd:6d:1d:69:b6:75:7e:33:58:ed:40:12:f0:d6: 5d:15:1c:59:ae:d0:81:e4:a1:a0:28:0a:85:af:84:44:12:8e: 87:59:b6:91:8b:d2:76:bd:dd:e5:26:15:db:d7:60:fa:38:1a: ad:3a:c9:d0:8b:4c:4c:a6:fe:4c:c1:25:eb:97:e8:f0:b5:83: 4d:c7:64:71:b7:00:6f:e5:30:77:cd:34:70:a1:64:6d:b7:7d: da:4f:e0:d5:22:bf:c3:95:f5:2b:93:72:08:d8:6d:65:99:aa: 90:09:f2:ca:08:62:ac:0f:71:10:0b:6f:2a:99:6b:63:a9:d4: 20:46:d4:53:2f:3c:05:5f:98:bf:d5:6c:b2:05:fc:a9:5d:98: 2f:64:70:c5:5d:53:2b:b7:b4:7d:29:34:70:76:cd:73:2e:d9: e6:38:64:76 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICB+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREVC RkM5MDBFREMzNEY4MURBNDgyN0YxRjlGNjNEMDRFMEUyRjc1NjAeFw0yNTA1MjMw NzIxMDJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEJBMTEzQjI1OUJBRDM4 MTdBNjlDMEUwMUY3NzU0NDhBQjBFQjBCREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCQtApdIAv0Jct/l41OmuZ6kVIktbBCua25MJ6prACNoTtl4eb YXpdzhfxQvN7Ij1xg7rk/znQ0wSrWr7fj7exC0GMpg7dEanifr4gnrwV/GGJktIo QLdCO2GFw36GZCIyuWWphN5k/ysrLjSQ+ohx+kKFPqkFnfdZK7oahkQNutMFdJ7z vDFlHD0/n9phW6Az2eyRMG+6UFjr1oA8NFVFjWAeQ2x1mp9iQX++XKi7MdYD9Or0 s7z7ylnm9kBCsrYQxt2kRpZyatZ/5L4NVSrPYzVtQ2UNOGTRFu2hCRHmx3nXVl6R dX8IkCAodJfa5bhT9s01+dixh4XkAjJBvRfvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUuhE7JZutOBemnA4B93VEirDrC98wHwYDVR0jBBgwFoAU3r/JAO3DT4HaSCfx +fY9BODi91YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIz LzNyX0pBTzNEVDRIYVNDZngtZlk5Qk9EaTkxWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvM3JfSkFPM0RUNEhhU0NmeC1mWTlCT0RpOTFZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIzL3VoRTdKWnV0T0JlbW5B NEI5M1ZFaXJEckM5OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAXKqKAwDQYJKoZIhvcNAQELBQADggEBAEq8ZksXCcbRrerN7dlVm+33gGiRUSfp +uTkXTWoYejMZTe78BI0j0toY8sNhcAjx4KL6qzgkcggWbT8RlDPFzvTkXu9ogek NjFbwsQLPME7lLDqVliOBs1qfV7hKEP9bR1ptnV+M1jtQBLw1l0VHFmu0IHkoaAo CoWvhEQSjodZtpGL0na93eUmFdvXYPo4Gq06ydCLTEym/kzBJeuX6PC1g03HZHG3 AG/lMHfNNHChZG23fdpP4NUiv8OV9SuTcgjYbWWZqpAJ8soIYqwPcRALbyqZa2Op 1CBG1FMvPAVfmL/VbLIF/KldmC9kcMVdUyu3tH0pNHB2zXMu2eY4ZHY= -----END CERTIFICATE-----Generated at Thu Jun 5 20:28:27 2025 by rpki-client