$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/64/HHip6xGy3KjEAMb_7wUxr4yVUQM.roa File: HHip6xGy3KjEAMb_7wUxr4yVUQM.roa (raw, json) Hash identifier: VpCNBNNgdvIc1ysg1ppt9KGLdfl82u7emNBYfkXFK/4= Subject key identifier: 1C:78:A9:EB:11:B2:DC:A8:C4:00:C6:FF:EF:05:31:AF:8C:95:51:03 Certificate issuer: /CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Certificate serial: 05 Authority key identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/HHip6xGy3KjEAMb_7wUxr4yVUQM.roa Signing time: Mon 26 May 2025 00:46:36 +0000 ROA not before: Mon 26 May 2025 00:46:36 +0000 ROA not after: Tue 26 May 2026 00:40:26 +0000 asID: 9803 IP address blocks: 211.150.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 01:38:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Validity Not Before: May 26 00:46:36 2025 GMT Not After : May 26 00:40:26 2026 GMT Subject: CN=1C78A9EB11B2DCA8C400C6FFEF0531AF8C955103 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:6c:fa:28:0f:06:e7:c5:41:a7:cd:d3:2f:f5: 95:01:b9:92:e9:9f:81:f5:a5:de:f8:e2:a0:7f:8d: ed:08:ee:12:e1:f7:18:db:f2:6a:d4:24:23:35:e0: 88:d7:0b:c2:c2:f5:b1:3a:69:a9:51:8d:55:0c:27: 64:d5:a4:3c:8b:6a:e8:ed:47:17:a4:14:7e:27:f6: c2:7a:58:71:f7:21:f0:29:77:87:7a:2f:22:50:7f: 3d:0c:8b:c6:c5:73:e5:39:0c:47:81:b0:d1:84:b3: 94:a4:e2:95:be:13:9e:45:dc:80:b9:17:9c:1f:43: 00:c3:ab:b8:d4:ca:d1:5c:9a:c0:48:d8:fd:13:d0: df:79:91:7f:d9:26:b3:e1:6d:bd:d4:f9:1a:e3:df: 41:fa:b3:49:4b:fa:da:3d:3e:ff:9e:91:13:1d:2e: bf:7e:da:4a:49:df:15:97:8b:d0:57:a5:c9:22:ba: 5e:c2:a7:ed:4f:1f:14:f1:4e:b0:65:f1:b2:b2:b8: 1b:49:06:0e:35:6e:f2:bf:4a:6c:68:39:eb:8c:6f: 69:69:85:ad:b1:25:c8:6c:24:55:d8:67:cc:fd:34: 6b:60:1c:b1:cf:09:87:4f:87:26:b2:a1:34:9f:fe: c9:a3:02:01:9a:a1:d6:80:36:24:9b:c6:f9:d5:94: f4:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:78:A9:EB:11:B2:DC:A8:C4:00:C6:FF:EF:05:31:AF:8C:95:51:03 X509v3 Authority Key Identifier: keyid:5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/HHip6xGy3KjEAMb_7wUxr4yVUQM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.150.122.0/24 Signature Algorithm: sha256WithRSAEncryption 6a:c6:b7:a1:8d:03:a3:a9:f1:98:0c:b5:37:4c:29:16:f8:6b: 75:bf:0d:50:12:90:62:fb:39:d0:31:90:e5:82:1e:a2:d8:38: 87:e3:22:4f:6d:48:c3:a4:4d:c1:a6:41:f7:6e:eb:b1:3c:96: 15:eb:a1:d3:f0:fa:45:bf:80:f9:b4:ec:f9:1a:97:d3:0e:6d: 3a:2b:a7:18:d2:ea:82:e3:54:ad:d4:68:3a:02:03:3d:ea:a1: eb:32:29:0e:87:ec:25:e0:be:b6:c4:a7:8e:75:4a:38:d6:e4: 4b:82:41:45:4e:25:9e:b2:1f:3e:fe:7e:78:52:bc:ca:1b:1f: 3b:dd:d6:69:a8:a9:37:82:63:23:74:53:fd:ab:c9:9b:98:fd: 06:1a:2f:bd:dc:4f:11:db:41:30:19:18:e4:6c:ff:b0:cd:09: 76:c7:a4:af:47:14:ea:5e:2e:42:8a:b2:94:28:e6:6d:d6:8a: 7b:43:80:64:8c:d1:3e:89:72:68:4d:98:45:22:a0:cd:6e:55: c0:3a:94:88:3f:8f:39:55:28:6f:9f:70:72:b3:a4:ea:d6:8c: 2a:5f:85:31:e3:df:98:f2:81:3d:30:a6:1c:8c:ed:05:1d:72: 6a:ce:32:a5:68:f9:c4:15:8a:92:9c:de:a7:90:81:23:50:af: c5:9a:e9:df -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RUI4 QzU3RDcyRjc5NDZERDdCMjQyMDU5OTI4OEVDQTE1M0NCNzA5MB4XDTI1MDUyNjAw NDYzNloXDTI2MDUyNjAwNDAyNlowMzExMC8GA1UEAxMoMUM3OEE5RUIxMUIyRENB OEM0MDBDNkZGRUYwNTMxQUY4Qzk1NTEwMzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMNs+igPBufFQafN0y/1lQG5kumfgfWl3vjioH+N7QjuEuH3GNvy atQkIzXgiNcLwsL1sTppqVGNVQwnZNWkPItq6O1HF6QUfif2wnpYcfch8Cl3h3ov IlB/PQyLxsVz5TkMR4Gw0YSzlKTilb4TnkXcgLkXnB9DAMOruNTK0VyawEjY/RPQ 33mRf9kms+FtvdT5GuPfQfqzSUv62j0+/56REx0uv37aSknfFZeL0FelySK6XsKn 7U8fFPFOsGXxsrK4G0kGDjVu8r9KbGg564xvaWmFrbElyGwkVdhnzP00a2Acsc8J h0+HJrKhNJ/+yaMCAZqh1oA2JJvG+dWU9G0CAwEAAaOCAe8wggHrMB0GA1UdDgQW BBQceKnrEbLcqMQAxv/vBTGvjJVRAzAfBgNVHSMEGDAWgBReuMV9cveUbdeyQgWZ KI7KFTy3CTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NC9Y cmpGZlhMM2xHM1hza0lGbVNpT3loVTh0d2suY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL1hyakZmWEwzbEczWHNrSUZtU2lPeWhVOHR3ay5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0L0hIaXA2eEd5M0tqRUFNYl83 d1V4cjR5VlVRTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADT lnowDQYJKoZIhvcNAQELBQADggEBAGrGt6GNA6Op8ZgMtTdMKRb4a3W/DVASkGL7 OdAxkOWCHqLYOIfjIk9tSMOkTcGmQfdu67E8lhXrodPw+kW/gPm07Pkal9MObTor pxjS6oLjVK3UaDoCAz3qoesyKQ6H7CXgvrbEp451SjjW5EuCQUVOJZ6yHz7+fnhS vMobHzvd1mmoqTeCYyN0U/2ryZuY/QYaL73cTxHbQTAZGORs/7DNCXbHpK9HFOpe LkKKspQo5m3WintDgGSM0T6JcmhNmEUioM1uVcA6lIg/jzlVKG+fcHKzpOrWjCpf hTHj35jygT0wphyM7QUdcmrOMqVo+cQVipKc3qeQgSNQr8Wa6d8= -----END CERTIFICATE-----Generated at Wed Jun 4 01:00:12 2025 by rpki-client