$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/_q0jKny6k09xunXEwO2Tsd1dMCY.roa File: _q0jKny6k09xunXEwO2Tsd1dMCY.roa (raw, json) Hash identifier: +RjE4kwqaLBdcY93Kj6OprQHmCwvgIYCXZr6qCaeFvA= Subject key identifier: FE:AD:23:2A:7C:BA:93:4F:71:BA:75:C4:C0:ED:93:B1:DD:5D:30:26 Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 127D Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/_q0jKny6k09xunXEwO2Tsd1dMCY.roa Signing time: Fri 23 May 2025 11:03:34 +0000 ROA not before: Fri 23 May 2025 11:03:34 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 23853 IP address blocks: 211.147.80.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4733 (0x127d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: May 23 11:03:34 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=FEAD232A7CBA934F71BA75C4C0ED93B1DD5D3026 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:6c:1d:a1:3b:87:c0:35:75:f6:4a:bf:d3:b3: 6f:f1:21:86:57:63:b2:12:e5:66:1b:f0:58:e9:3c: 4e:57:ff:d8:06:27:37:25:e0:33:85:e7:5b:e1:40: 60:33:6c:ff:c5:78:26:e1:d6:63:5f:63:49:44:87: f9:70:89:b4:4b:d6:db:81:e9:74:70:13:e9:fd:a7: 35:30:03:49:ec:c5:41:fd:da:27:d1:23:13:58:d4: c5:62:ea:da:aa:13:7b:c2:ec:2e:2a:bd:da:eb:08: 31:ab:a8:c3:87:ab:48:df:40:63:ec:3f:89:1d:9c: 25:56:40:d5:23:4d:5f:3e:4e:32:4f:58:97:5c:73: 08:20:88:cd:51:b4:4a:71:7a:99:ae:94:da:23:9c: d4:48:ee:1e:34:b1:d6:c9:06:bb:2f:a7:48:fc:fb: 69:e4:9e:1a:31:04:81:95:98:0f:83:80:49:d7:7f: eb:7b:4b:eb:84:ed:22:a2:9d:f5:a8:dd:5a:b7:12: e6:59:5f:ab:db:c3:9d:1d:4d:1e:6d:9e:b8:af:25: 69:0a:80:40:73:6f:62:41:72:d1:d5:74:0e:f2:99: 82:43:f3:31:a3:2e:ee:0a:fb:c2:44:30:a4:26:b3: f0:74:99:ea:41:68:77:1f:78:1a:45:c7:51:58:9d: a1:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:AD:23:2A:7C:BA:93:4F:71:BA:75:C4:C0:ED:93:B1:DD:5D:30:26 X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/_q0jKny6k09xunXEwO2Tsd1dMCY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.147.80.0/20 Signature Algorithm: sha256WithRSAEncryption 32:d3:ff:b6:e4:55:4f:34:66:3e:74:14:f0:7d:af:9a:1b:31: 77:5f:12:83:ec:5a:58:aa:b2:27:56:bf:cf:30:9d:21:41:6a: 55:99:9d:1b:67:a4:40:a1:c4:49:a9:8c:6f:50:36:d0:6f:d9: 7d:a1:21:93:8c:56:d0:05:90:58:aa:e7:bd:cb:81:00:cb:33: 23:93:4e:a2:3d:83:aa:f6:bd:6d:1f:0d:bc:b5:e8:f5:b4:90: 70:c8:14:d7:e6:ec:df:54:aa:0d:34:73:dc:8b:30:aa:0a:45: 9c:4a:28:54:35:73:e7:4c:2f:ac:33:1b:82:14:54:06:1a:bf: 78:06:30:4f:69:84:6b:b3:51:91:04:c3:b0:2b:00:fb:88:fd: c2:87:4d:77:87:f2:b8:cd:e7:35:ce:65:a6:c6:6f:07:48:9c: 8d:1a:18:66:26:28:b6:a5:86:69:66:38:f4:9f:33:9f:57:dd: fa:14:7b:08:2f:93:c3:a0:7e:b3:41:d8:55:bc:39:28:5d:b3: a6:a1:b7:40:5e:70:d4:1d:bc:ad:31:ff:ff:1f:fb:b4:f0:82: 58:d5:50:f9:2d:15:9e:20:d3:2a:25:cf:8a:fa:40:cc:48:e4: c9:ff:f1:b8:e1:3c:61:9a:09:6d:63:11:13:4e:6d:f5:23:87: 33:78:71:df -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICEn0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA1MjMx MTAzMzRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZFQUQyMzJBN0NCQTkz NEY3MUJBNzVDNEMwRUQ5M0IxREQ1RDMwMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCbB2hO4fANXX2Sr/Ts2/xIYZXY7IS5WYb8FjpPE5X/9gGJzcl 4DOF51vhQGAzbP/FeCbh1mNfY0lEh/lwibRL1tuB6XRwE+n9pzUwA0nsxUH92ifR IxNY1MVi6tqqE3vC7C4qvdrrCDGrqMOHq0jfQGPsP4kdnCVWQNUjTV8+TjJPWJdc cwggiM1RtEpxepmulNojnNRI7h40sdbJBrsvp0j8+2nknhoxBIGVmA+DgEnXf+t7 S+uE7SKinfWo3Vq3EuZZX6vbw50dTR5tnrivJWkKgEBzb2JBctHVdA7ymYJD8zGj Lu4K+8JEMKQms/B0mepBaHcfeBpFx1FYnaFhAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQU/q0jKny6k09xunXEwO2Tsd1dMCYwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS9fcTBqS255NmswOXh1blhF d08yVHNkMWRNQ1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE 05NQMA0GCSqGSIb3DQEBCwUAA4IBAQAy0/+25FVPNGY+dBTwfa+aGzF3XxKD7FpY qrInVr/PMJ0hQWpVmZ0bZ6RAocRJqYxvUDbQb9l9oSGTjFbQBZBYque9y4EAyzMj k06iPYOq9r1tHw28tej1tJBwyBTX5uzfVKoNNHPcizCqCkWcSihUNXPnTC+sMxuC FFQGGr94BjBPaYRrs1GRBMOwKwD7iP3Ch013h/K4zec1zmWmxm8HSJyNGhhmJii2 pYZpZjj0nzOfV936FHsIL5PDoH6zQdhVvDkoXbOmobdAXnDUHbytMf//H/u08IJY 1VD5LRWeINMqJc+K+kDMSOTJ//G44TxhmgltYxETTm31I4czeHHf -----END CERTIFICATE-----Generated at Wed Jun 4 02:12:41 2025 by rpki-client