$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/wupW9xO-Pb2A_PVTI4_crq-azI8.roa File: wupW9xO-Pb2A_PVTI4_crq-azI8.roa (raw, json) Hash identifier: 45Zw9LEWmqY3JM84M7tXuIv+GNiqcMJwYp3CyIhBECA= Subject key identifier: C2:EA:56:F7:13:BE:3D:BD:80:FC:F5:53:23:8F:DC:AE:AF:9A:CC:8F Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 2357 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/wupW9xO-Pb2A_PVTI4_crq-azI8.roa Signing time: Thu 26 Jun 2025 08:35:09 +0000 ROA not before: Thu 26 Jun 2025 08:35:09 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 209178 IP address blocks: 223.29.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 05:58:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9047 (0x2357) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jun 26 08:35:09 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=C2EA56F713BE3DBD80FCF553238FDCAEAF9ACC8F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:e2:2e:92:b5:ce:6f:ac:35:92:67:0a:a8:ec: 40:14:8a:a6:eb:73:ed:60:c6:98:91:27:54:d6:36: 1a:89:e5:26:37:26:0e:ba:eb:04:f6:f1:e9:92:db: cc:71:4a:0e:d3:22:e5:42:c9:ef:6d:24:23:2b:1c: 92:9a:53:bf:8e:a4:97:c7:a1:31:bf:ba:bf:ac:c3: 02:05:e8:a2:af:e4:11:67:13:b8:7e:5f:f5:9d:08: 24:8a:6c:31:cc:29:aa:82:24:23:ed:72:36:65:79: ca:b3:7b:28:fd:e0:01:b6:70:11:66:39:4f:81:ed: 10:ef:f2:78:94:ed:96:44:e9:56:1a:71:fd:e6:af: 2f:de:96:12:70:1e:39:ab:ce:90:8a:3d:32:eb:a3: 1a:0c:28:25:b2:d8:12:78:1f:6b:39:86:90:28:4f: e1:23:4c:c0:71:9f:a6:e1:7a:c1:e1:f9:a4:e7:84: e4:d7:dd:ce:86:82:c6:3d:52:aa:b6:cd:a7:6a:fb: d8:c3:7c:46:b8:b0:03:18:bd:bd:8b:55:19:69:c8: d1:bc:4c:f5:8e:46:1b:28:42:18:3d:ed:4b:3c:17: 8a:f3:9a:5c:a6:72:a2:51:e4:6a:1d:19:02:5b:5f: 5b:16:09:b6:f8:f8:56:08:db:da:ec:bf:00:17:24: 46:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:EA:56:F7:13:BE:3D:BD:80:FC:F5:53:23:8F:DC:AE:AF:9A:CC:8F X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/wupW9xO-Pb2A_PVTI4_crq-azI8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.255.0/24 Signature Algorithm: sha256WithRSAEncryption cc:53:81:d8:6f:ba:0e:73:7d:55:7e:a2:63:44:6e:17:b4:5e: be:aa:94:15:e1:2a:5b:7f:70:2f:59:67:9f:f4:18:d2:b4:a9: ae:14:d9:f2:59:df:c1:1f:3c:e3:94:05:5d:72:52:df:ab:fe: 3b:98:e1:6b:36:82:ba:73:8d:84:84:84:22:d0:f5:31:3e:ea: fc:28:73:aa:89:00:00:2e:b3:d6:71:f7:71:eb:43:7a:05:af: 13:be:f6:fe:b2:81:c1:1e:bd:79:4d:12:be:0c:c9:1d:15:ed: c8:65:bd:84:32:37:21:ed:36:83:6c:9c:bc:08:aa:13:e6:f1: 4d:22:44:ee:4a:21:30:2b:d5:b5:e4:dc:80:58:08:3a:1e:92: 74:e5:c9:43:6f:4f:89:4a:dd:81:97:7b:19:23:21:5b:9a:a6: a7:2a:8c:f4:0e:a3:7b:51:b9:72:12:5c:6e:23:cb:29:e6:02: c0:d9:2b:51:e9:9f:db:27:88:3e:5e:f8:98:b8:62:34:78:04: 5c:98:33:a3:ff:06:3b:3c:e4:96:b6:2e:57:25:90:90:15:12: 93:f9:43:a5:7a:dd:d5:53:e6:a1:dc:73:7e:71:de:ed:ca:5a: 1b:2c:61:f8:7d:52:95:b1:90:7e:27:d6:22:67:84:9f:70:b2: 07:41:ee:ae -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICI1cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA2MjYw ODM1MDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEMyRUE1NkY3MTNCRTNE QkQ4MEZDRjU1MzIzOEZEQ0FFQUY5QUNDOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCd4i6Stc5vrDWSZwqo7EAUiqbrc+1gxpiRJ1TWNhqJ5SY3Jg66 6wT28emS28xxSg7TIuVCye9tJCMrHJKaU7+OpJfHoTG/ur+swwIF6KKv5BFnE7h+ X/WdCCSKbDHMKaqCJCPtcjZlecqzeyj94AG2cBFmOU+B7RDv8niU7ZZE6VYacf3m ry/elhJwHjmrzpCKPTLroxoMKCWy2BJ4H2s5hpAoT+EjTMBxn6bhesHh+aTnhOTX 3c6GgsY9Uqq2zadq+9jDfEa4sAMYvb2LVRlpyNG8TPWORhsoQhg97Us8F4rzmlym cqJR5GodGQJbX1sWCbb4+FYI29rsvwAXJEalAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUwupW9xO+Pb2A/PVTI4/crq+azI8wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvd3VwVzl4Ty1QYjJB X1BWVEk0X2NycS1hekk4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAN8d/zANBgkqhkiG9w0BAQsFAAOCAQEAzFOB2G+6DnN9VX6iY0RuF7RevqqU FeEqW39wL1lnn/QY0rSprhTZ8lnfwR8845QFXXJS36v+O5jhazaCunONhISEItD1 MT7q/ChzqokAAC6z1nH3cetDegWvE772/rKBwR69eU0SvgzJHRXtyGW9hDI3Ie02 g2ycvAiqE+bxTSJE7kohMCvVteTcgFgIOh6SdOXJQ29PiUrdgZd7GSMhW5qmpyqM 9A6je1G5chJcbiPLKeYCwNkrUemf2yeIPl74mLhiNHgEXJgzo/8GOzzklrYuVyWQ kBUSk/lDpXrd1VPmodxzfnHe7cpaGyxh+H1SlbGQfifWImeEn3CyB0Hurg== -----END CERTIFICATE-----Generated at Fri Jul 4 01:40:02 2025 by rpki-client