$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/1pGP6piO9t8jbUERzDx-O4nhtLM.roa File: 1pGP6piO9t8jbUERzDx-O4nhtLM.roa (raw, json) Hash identifier: LgsHYyRchdYhJU6IjYfSwzPXfyeBNXFC/3oEFZaxr5E= Subject key identifier: D6:91:8F:EA:98:8E:F6:DF:23:6D:41:11:CC:3C:7E:3B:89:E1:B4:B3 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3213 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/1pGP6piO9t8jbUERzDx-O4nhtLM.roa Signing time: Wed 25 Jun 2025 00:12:48 +0000 ROA not before: Wed 25 Jun 2025 00:12:48 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 63612 IP address blocks: 43.227.72.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 22:43:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12819 (0x3213) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Jun 25 00:12:48 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D6918FEA988EF6DF236D4111CC3C7E3B89E1B4B3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:8d:9c:a3:16:1c:59:34:70:be:ba:3c:f4:6f: 6d:7b:a5:50:db:f7:9d:f0:bf:33:6b:65:14:ba:95: 56:5b:80:89:2b:18:cc:f2:c0:9d:4b:0f:7e:d5:86: fe:10:88:7d:fe:1f:86:53:70:30:e6:85:4a:ab:fe: 4c:36:a7:77:a5:3a:8e:52:68:60:f5:88:52:fe:ec: 47:8f:4b:79:01:5a:19:3c:ab:41:72:9c:8b:fa:f8: 43:6a:f5:ed:50:90:93:67:be:db:2b:89:07:1c:83: a6:fa:9e:7c:24:0f:11:f0:4a:d9:47:a7:0a:c3:0c: 3d:bc:bd:49:b2:fc:e7:37:36:63:f4:92:24:54:c3: 30:9d:73:57:4d:8f:35:3d:cb:55:5c:30:bb:7b:61: 54:84:61:09:fc:fe:8e:0e:d5:63:90:63:fc:7a:16: cb:02:30:a7:94:8f:b7:42:d5:41:35:0f:58:c1:28: 6f:5a:22:5a:59:b2:a2:fb:dd:ee:2e:a7:12:d9:1a: f8:e7:2a:ad:b5:23:4a:4e:36:f2:57:1e:7b:b6:a2: 0c:6d:be:54:dc:39:81:ae:59:ba:3c:69:b7:6f:2b: a1:0a:6f:09:21:0a:54:df:1e:44:df:5c:b8:2f:e9: 7a:0f:86:44:80:e6:c9:f0:e6:47:77:8a:65:d6:80: f3:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:91:8F:EA:98:8E:F6:DF:23:6D:41:11:CC:3C:7E:3B:89:E1:B4:B3 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/1pGP6piO9t8jbUERzDx-O4nhtLM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.227.72.0/21 Signature Algorithm: sha256WithRSAEncryption 28:4d:11:67:1d:ae:2a:92:58:4e:06:2a:3d:5e:1e:01:a7:12: ff:9f:1c:a3:93:3a:6d:6c:ba:82:bf:81:a3:7d:8c:70:45:99: 8a:0a:d6:93:4c:69:43:b9:00:ff:f8:1f:80:91:65:78:df:4a: b5:c0:f6:7a:1e:8d:aa:3a:d7:3a:12:61:54:fe:4f:9d:01:71: a1:e9:18:e6:f1:f0:25:24:2b:10:f8:5d:6a:7f:11:fb:ef:02: 5e:55:8d:d0:6e:40:6e:31:8c:ff:c7:be:da:66:ec:8b:63:d0: 5e:70:af:7d:41:6b:6c:9a:14:f4:83:65:10:2e:d6:41:58:c6: a4:27:b7:b9:bf:00:49:43:a7:a2:a9:51:82:f8:1b:fc:bf:a3: e8:b0:4b:75:a5:26:16:88:f5:3e:07:f5:4a:97:1e:57:17:9c: db:86:07:23:cb:12:17:1d:3e:b4:87:05:15:15:01:ca:3f:10: 14:c6:68:ba:c0:70:73:3d:53:61:bb:34:99:17:fe:18:90:e4: 5f:fb:0b:5b:35:46:65:48:47:16:b3:e2:86:2c:1b:bb:2f:10: ed:d4:29:f1:88:e0:b5:8c:c0:c1:50:01:4a:ae:c7:d7:31:39: cb:15:f1:1f:5e:4c:62:2c:7c:60:d0:f6:46:65:7f:70:0b:ca: 47:81:c7:b8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMhMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA2MjUw MDEyNDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ2OTE4RkVBOTg4RUY2 REYyMzZENDExMUNDM0M3RTNCODlFMUI0QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMjZyjFhxZNHC+ujz0b217pVDb953wvzNrZRS6lVZbgIkrGMzy wJ1LD37Vhv4QiH3+H4ZTcDDmhUqr/kw2p3elOo5SaGD1iFL+7EePS3kBWhk8q0Fy nIv6+ENq9e1QkJNnvtsriQccg6b6nnwkDxHwStlHpwrDDD28vUmy/Oc3NmP0kiRU wzCdc1dNjzU9y1VcMLt7YVSEYQn8/o4O1WOQY/x6FssCMKeUj7dC1UE1D1jBKG9a IlpZsqL73e4upxLZGvjnKq21I0pONvJXHnu2ogxtvlTcOYGuWbo8abdvK6EKbwkh ClTfHkTfXLgv6XoPhkSA5snw5kd3imXWgPP1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU1pGP6piO9t8jbUERzDx+O4nhtLMwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvMXBHUDZwaU85dDhq YlVFUnpEeC1PNG5odExNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAyvjSDANBgkqhkiG9w0BAQsFAAOCAQEAKE0RZx2uKpJYTgYqPV4eAacS/58c o5M6bWy6gr+Bo32McEWZigrWk0xpQ7kA//gfgJFleN9KtcD2eh6NqjrXOhJhVP5P nQFxoekY5vHwJSQrEPhdan8R++8CXlWN0G5AbjGM/8e+2mbsi2PQXnCvfUFrbJoU 9INlEC7WQVjGpCe3ub8ASUOnoqlRgvgb/L+j6LBLdaUmFoj1Pgf1SpceVxec24YH I8sSFx0+tIcFFRUByj8QFMZousBwcz1TYbs0mRf+GJDkX/sLWzVGZUhHFrPihiwb uy8Q7dQp8YjgtYzAwVABSq7H1zE5yxXxH15MYix8YND2RmV/cAvKR4HHuA== -----END CERTIFICATE-----Generated at Fri Jul 4 19:40:21 2025 by rpki-client