$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/5ds4eeeKAVfUWPoaezuhe5LFxNM.roa File: 5ds4eeeKAVfUWPoaezuhe5LFxNM.roa (raw, json) Hash identifier: NxwdwJZ66T8fJYz2hLPFighUVTjDVlwvvy94KaICtgA= Subject key identifier: E5:DB:38:79:E7:8A:01:57:D4:58:FA:1A:7B:3B:A1:7B:92:C5:C4:D3 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3211 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/5ds4eeeKAVfUWPoaezuhe5LFxNM.roa Signing time: Wed 25 Jun 2025 00:12:47 +0000 ROA not before: Wed 25 Jun 2025 00:12:47 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 63612 IP address blocks: 43.227.80.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 22:43:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12817 (0x3211) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Jun 25 00:12:47 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E5DB3879E78A0157D458FA1A7B3BA17B92C5C4D3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:33:96:59:9c:77:4c:b0:fe:be:bf:ef:5f:ec: 19:a2:dd:98:9c:dd:70:c0:29:0b:45:83:f3:9e:46: 18:48:da:4a:81:87:12:7f:1b:09:21:a9:75:41:46: 91:73:1f:f7:a4:77:0a:f7:85:86:ec:54:62:41:aa: 34:9c:0d:a8:bd:7a:ff:d2:a8:3f:8c:6c:c6:74:23: c6:d0:49:7a:7f:8c:45:18:a2:74:42:45:70:93:47: 93:18:9f:e4:25:0f:71:8f:65:e6:cd:01:26:58:c3: 94:0f:5b:69:18:79:0f:f4:ae:23:7c:1a:3f:bc:93: df:d5:8f:5c:dd:c1:02:5c:13:fb:db:ef:ec:a1:d2: 3c:21:fb:e2:fc:fd:84:0d:43:d9:6d:74:71:15:52: 7e:22:ca:8c:77:fc:4c:a5:3e:45:2d:2d:86:b6:43: 3f:08:5b:23:2c:fc:83:bf:3c:73:68:e7:75:6a:86: 3d:c5:bf:07:bf:44:73:32:13:32:0e:0f:a3:e7:05: 2e:fc:c5:8e:9b:b2:15:b9:4f:cf:a2:da:c9:75:6e: 6b:bc:ef:17:bd:0b:14:c3:62:27:13:1c:b7:bc:15: 78:c9:a9:0d:15:19:9c:9c:0a:dd:a3:c6:19:da:25: 32:35:c2:5c:fe:a5:8a:43:d8:d9:8c:e6:66:50:73: bf:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:DB:38:79:E7:8A:01:57:D4:58:FA:1A:7B:3B:A1:7B:92:C5:C4:D3 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/5ds4eeeKAVfUWPoaezuhe5LFxNM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.227.80.0/20 Signature Algorithm: sha256WithRSAEncryption 3a:ad:f9:76:9f:4d:63:1a:4b:fe:f9:7c:c7:37:e0:6a:04:40: f6:4e:ee:a8:c6:9b:a1:95:9e:6f:6a:d5:13:48:23:a1:9e:82: 8b:b2:8b:af:01:48:ab:e6:d1:fb:fc:bc:86:2b:42:e4:2c:db: ab:4d:9b:92:06:71:37:96:84:32:05:dc:57:7e:2f:c5:a7:0c: 4a:fe:04:6c:33:ca:90:1d:72:d8:f3:18:13:99:ff:80:97:82: 1e:da:59:2e:21:37:be:b6:64:f0:9d:66:c8:aa:e4:48:10:5f: 55:4f:2c:a7:46:bb:4c:da:f4:71:a3:c6:ba:01:46:e9:38:f5: 97:ee:b6:d6:9d:ac:3a:50:ab:7d:b8:4e:06:39:50:6e:ee:52: 7b:4c:50:c0:dd:86:21:68:ab:48:bd:66:15:49:3d:2c:0d:7c: f2:88:aa:3c:ab:03:ac:60:bb:a8:e0:0a:a9:08:da:2c:25:2b: 67:8d:78:24:d4:46:64:bf:a6:8c:f3:95:1c:60:bd:5b:8a:34: e0:fa:a9:ef:f9:3e:3c:f7:63:eb:0a:56:23:2b:ff:b6:d0:a6: 5b:fc:03:22:9e:43:38:6a:45:b5:41:7f:b9:e8:12:4b:23:55: e5:88:97:60:4b:96:7b:89:19:94:65:2a:c8:5f:9a:37:04:1b: ec:64:42:2e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMhEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA2MjUw MDEyNDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU1REIzODc5RTc4QTAx NTdENDU4RkExQTdCM0JBMTdCOTJDNUM0RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDM5ZZnHdMsP6+v+9f7Bmi3Zic3XDAKQtFg/OeRhhI2kqBhxJ/ GwkhqXVBRpFzH/ekdwr3hYbsVGJBqjScDai9ev/SqD+MbMZ0I8bQSXp/jEUYonRC RXCTR5MYn+QlD3GPZebNASZYw5QPW2kYeQ/0riN8Gj+8k9/Vj1zdwQJcE/vb7+yh 0jwh++L8/YQNQ9ltdHEVUn4iyox3/EylPkUtLYa2Qz8IWyMs/IO/PHNo53Vqhj3F vwe/RHMyEzIOD6PnBS78xY6bshW5T8+i2sl1bmu87xe9CxTDYicTHLe8FXjJqQ0V GZycCt2jxhnaJTI1wlz+pYpD2NmM5mZQc797AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU5ds4eeeKAVfUWPoaezuhe5LFxNMwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvNWRzNGVlZUtBVmZV V1BvYWV6dWhlNUxGeE5NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBCvjUDANBgkqhkiG9w0BAQsFAAOCAQEAOq35dp9NYxpL/vl8xzfgagRA9k7u qMaboZWeb2rVE0gjoZ6Ci7KLrwFIq+bR+/y8hitC5Czbq02bkgZxN5aEMgXcV34v xacMSv4EbDPKkB1y2PMYE5n/gJeCHtpZLiE3vrZk8J1myKrkSBBfVU8sp0a7TNr0 caPGugFG6Tj1l+621p2sOlCrfbhOBjlQbu5Se0xQwN2GIWirSL1mFUk9LA188oiq PKsDrGC7qOAKqQjaLCUrZ414JNRGZL+mjPOVHGC9W4o04Pqp7/k+PPdj6wpWIyv/ ttCmW/wDIp5DOGpFtUF/uegSSyNV5YiXYEuWe4kZlGUqyF+aNwQb7GRCLg== -----END CERTIFICATE-----Generated at Fri Jul 4 18:38:01 2025 by rpki-client