$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/8P5nxrSyLpNh0DrQq_L0aOZJdWI.roa File: 8P5nxrSyLpNh0DrQq_L0aOZJdWI.roa (raw, json) Hash identifier: 138BVXYTxmIfaAJ+ZCC6DvL1EUGXXlam0uEXBBSbV10= Subject key identifier: F0:FE:67:C6:B4:B2:2E:93:61:D0:3A:D0:AB:F2:F4:68:E6:49:75:62 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 07C5 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/8P5nxrSyLpNh0DrQq_L0aOZJdWI.roa Signing time: Tue 13 May 2025 13:27:20 +0000 ROA not before: Tue 13 May 2025 13:27:20 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 7641 IP address blocks: 2403:600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:09:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1989 (0x7c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 13 13:27:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F0FE67C6B4B22E9361D03AD0ABF2F468E6497562 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:24:f8:83:c7:e6:67:4d:11:75:ee:e0:cf:f3: f7:a1:19:f9:ad:c4:fd:c2:c8:a4:a4:af:27:52:37: 61:5b:95:05:11:25:03:6f:81:b4:05:21:80:66:e3: 33:54:46:47:99:1e:06:01:4a:81:40:f2:c5:d0:9b: c4:83:9c:59:55:42:7e:64:02:78:d0:fa:cc:f2:7e: 35:34:5d:19:be:30:7b:5f:5a:d4:56:ab:d0:e1:80: ac:77:b7:66:0c:f4:ba:1a:1e:3d:b5:26:7a:1a:5d: bc:c6:00:9a:95:8a:f0:91:6d:db:ed:7a:58:40:1f: dd:e7:15:8b:d1:06:0a:bf:c8:67:93:53:f8:0a:79: f4:58:72:1f:4b:d7:80:80:44:1c:e4:f7:98:39:28: 0a:08:14:96:8d:cf:38:80:b0:4c:9e:83:75:97:92: cd:01:47:0e:d0:15:fc:4d:62:65:4e:bc:d7:78:f3: 9a:9b:86:48:8f:07:fd:a1:bd:32:49:83:06:f8:5a: 84:45:b7:79:ce:b2:ce:d4:41:01:80:02:b6:20:67: 7a:6e:5f:ec:4a:c2:13:97:de:e1:92:f8:ec:cc:9d: 05:8d:af:94:de:ee:1d:e5:d2:c5:c0:7b:02:45:4b: b3:dc:f5:d6:86:d7:aa:43:77:4e:52:42:19:84:88: 9d:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:FE:67:C6:B4:B2:2E:93:61:D0:3A:D0:AB:F2:F4:68:E6:49:75:62 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/8P5nxrSyLpNh0DrQq_L0aOZJdWI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:600::/32 Signature Algorithm: sha256WithRSAEncryption 30:1c:c9:10:61:5a:49:86:84:8f:e7:70:7c:db:a3:93:16:3e: 27:b7:15:52:e2:e0:da:c0:44:99:87:1b:b7:4f:f0:28:d6:58: ec:9d:6c:e7:bc:ad:b6:aa:29:a1:00:7a:21:4a:04:e7:ea:41: 2c:74:5a:01:c3:a1:be:f6:2a:0b:79:00:6a:4a:e0:83:57:95: e2:5d:7f:8f:a8:7f:f7:0d:1f:13:5c:dc:2c:13:b0:be:41:e8: 8b:70:89:75:72:3f:29:23:fd:f6:75:1a:e9:1a:fb:9e:9c:ea: 5c:a8:b4:ec:f9:b2:11:0c:4d:31:a6:6b:5b:ad:23:02:e8:c9: cf:71:1b:02:60:6b:d2:37:bc:cd:c6:f4:50:80:d5:33:a7:42: 60:57:5b:e4:ce:d1:ed:67:27:0d:4c:16:a1:c0:81:9d:86:2b: 6c:19:80:34:46:92:d4:d4:5f:2e:2e:f2:c4:34:4d:7c:4d:cf: 8b:75:17:83:78:0e:a3:de:60:75:27:23:60:55:76:40:e2:c1: a3:63:69:f0:37:ba:38:9f:ed:00:60:e6:65:0d:25:01:f9:d9: f8:cd:33:f5:3e:df:4e:0f:a7:46:b1:8f:c4:73:27:9c:c9:bf: 04:43:f5:64:26:4f:1d:4f:ff:59:a6:4a:07:9d:92:4c:f2:2a: d8:db:c8:f2 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICB8UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MTMx MzI3MjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYwRkU2N0M2QjRCMjJF OTM2MUQwM0FEMEFCRjJGNDY4RTY0OTc1NjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwJPiDx+ZnTRF17uDP8/ehGfmtxP3CyKSkrydSN2FblQURJQNv gbQFIYBm4zNURkeZHgYBSoFA8sXQm8SDnFlVQn5kAnjQ+szyfjU0XRm+MHtfWtRW q9DhgKx3t2YM9LoaHj21JnoaXbzGAJqVivCRbdvtelhAH93nFYvRBgq/yGeTU/gK efRYch9L14CARBzk95g5KAoIFJaNzziAsEyeg3WXks0BRw7QFfxNYmVOvNd485qb hkiPB/2hvTJJgwb4WoRFt3nOss7UQQGAArYgZ3puX+xKwhOX3uGS+OzMnQWNr5Te 7h3l0sXAewJFS7Pc9daG16pDd05SQhmEiJ2lAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQU8P5nxrSyLpNh0DrQq/L0aOZJdWIwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy84UDVueHJTeUxwTmgwRHJR cV9MMGFPWkpkV0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA JAMGADANBgkqhkiG9w0BAQsFAAOCAQEAMBzJEGFaSYaEj+dwfNujkxY+J7cVUuLg 2sBEmYcbt0/wKNZY7J1s57yttqopoQB6IUoE5+pBLHRaAcOhvvYqC3kAakrgg1eV 4l1/j6h/9w0fE1zcLBOwvkHoi3CJdXI/KSP99nUa6Rr7npzqXKi07PmyEQxNMaZr W60jAujJz3EbAmBr0je8zcb0UIDVM6dCYFdb5M7R7WcnDUwWocCBnYYrbBmANEaS 1NRfLi7yxDRNfE3Pi3UXg3gOo95gdScjYFV2QOLBo2Np8De6OJ/tAGDmZQ0lAfnZ +M0z9T7fTg+nRrGPxHMnnMm/BEP1ZCZPHU//WaZKB52STPIq2NvI8g== -----END CERTIFICATE-----Generated at Sat May 17 19:42:11 2025 by rpki-client