$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/RdLss2o-fr_NP32gWQlKITHws4M.roa File: RdLss2o-fr_NP32gWQlKITHws4M.roa (raw, json) Hash identifier: imxNPsr1a9MsBybiif6PCUfHus1aIlB4JIN4Irg/eY8= Subject key identifier: 45:D2:EC:B3:6A:3E:7E:BF:CD:3F:7D:A0:59:09:4A:21:31:F0:B3:83 Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 082A Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/RdLss2o-fr_NP32gWQlKITHws4M.roa Signing time: Fri 23 May 2025 07:36:35 +0000 ROA not before: Fri 23 May 2025 07:36:35 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 56044 IP address blocks: 223.161.226.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 17:42:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2090 (0x82a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: May 23 07:36:35 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=45D2ECB36A3E7EBFCD3F7DA059094A2131F0B383 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f0:5d:71:5c:6a:70:60:69:77:f8:0b:dd:5a: c6:6a:d4:7a:92:fb:61:e4:b9:4c:19:2f:b6:d3:8b: 34:6e:7b:d9:26:79:e4:a8:fc:bf:4d:d5:dc:38:5f: fa:1f:0b:3d:d5:3b:0f:20:46:50:f4:5e:62:29:85: 05:e5:38:56:62:4d:be:6a:0f:3f:1f:84:d4:e3:49: 4c:a1:a6:56:68:0e:af:31:41:37:40:d6:70:82:d1: d7:36:cb:0b:78:73:62:cc:82:ab:94:31:8d:d4:12: 79:b9:a6:a8:e2:1b:58:19:0a:c3:d7:63:23:31:e2: 00:47:08:eb:03:de:70:b7:93:19:c2:b8:22:86:69: 8a:70:44:58:d1:47:ff:b2:e4:3c:29:0a:b4:86:da: 30:c2:61:55:2d:1a:34:b1:5e:66:e8:b7:5e:49:e4: 2c:32:37:9f:2d:31:c0:5c:fb:be:82:a3:f2:49:a5: 3d:2f:05:fd:4c:bf:4c:7a:60:de:66:ac:ad:22:49: 54:57:43:7d:af:bb:58:1b:a3:fc:29:f5:86:c5:7c: 15:44:c5:16:51:76:32:1f:42:d2:01:a6:73:af:42: 01:02:9e:3d:bc:19:c2:e6:e8:e1:9e:14:d4:dd:dc: c7:44:97:53:72:96:47:ce:74:a5:f8:fd:6e:c2:ce: 94:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:D2:EC:B3:6A:3E:7E:BF:CD:3F:7D:A0:59:09:4A:21:31:F0:B3:83 X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/RdLss2o-fr_NP32gWQlKITHws4M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.161.226.0/23 Signature Algorithm: sha256WithRSAEncryption 65:4b:bf:bb:d6:ec:8c:c7:9e:11:85:e4:aa:fb:8d:b1:20:dc: aa:e0:36:b0:f3:ed:5a:46:d2:b6:69:79:a1:36:7d:ab:a4:d0: 81:89:b6:fd:2d:0b:a4:24:78:35:f0:68:2c:e3:9d:05:ab:0c: 42:2c:92:46:26:1d:64:9e:c4:69:ce:ab:22:73:70:99:17:94: 96:86:2c:77:20:69:e5:e4:00:40:9e:09:a3:26:35:f2:87:5f: f7:4f:90:c9:6b:5c:ef:46:a3:3f:52:6a:b7:75:df:73:e1:bd: 09:bc:e3:41:7d:b4:a1:93:54:c2:e0:71:f6:c0:ae:4a:ca:c0: 21:f9:12:0d:2c:85:11:3f:39:2b:89:e0:91:2c:6c:ff:9f:e2: 5a:9d:5b:27:61:f4:4e:5f:38:af:fe:59:60:e3:4a:18:6d:71: 44:3d:e9:9f:a0:74:4e:e3:9b:c8:7c:09:e7:f2:81:00:30:d2: 52:b6:10:62:c9:b3:58:cd:b2:70:2d:8d:bc:5d:04:e9:30:6a: 14:32:5e:8e:f3:a7:ba:06:ae:0c:8a:54:e7:6c:e0:4c:29:22: b3:73:47:96:90:e5:55:16:a5:f3:af:c3:b7:62:51:ce:c4:20: fd:55:f4:0a:a1:77:52:53:61:7c:97:67:a9:eb:f1:67:77:15: e8:f2:bd:78 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICCCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA1MjMw NzM2MzVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ1RDJFQ0IzNkEzRTdF QkZDRDNGN0RBMDU5MDk0QTIxMzFGMEIzODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDC8F1xXGpwYGl3+AvdWsZq1HqS+2HkuUwZL7bTizRue9kmeeSo /L9N1dw4X/ofCz3VOw8gRlD0XmIphQXlOFZiTb5qDz8fhNTjSUyhplZoDq8xQTdA 1nCC0dc2ywt4c2LMgquUMY3UEnm5pqjiG1gZCsPXYyMx4gBHCOsD3nC3kxnCuCKG aYpwRFjRR/+y5DwpCrSG2jDCYVUtGjSxXmbot15J5CwyN58tMcBc+76Co/JJpT0v Bf1Mv0x6YN5mrK0iSVRXQ32vu1gbo/wp9YbFfBVExRZRdjIfQtIBpnOvQgECnj28 GcLm6OGeFNTd3MdEl1NylkfOdKX4/W7CzpQhAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQURdLss2o+fr/NP32gWQlKITHws4MwHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9SZExzczJvLWZyX05QMzJn V1FsS0lUSHdzNE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB 36HiMA0GCSqGSIb3DQEBCwUAA4IBAQBlS7+71uyMx54RheSq+42xINyq4Daw8+1a RtK2aXmhNn2rpNCBibb9LQukJHg18Ggs450FqwxCLJJGJh1knsRpzqsic3CZF5SW hix3IGnl5ABAngmjJjXyh1/3T5DJa1zvRqM/Umq3dd9z4b0JvONBfbShk1TC4HH2 wK5KysAh+RINLIURPzkrieCRLGz/n+JanVsnYfROXziv/llg40oYbXFEPemfoHRO 45vIfAnn8oEAMNJSthBiybNYzbJwLY28XQTpMGoUMl6O86e6Bq4MilTnbOBMKSKz c0eWkOVVFqXzr8O3YlHOxCD9VfQKoXdSU2F8l2ep6/FndxXo8r14 -----END CERTIFICATE-----Generated at Fri Jul 4 16:27:07 2025 by rpki-client