$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/5Ms4BUIbG5QwahbTdDIS4w2YffY.roa File: 5Ms4BUIbG5QwahbTdDIS4w2YffY.roa (raw, json) Hash identifier: slVxIsrnsX9Zadl5ahihPr1mRe8y2lFDL+8HMnYFH2A= Subject key identifier: E4:CB:38:05:42:1B:1B:94:30:6A:16:D3:74:32:12:E3:0D:98:7D:F6 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1227 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/5Ms4BUIbG5QwahbTdDIS4w2YffY.roa Signing time: Tue 06 May 2025 08:44:40 +0000 ROA not before: Tue 06 May 2025 08:44:40 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.56.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 21:10:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4647 (0x1227) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: May 6 08:44:40 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E4CB3805421B1B94306A16D3743212E30D987DF6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:05:98:b6:32:ec:e7:05:a7:f3:a8:27:c2:8d: be:46:39:cd:d7:dc:b7:8c:5c:df:a0:3d:70:ec:74: 7e:f5:39:45:fe:76:ba:8d:19:b2:ca:5d:59:80:3e: 1a:89:d6:78:92:b7:25:6d:69:db:de:3f:0e:29:f0: a6:46:43:bb:2c:eb:91:85:76:c7:be:70:23:89:36: f3:bd:f0:58:d8:7c:25:8b:08:3b:8e:82:08:6d:01: 33:f6:a4:bf:36:22:6c:0e:97:6a:f7:13:de:65:5e: 6c:0a:57:2d:a5:e0:2d:91:2f:82:33:aa:62:72:0a: f3:3a:8f:68:0a:a1:f6:26:82:02:ed:f4:5f:bf:66: 38:86:76:2c:0d:df:15:12:d0:61:d8:c4:15:2f:58: e8:cb:d5:f8:fb:18:00:fc:61:72:cb:f4:42:7b:7b: b8:1e:42:8f:8a:38:3e:f0:80:79:17:84:3d:20:5f: 6b:70:ff:50:f4:a8:2b:c6:a8:92:6f:21:48:17:26: 66:d1:b0:49:1b:2e:5e:ba:9c:bf:64:d8:5c:a2:3a: 5c:b3:1d:19:ea:b1:a0:9f:ee:ee:52:70:16:78:5d: ff:3e:47:74:3c:0b:6c:2e:03:c2:da:e7:1f:f0:b9: 72:17:ef:a0:04:f0:b0:fd:f2:b5:0c:7a:2d:51:6f: ef:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:CB:38:05:42:1B:1B:94:30:6A:16:D3:74:32:12:E3:0D:98:7D:F6 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/5Ms4BUIbG5QwahbTdDIS4w2YffY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.56.0/22 Signature Algorithm: sha256WithRSAEncryption b8:24:f5:2d:c1:6b:7c:1e:a3:46:f8:2a:b1:9c:d6:b3:d4:f8: c5:14:7e:3d:3b:c3:3d:87:8e:40:97:93:54:37:a6:dc:bb:f7: 32:dc:8d:94:64:07:01:ea:9f:56:34:c8:b9:fa:79:4a:56:ff: 63:03:71:97:9a:94:74:0d:8b:82:98:20:69:3e:54:d3:12:38: e4:37:11:71:37:35:5e:cd:61:f9:e5:ab:47:18:5e:64:b1:21: f5:a3:ea:83:e8:6e:03:ab:91:88:d4:54:1b:44:ae:6e:3e:51: 0a:54:aa:37:a0:36:d2:ba:c9:1b:ba:29:bb:b7:74:a4:c9:ce: d0:03:c3:f7:8d:5e:de:15:11:95:95:35:dc:81:c3:9b:78:77: 98:6d:1d:8b:b2:72:e6:5c:13:dc:e0:b4:80:d7:6f:b9:98:86: 49:ed:4c:cd:ae:89:54:3b:8f:8c:6f:df:0b:54:8b:37:a1:0d: 75:96:9b:72:a0:cf:95:62:9e:9c:3f:e1:9a:07:c9:13:45:68: 36:77:9f:70:f9:a9:d9:18:77:0e:4b:26:8c:bf:a3:18:8b:bb: 83:6b:76:3f:a3:7a:9a:a7:c2:97:6e:f5:46:cf:17:dc:5e:73: 51:44:bb:a1:d9:b9:13:b5:21:ad:b2:70:23:e8:6a:10:5e:07: 46:8b:96:9a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEicwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA1MDYw ODQ0NDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU0Q0IzODA1NDIxQjFC OTQzMDZBMTZEMzc0MzIxMkUzMEQ5ODdERjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVBZi2MuznBafzqCfCjb5GOc3X3LeMXN+gPXDsdH71OUX+drqN GbLKXVmAPhqJ1niStyVtadvePw4p8KZGQ7ss65GFdse+cCOJNvO98FjYfCWLCDuO gghtATP2pL82ImwOl2r3E95lXmwKVy2l4C2RL4IzqmJyCvM6j2gKofYmggLt9F+/ ZjiGdiwN3xUS0GHYxBUvWOjL1fj7GAD8YXLL9EJ7e7geQo+KOD7wgHkXhD0gX2tw /1D0qCvGqJJvIUgXJmbRsEkbLl66nL9k2FyiOlyzHRnqsaCf7u5ScBZ4Xf8+R3Q8 C2wuA8La5x/wuXIX76AE8LD98rUMei1Rb+8tAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU5Ms4BUIbG5QwahbTdDIS4w2YffYwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzVNczRCVUliRzVRd2Fo YlRkRElTNHcyWWZmWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6DgwDQYJKoZIhvcNAQELBQADggEBALgk9S3Ba3weo0b4KrGc1rPU+MUUfj07 wz2HjkCXk1Q3pty79zLcjZRkBwHqn1Y0yLn6eUpW/2MDcZealHQNi4KYIGk+VNMS OOQ3EXE3NV7NYfnlq0cYXmSxIfWj6oPobgOrkYjUVBtErm4+UQpUqjegNtK6yRu6 Kbu3dKTJztADw/eNXt4VEZWVNdyBw5t4d5htHYuycuZcE9zgtIDXb7mYhkntTM2u iVQ7j4xv3wtUizehDXWWm3Kgz5Vinpw/4ZoHyRNFaDZ3n3D5qdkYdw5LJoy/oxiL u4Nrdj+jepqnwpdu9UbPF9xec1FEu6HZuRO1Ia2ycCPoahBeB0aLlpo= -----END CERTIFICATE-----Generated at Mon May 12 19:43:59 2025 by rpki-client