$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/PoiA2j02Hy-O9kRto8kOPuFf2PQ.roa File: PoiA2j02Hy-O9kRto8kOPuFf2PQ.roa (raw, json) Hash identifier: YlAqRtqgz/lKJVW7b5oEyG5BKb/aoiQfFjkfEr9CjQk= Subject key identifier: 3E:88:80:DA:3D:36:1F:2F:8E:F6:44:6D:A3:C9:0E:3E:E1:5F:D8:F4 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1345 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/PoiA2j02Hy-O9kRto8kOPuFf2PQ.roa Signing time: Wed 25 Jun 2025 06:18:28 +0000 ROA not before: Wed 25 Jun 2025 06:18:28 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 119.59.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 20:44:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4933 (0x1345) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jun 25 06:18:28 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=3E8880DA3D361F2F8EF6446DA3C90E3EE15FD8F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d4:7e:0c:a6:8d:1e:1c:67:23:e4:ed:2d:de: cd:a4:8a:0a:9b:56:fa:33:84:82:34:ab:68:ac:4b: c8:64:f8:1e:ed:47:aa:3b:bd:b9:64:dc:89:65:34: 40:5a:98:aa:28:fd:49:9b:ea:59:2a:5a:43:83:15: ae:8a:10:86:0b:a8:b6:2f:bb:41:f3:5f:c1:f9:73: e2:d2:0a:00:7f:7f:61:9e:61:80:e4:00:ce:be:31: f5:98:77:5f:29:86:cc:79:bb:76:36:ea:f2:80:b2: 5c:2e:74:e5:bd:8e:15:12:01:b8:e8:13:9e:ee:05: e2:6a:4c:66:a0:c8:2a:07:5c:e5:8d:c9:aa:c8:d9: ae:ea:2e:8b:da:11:f9:6c:43:88:4d:c8:ef:a9:09: 22:29:69:16:3d:7b:c2:14:98:2c:ce:e5:ac:b6:68: fc:60:94:f6:1e:dc:99:df:cd:d5:3c:93:ac:d8:57: 87:0e:f8:29:75:66:70:00:22:91:ab:e8:a7:12:8e: fb:b8:c7:9e:43:7c:b8:5b:68:67:d5:60:32:b4:55: ec:56:b0:4e:50:d3:d0:7f:5e:82:53:41:d5:10:cc: b1:c1:0d:a1:be:4e:7d:6a:96:58:24:14:1b:6a:b0: 31:14:29:e8:ab:26:14:63:f9:38:03:53:86:b7:37: 5a:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:88:80:DA:3D:36:1F:2F:8E:F6:44:6D:A3:C9:0E:3E:E1:5F:D8:F4 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/PoiA2j02Hy-O9kRto8kOPuFf2PQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.252.0/22 Signature Algorithm: sha256WithRSAEncryption 05:36:9f:97:30:e6:02:91:db:da:d6:29:99:a1:d7:3f:6e:95: d6:a7:4a:cc:cd:55:28:5a:31:8d:03:94:de:e7:47:b2:99:01: 11:dc:c6:bd:56:c4:96:30:46:41:44:c0:e2:7c:65:8f:81:87: b0:35:02:58:04:c8:9d:31:67:2d:e4:11:02:b8:06:6f:77:83: 4b:21:59:41:7f:b6:3b:78:e0:96:fd:18:42:43:2c:95:af:4e: 53:e1:26:43:f3:56:7c:41:1f:08:ce:ae:f5:d4:df:db:21:e3: 11:09:0f:ba:36:3d:fb:8f:c9:ac:64:1a:dd:16:a9:2c:e3:e9: 83:b7:0d:b6:c3:ec:cf:20:02:d5:bd:a0:96:9f:ec:e3:de:31: cb:79:57:66:74:b9:54:c2:8b:7e:bc:ad:d9:4f:75:5b:40:47: d7:a8:61:46:40:0f:87:94:3d:64:71:7e:85:70:f8:ce:3e:b0: 71:cb:45:4c:45:96:60:e1:76:ea:8f:10:e2:36:06:6a:c5:4d: 8d:23:a5:d7:08:9a:b0:5b:7f:09:46:8c:2e:da:f7:19:62:46: 43:67:79:02:69:32:15:5e:d3:2c:97:67:43:32:6e:21:99:91: 83:aa:07:35:51:a6:1c:94:97:08:44:1d:79:82:bf:7d:b6:d9: 99:72:8c:bb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA2MjUw NjE4MjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDNFODg4MERBM0QzNjFG MkY4RUY2NDQ2REEzQzkwRTNFRTE1RkQ4RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC81H4Mpo0eHGcj5O0t3s2kigqbVvozhII0q2isS8hk+B7tR6o7 vblk3IllNEBamKoo/Umb6lkqWkODFa6KEIYLqLYvu0HzX8H5c+LSCgB/f2GeYYDk AM6+MfWYd18phsx5u3Y26vKAslwudOW9jhUSAbjoE57uBeJqTGagyCoHXOWNyarI 2a7qLovaEflsQ4hNyO+pCSIpaRY9e8IUmCzO5ay2aPxglPYe3JnfzdU8k6zYV4cO +Cl1ZnAAIpGr6KcSjvu4x55DfLhbaGfVYDK0VexWsE5Q09B/XoJTQdUQzLHBDaG+ Tn1qllgkFBtqsDEUKeirJhRj+TgDU4a3N1phAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUPoiA2j02Hy+O9kRto8kOPuFf2PQwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1BvaUEyajAySHktTzlr UnRvOGtPUHVGZjJQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O/wwDQYJKoZIhvcNAQELBQADggEBAAU2n5cw5gKR29rWKZmh1z9uldanSszN VShaMY0DlN7nR7KZARHcxr1WxJYwRkFEwOJ8ZY+Bh7A1AlgEyJ0xZy3kEQK4Bm93 g0shWUF/tjt44Jb9GEJDLJWvTlPhJkPzVnxBHwjOrvXU39sh4xEJD7o2PfuPyaxk Gt0WqSzj6YO3DbbD7M8gAtW9oJaf7OPeMct5V2Z0uVTCi368rdlPdVtAR9eoYUZA D4eUPWRxfoVw+M4+sHHLRUxFlmDhduqPEOI2BmrFTY0jpdcImrBbfwlGjC7a9xli RkNneQJpMhVe0yyXZ0MybiGZkYOqBzVRphyUlwhEHXmCv3222ZlyjLs= -----END CERTIFICATE-----Generated at Thu Jul 3 19:16:28 2025 by rpki-client