$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/jTP0Uoe66xbdtLdk3mXQLz1EjYc.roa File: jTP0Uoe66xbdtLdk3mXQLz1EjYc.roa (raw, json) Hash identifier: UhPyhi+KofXGVx2yzzxbc774vXU6MlGKesK+eJ1WdwE= Subject key identifier: 8D:33:F4:52:87:BA:EB:16:DD:B4:B7:64:DE:65:D0:2F:3D:44:8D:87 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 12ED Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/jTP0Uoe66xbdtLdk3mXQLz1EjYc.roa Signing time: Wed 11 Jun 2025 11:12:26 +0000 ROA not before: Wed 11 Jun 2025 11:12:26 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 11:15:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4845 (0x12ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jun 11 11:12:26 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=8D33F45287BAEB16DDB4B764DE65D02F3D448D87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b7:72:09:f7:c1:11:79:c0:b9:59:2e:fc:90: a6:d0:a2:be:70:b7:2b:ef:05:0a:a9:83:56:07:f1: 77:f4:19:a4:de:98:2a:91:29:f3:96:8e:d4:6a:c7: 7e:4f:a0:66:8e:85:0f:25:ac:c7:60:17:ff:5e:36: a6:7b:a0:44:99:1a:e6:02:e3:9c:ee:2b:40:54:45: 92:a9:0a:bb:ec:15:c8:ac:df:f1:94:f8:8f:d4:cc: 21:7a:c4:fb:dc:bd:76:e2:47:df:6a:fb:10:65:24: 94:ca:ed:31:33:90:b1:43:67:83:e2:85:06:e5:84: f7:68:a9:bb:17:47:1a:34:17:21:54:8b:74:68:d3: 56:78:f6:33:a1:1f:85:20:dc:61:f4:8d:1e:7d:c4: 55:df:d2:fb:16:3c:4c:a2:29:f1:ee:4e:5c:c0:e0: 11:ea:f0:2d:4b:d5:44:fb:4d:4f:8f:43:16:62:59: ab:43:c8:d5:1e:ee:3f:d2:fa:13:aa:2d:a4:61:34: e4:a2:2a:48:8b:3e:54:0c:5d:ca:68:b0:c4:d5:d6: 36:2a:e4:e2:e2:67:27:40:08:a6:76:14:50:8d:aa: 37:21:a8:67:67:de:0a:df:83:33:0f:42:73:5d:96: 23:99:2c:5c:8d:96:23:55:dc:43:c1:a6:71:60:5f: 16:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:33:F4:52:87:BA:EB:16:DD:B4:B7:64:DE:65:D0:2F:3D:44:8D:87 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/jTP0Uoe66xbdtLdk3mXQLz1EjYc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.68.0/22 Signature Algorithm: sha256WithRSAEncryption 39:83:91:2f:35:73:33:2d:d3:93:32:9a:80:d8:77:41:59:3c: 10:5e:f0:5f:b5:31:70:82:9a:7a:8d:e5:a6:59:17:ab:8c:11: 91:80:c0:b8:9d:5f:0f:b5:85:a2:17:8b:de:f3:21:e3:b0:26: 23:8e:26:6e:5a:8a:45:ac:b3:9b:c9:73:67:48:60:5e:eb:9b: e9:61:67:05:68:e0:87:1c:51:a7:9d:23:d7:af:71:dd:89:60: fd:42:75:6c:ba:a7:c6:d3:62:c7:8e:b3:4d:b6:48:8d:18:67: 5a:f6:bb:84:74:22:75:ec:41:44:2a:3d:91:7b:6e:29:17:2e: dd:b9:b3:79:45:8a:58:ff:89:28:20:fa:80:e3:05:f1:ec:f0: d1:87:f6:21:3e:ba:c3:08:7b:a1:a1:89:b3:3b:e9:e0:35:d7: d6:14:08:c4:01:f9:f4:f0:77:1e:5c:b6:3d:f8:59:ab:bc:0c: bb:e9:6a:ef:23:84:06:35:02:c5:a1:74:76:a2:26:0f:80:56: 7d:48:45:24:70:65:b9:18:12:54:9a:a4:76:01:e8:fa:8d:73: 33:e4:0b:73:d6:e6:5b:9e:f1:5e:44:46:ad:b0:7e:fb:45:f4: 65:52:e9:3a:6a:a7:21:9c:ff:db:9e:15:4e:63:a6:b9:e5:a5: 5f:6d:47:19 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEu0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA2MTEx MTEyMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDhEMzNGNDUyODdCQUVC MTZEREI0Qjc2NERFNjVEMDJGM0Q0NDhEODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7t3IJ98ERecC5WS78kKbQor5wtyvvBQqpg1YH8Xf0GaTemCqR KfOWjtRqx35PoGaOhQ8lrMdgF/9eNqZ7oESZGuYC45zuK0BURZKpCrvsFcis3/GU +I/UzCF6xPvcvXbiR99q+xBlJJTK7TEzkLFDZ4PihQblhPdoqbsXRxo0FyFUi3Ro 01Z49jOhH4Ug3GH0jR59xFXf0vsWPEyiKfHuTlzA4BHq8C1L1UT7TU+PQxZiWatD yNUe7j/S+hOqLaRhNOSiKkiLPlQMXcposMTV1jYq5OLiZydACKZ2FFCNqjchqGdn 3grfgzMPQnNdliOZLFyNliNV3EPBpnFgXxZxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjTP0Uoe66xbdtLdk3mXQLz1EjYcwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL2pUUDBVb2U2NnhiZHRM ZGszbVhRTHoxRWpZYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6EQwDQYJKoZIhvcNAQELBQADggEBADmDkS81czMt05MymoDYd0FZPBBe8F+1 MXCCmnqN5aZZF6uMEZGAwLidXw+1haIXi97zIeOwJiOOJm5aikWss5vJc2dIYF7r m+lhZwVo4IccUaedI9evcd2JYP1CdWy6p8bTYseOs022SI0YZ1r2u4R0InXsQUQq PZF7bikXLt25s3lFilj/iSgg+oDjBfHs8NGH9iE+usMIe6GhibM76eA119YUCMQB +fTwdx5ctj34Wau8DLvpau8jhAY1AsWhdHaiJg+AVn1IRSRwZbkYElSapHYB6PqN czPkC3PW5lue8V5ERq2wfvtF9GVS6TpqpyGc/9ueFU5jprnlpV9tRxk= -----END CERTIFICATE-----Generated at Thu Jul 3 08:54:18 2025 by rpki-client