$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/Rrd3LHLwzdXj7Ny1ck1w5npHtKU.roa File: Rrd3LHLwzdXj7Ny1ck1w5npHtKU.roa (raw, json) Hash identifier: 2p65gcNwQUft+ichFxEM04W078cLOEOHobkn8xK61O4= Subject key identifier: 46:B7:77:2C:72:F0:CD:D5:E3:EC:DC:B5:72:4D:70:E6:7A:47:B4:A5 Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Certificate serial: 0CB5 Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/Rrd3LHLwzdXj7Ny1ck1w5npHtKU.roa Signing time: Fri 27 Jun 2025 14:08:50 +0000 ROA not before: Fri 27 Jun 2025 14:08:50 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 18811 IP address blocks: 124.173.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 01:14:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3253 (0xcb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Validity Not Before: Jun 27 14:08:50 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=46B7772C72F0CDD5E3ECDCB5724D70E67A47B4A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:35:22:a7:da:21:72:be:66:1c:fc:37:f0:d6: 31:a8:20:6e:32:b1:0e:96:d5:b8:12:a3:3d:47:e4: b8:c0:18:7f:67:07:06:10:93:ed:a7:a8:fe:4a:0a: 30:02:a7:6a:a6:9d:a5:d1:9c:ac:7c:6c:9d:a2:4d: bf:7e:b5:40:ab:e9:46:af:c6:0a:d6:dc:a4:39:6b: c5:52:68:42:4e:34:25:89:6e:8f:eb:66:49:1a:ec: c6:dd:8b:1c:6f:0a:59:d6:06:b8:18:e3:f3:0f:32: f3:27:ed:85:88:37:79:3b:06:04:66:a6:0a:a8:e3: f6:75:59:9c:23:44:41:be:d8:45:75:5e:ef:66:74: bc:24:40:0b:cb:5a:24:a6:b3:f4:32:f1:c4:b9:5d: 6d:f5:2d:03:a3:6f:6f:9a:28:c3:f8:5f:44:40:50: 19:45:68:42:ce:50:35:75:c1:43:f3:6f:08:39:33: 5e:23:b7:b0:84:26:e6:39:50:43:c8:06:49:d6:a7: b5:76:51:db:75:bd:b6:fc:0a:4b:fd:96:ce:f3:b5: 5d:65:65:12:86:db:a2:0a:c1:15:20:97:fc:bb:51: 83:61:67:6e:70:bf:4c:8c:85:82:c3:7a:86:c3:ca: eb:02:8c:8b:95:50:02:87:7f:09:31:bb:83:5b:86: 1b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:B7:77:2C:72:F0:CD:D5:E3:EC:DC:B5:72:4D:70:E6:7A:47:B4:A5 X509v3 Authority Key Identifier: keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/Rrd3LHLwzdXj7Ny1ck1w5npHtKU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.173.192.0/18 Signature Algorithm: sha256WithRSAEncryption 93:25:7a:50:3d:be:e3:c3:88:7a:fb:13:ce:bd:1e:62:3d:f2: 47:39:26:d3:e6:c4:48:a1:30:bf:4e:f2:e2:7b:9c:2a:99:2e: ab:b6:05:cc:f6:e7:32:2b:b8:f6:dd:07:4c:1a:10:db:dd:8f: 91:c5:28:4d:28:46:b7:b1:20:da:63:40:5c:17:02:0a:87:ae: 31:2c:d8:c8:c5:60:6d:96:bd:d4:27:bb:56:65:bb:9c:92:05: b7:e8:85:48:3e:2c:a5:b8:75:e5:f9:fc:bb:e4:b0:35:8c:85: bd:ca:3c:ea:d0:b2:5f:6a:49:50:61:c7:ae:1c:42:65:ad:c3: d1:40:3a:d8:08:37:84:f1:9d:16:1f:01:d9:d9:cc:40:0f:0c: bc:90:dc:16:62:98:64:a0:1e:51:61:be:c4:ff:c9:9f:32:d7: c2:45:9c:eb:df:b1:e3:0e:6a:94:06:cc:fd:c3:f5:60:99:cc: 79:e5:59:4d:b7:1c:03:65:9f:a0:71:64:e2:8a:a9:bb:b3:d2: 2e:46:35:70:98:25:09:e6:c6:72:5f:cb:27:78:9a:19:bb:f7: 66:72:0b:f3:a9:ff:21:4d:c4:f5:86:1f:81:4c:1e:50:b1:69: 3f:87:62:09:f8:71:5d:e1:cc:bf:8a:e2:46:b5:de:d9:d0:35: 92:eb:ab:98 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICDLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4 MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNTA2Mjcx NDA4NTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ2Qjc3NzJDNzJGMENE RDVFM0VDRENCNTcyNEQ3MEU2N0E0N0I0QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1NSKn2iFyvmYc/Dfw1jGoIG4ysQ6W1bgSoz1H5LjAGH9nBwYQ k+2nqP5KCjACp2qmnaXRnKx8bJ2iTb9+tUCr6UavxgrW3KQ5a8VSaEJONCWJbo/r Zkka7MbdixxvClnWBrgY4/MPMvMn7YWIN3k7BgRmpgqo4/Z1WZwjREG+2EV1Xu9m dLwkQAvLWiSms/Qy8cS5XW31LQOjb2+aKMP4X0RAUBlFaELOUDV1wUPzbwg5M14j t7CEJuY5UEPIBknWp7V2Udt1vbb8Ckv9ls7ztV1lZRKG26IKwRUgl/y7UYNhZ25w v0yMhYLDeobDyusCjIuVUAKHfwkxu4NbhhufAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQURrd3LHLwzdXj7Ny1ck1w5npHtKUwHwYDVR0jBBgwFoAUlIG05AkBXY630D82 A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvUnJkM0xITHd6ZFhqN055MWNr MXc1bnBIdEtVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBnyt wDANBgkqhkiG9w0BAQsFAAOCAQEAkyV6UD2+48OIevsTzr0eYj3yRzkm0+bESKEw v07y4nucKpkuq7YFzPbnMiu49t0HTBoQ292PkcUoTShGt7Eg2mNAXBcCCoeuMSzY yMVgbZa91Ce7VmW7nJIFt+iFSD4spbh15fn8u+SwNYyFvco86tCyX2pJUGHHrhxC Za3D0UA62Ag3hPGdFh8B2dnMQA8MvJDcFmKYZKAeUWG+xP/JnzLXwkWc69+x4w5q lAbM/cP1YJnMeeVZTbccA2WfoHFk4oqpu7PSLkY1cJglCebGcl/LJ3iaGbv3ZnIL 86n/IU3E9YYfgUweULFpP4diCfhxXeHMv4riRrXe2dA1kuurmA== -----END CERTIFICATE-----Generated at Wed Jul 2 22:33:23 2025 by rpki-client