$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/64/TRsllJSkEPmnLGRBl0ebrTHdqUE.roa File: TRsllJSkEPmnLGRBl0ebrTHdqUE.roa (raw, json) Hash identifier: T9rV/A+m2L9HkkPUmRQCNU45A/Mqdg6my4PcVgCno8E= Subject key identifier: 4D:1B:25:94:94:A4:10:F9:A7:2C:64:41:97:47:9B:AD:31:DD:A9:41 Certificate issuer: /CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Certificate serial: 08 Authority key identifier: 5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/TRsllJSkEPmnLGRBl0ebrTHdqUE.roa Signing time: Mon 26 May 2025 00:46:38 +0000 ROA not before: Mon 26 May 2025 00:46:38 +0000 ROA not after: Tue 26 May 2026 00:40:26 +0000 asID: 9803 IP address blocks: 211.150.98.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 16:41:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5EB8C57D72F7946DD7B2420599288ECA153CB709 Validity Not Before: May 26 00:46:38 2025 GMT Not After : May 26 00:40:26 2026 GMT Subject: CN=4D1B259494A410F9A72C644197479BAD31DDA941 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:81:b2:b3:4b:9e:3b:ac:6f:cc:0c:b8:0e:aa: 58:79:df:f2:0b:d1:df:16:02:0a:0f:97:29:3b:06: f4:5e:6b:b2:a0:d6:47:f2:3e:93:f2:53:69:f2:4b: 16:84:53:5a:4c:b0:b9:6d:80:74:f4:49:61:ce:2b: 17:45:70:6b:d7:5e:74:44:d3:d6:09:fd:1b:f6:b6: 01:60:c2:30:22:98:32:f7:4d:b1:2e:cf:51:8d:b6: c7:f2:92:72:8b:1e:68:f4:47:34:cd:71:10:0d:39: bc:35:95:ad:9c:92:11:b8:8a:e6:49:b2:fa:6e:f8: d2:2d:2b:80:f0:97:20:09:cf:44:d5:16:b1:57:29: ea:d0:65:b1:48:d8:56:2a:17:20:cc:ed:3e:9a:47: c3:89:24:d0:a0:71:ef:ef:93:15:a5:62:f2:4e:dc: 3f:1e:22:4a:f2:2f:8c:08:35:9f:62:3d:6b:ce:82: ac:35:e3:c6:45:af:d9:a5:b1:e2:d0:e6:93:33:dd: 79:77:64:ae:e0:ee:55:d3:2d:28:c9:2e:ff:8c:39: 1a:8b:ad:07:00:58:70:28:3c:f9:2a:f4:9d:bd:c3: ea:45:dc:9e:f1:4b:4e:3e:31:51:de:23:3c:ee:db: 21:ed:21:cb:8a:46:bb:58:cd:06:0e:56:64:e2:91: 39:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:1B:25:94:94:A4:10:F9:A7:2C:64:41:97:47:9B:AD:31:DD:A9:41 X509v3 Authority Key Identifier: keyid:5E:B8:C5:7D:72:F7:94:6D:D7:B2:42:05:99:28:8E:CA:15:3C:B7:09 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/XrjFfXL3lG3XskIFmSiOyhU8twk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XrjFfXL3lG3XskIFmSiOyhU8twk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/64/TRsllJSkEPmnLGRBl0ebrTHdqUE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.150.98.0/24 Signature Algorithm: sha256WithRSAEncryption 38:32:56:1a:7d:26:63:29:ed:fd:2d:f5:ca:8e:ab:22:7b:71: 18:32:85:03:1e:5e:93:4e:c7:1d:1f:df:39:28:62:db:29:15: 5b:82:39:37:11:b9:14:c8:44:ea:5e:71:52:19:50:4e:99:70: 4d:f4:31:2b:a0:f7:04:b0:f5:3c:33:c3:4d:0a:c7:4c:cd:10: 70:a7:3d:e6:a4:1a:bd:60:d3:a0:0f:11:93:9f:ed:f8:83:0c: 2b:1d:2c:c8:49:e7:ba:13:8e:e4:fb:57:2d:b5:79:20:0d:31: 15:90:fa:6e:29:93:86:ec:cb:4f:80:d4:8b:b1:39:15:3a:3a: fb:9e:d6:8d:8f:a3:61:52:09:8c:59:d9:1e:eb:43:b6:b1:ea: 4d:ee:59:d2:35:c0:b8:80:2e:d6:3b:5d:ec:a3:4c:57:e5:e4: 86:0f:93:a7:34:c0:20:3d:66:45:0f:c0:31:d5:0f:2a:85:1f: db:35:4a:1b:42:b7:08:48:88:0a:2d:bc:bc:00:f6:3d:c2:c4: e8:e9:db:76:bf:c5:97:6a:20:64:0a:46:ed:00:c1:6b:a9:6d: da:c1:e0:5d:59:b2:31:8c:3d:b8:d9:71:17:89:a5:06:d0:45: fe:57:41:22:b1:da:1a:1d:b1:90:ce:a6:bd:24:46:ad:a1:71: 27:c5:11:fa -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIBCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RUI4 QzU3RDcyRjc5NDZERDdCMjQyMDU5OTI4OEVDQTE1M0NCNzA5MB4XDTI1MDUyNjAw NDYzOFoXDTI2MDUyNjAwNDAyNlowMzExMC8GA1UEAxMoNEQxQjI1OTQ5NEE0MTBG OUE3MkM2NDQxOTc0NzlCQUQzMUREQTk0MTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAPmBsrNLnjusb8wMuA6qWHnf8gvR3xYCCg+XKTsG9F5rsqDWR/I+ k/JTafJLFoRTWkywuW2AdPRJYc4rF0Vwa9dedETT1gn9G/a2AWDCMCKYMvdNsS7P UY22x/KScoseaPRHNM1xEA05vDWVrZySEbiK5kmy+m740i0rgPCXIAnPRNUWsVcp 6tBlsUjYVioXIMztPppHw4kk0KBx7++TFaVi8k7cPx4iSvIvjAg1n2I9a86CrDXj xkWv2aWx4tDmkzPdeXdkruDuVdMtKMku/4w5GoutBwBYcCg8+Sr0nb3D6kXcnvFL Tj4xUd4jPO7bIe0hy4pGu1jNBg5WZOKROYUCAwEAAaOCAe8wggHrMB0GA1UdDgQW BBRNGyWUlKQQ+acsZEGXR5utMd2pQTAfBgNVHSMEGDAWgBReuMV9cveUbdeyQgWZ KI7KFTy3CTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NC9Y cmpGZlhMM2xHM1hza0lGbVNpT3loVTh0d2suY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL1hyakZmWEwzbEczWHNrSUZtU2lPeWhVOHR3ay5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzY0L1RSc2xsSlNrRVBtbkxHUkJs MGViclRIZHFVRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADT lmIwDQYJKoZIhvcNAQELBQADggEBADgyVhp9JmMp7f0t9cqOqyJ7cRgyhQMeXpNO xx0f3zkoYtspFVuCOTcRuRTIROpecVIZUE6ZcE30MSug9wSw9Twzw00Kx0zNEHCn PeakGr1g06APEZOf7fiDDCsdLMhJ57oTjuT7Vy21eSANMRWQ+m4pk4bsy0+A1Iux ORU6Ovue1o2Po2FSCYxZ2R7rQ7ax6k3uWdI1wLiALtY7XeyjTFfl5IYPk6c0wCA9 ZkUPwDHVDyqFH9s1ShtCtwhIiAotvLwA9j3CxOjp23a/xZdqIGQKRu0AwWupbdrB 4F1ZsjGMPbjZcReJpQbQRf5XQSKx2hodsZDOpr0kRq2hcSfFEfo= -----END CERTIFICATE-----Generated at Fri Jul 4 16:19:43 2025 by rpki-client