$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/_VxfP0NV5wVuF44sA3duuLOMm9s.roa File: _VxfP0NV5wVuF44sA3duuLOMm9s.roa (raw, json) Hash identifier: fG3tqGdt4o5thV3w2Z/hmIPcO8bFDeOc7WMM1aVjkA4= Subject key identifier: FD:5C:5F:3F:43:55:E7:05:6E:17:8E:2C:03:77:6E:B8:B3:8C:9B:DB Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 0BDA Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/_VxfP0NV5wVuF44sA3duuLOMm9s.roa Signing time: Tue 13 May 2025 06:43:34 +0000 ROA not before: Tue 13 May 2025 06:43:34 +0000 ROA not after: Thu 09 Apr 2026 06:41:00 +0000 asID: 63567 IP address blocks: 43.240.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 14:40:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3034 (0xbda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: May 13 06:43:34 2025 GMT Not After : Apr 9 06:41:00 2026 GMT Subject: CN=FD5C5F3F4355E7056E178E2C03776EB8B38C9BDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:23:e2:a1:75:6d:e3:05:c7:44:e6:f9:65:52: 8b:7c:36:61:48:6c:f0:e3:04:10:9c:8e:ce:83:96: 75:70:74:ca:a7:f1:92:55:d7:bf:a0:93:38:e0:c5: b4:6d:1a:13:cf:03:56:5f:07:52:18:3c:80:a1:c0: 68:e8:fb:96:d7:66:90:ba:82:7c:ee:f1:35:2a:1f: e1:3f:6e:f1:4f:35:dc:49:0f:3f:a1:46:fc:00:ed: 0d:e4:1f:8d:08:0a:93:de:fa:f6:36:12:60:83:62: 4d:c5:6d:93:99:2a:6a:f3:17:cd:7f:87:e0:48:1c: ef:36:b3:70:6c:85:78:1f:36:a6:2b:57:00:d5:58: e3:8a:7c:5f:26:4f:e0:85:49:a1:7e:95:93:6f:2a: 75:5e:bc:ef:5d:b5:54:db:28:73:c8:81:35:bd:59: e8:01:14:dd:95:3a:87:25:d9:76:04:94:48:cc:e4: 12:49:c7:fa:77:7b:69:6d:74:3c:85:3a:4c:02:f2: 4d:97:8e:0c:7b:fe:2f:fc:f1:c3:05:4b:5a:67:5c: 4f:c0:8d:57:a7:a1:f4:07:75:76:da:a6:71:ff:05: ed:e7:b3:d4:44:01:48:61:51:56:be:88:0f:fe:64: a8:f4:e6:f5:9e:40:4f:96:54:0a:9d:25:08:eb:c5: ec:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:5C:5F:3F:43:55:E7:05:6E:17:8E:2C:03:77:6E:B8:B3:8C:9B:DB X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/_VxfP0NV5wVuF44sA3duuLOMm9s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.240.0.0/22 Signature Algorithm: sha256WithRSAEncryption 3c:76:ba:ef:f6:fc:24:8d:bb:0b:53:7c:65:b0:63:3a:25:26: cf:0a:eb:d7:5b:7f:cc:57:88:d0:42:79:12:9a:55:e9:ec:97: fc:dc:e0:9b:36:a9:a3:fa:01:2e:a0:86:ce:5c:8e:76:3d:bc: 84:c0:8a:32:c1:46:b5:e0:94:c0:08:3d:96:ee:11:f8:59:58: 4e:29:66:74:4c:50:a3:a2:70:34:57:48:4d:74:6a:e4:42:ab: aa:09:2f:cd:a9:33:4d:a5:2b:4f:16:17:4f:f5:bc:2c:74:97: e4:31:a5:30:94:4d:43:e6:54:11:2c:e9:f8:4b:65:d4:75:25: 02:2c:db:bf:00:ba:b1:69:93:34:64:53:4e:68:e0:a0:7a:06: d2:86:88:5a:0f:a3:e3:5e:4f:34:dc:a8:b4:7b:37:fa:64:24: 9a:ae:4a:10:cb:8b:3a:fc:19:7f:f5:36:a6:82:9d:9c:c4:64: e3:71:a8:7b:e2:9b:81:81:a3:51:b1:c2:7c:aa:27:c9:79:e6: de:4a:18:08:5a:18:dc:f4:20:aa:7d:29:16:0c:e1:ae:f2:d1: 7b:75:b2:0b:63:22:88:24:6c:7c:24:9e:b3:50:0d:c4:87:a8: 89:17:4f:54:61:02:62:94:18:e1:34:1a:bf:4a:5d:10:3f:e1: 97:98:92:c8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICC9owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA1MTMw NjQzMzRaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKEZENUM1RjNGNDM1NUU3 MDU2RTE3OEUyQzAzNzc2RUI4QjM4QzlCREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdI+KhdW3jBcdE5vllUot8NmFIbPDjBBCcjs6DlnVwdMqn8ZJV 17+gkzjgxbRtGhPPA1ZfB1IYPIChwGjo+5bXZpC6gnzu8TUqH+E/bvFPNdxJDz+h RvwA7Q3kH40ICpPe+vY2EmCDYk3FbZOZKmrzF81/h+BIHO82s3BshXgfNqYrVwDV WOOKfF8mT+CFSaF+lZNvKnVevO9dtVTbKHPIgTW9WegBFN2VOocl2XYElEjM5BJJ x/p3e2ltdDyFOkwC8k2Xjgx7/i/88cMFS1pnXE/AjVenofQHdXbapnH/Be3ns9RE AUhhUVa+iA/+ZKj05vWeQE+WVAqdJQjrxexpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU/VxfP0NV5wVuF44sA3duuLOMm9swHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL19WeGZQME5WNXdWdUY0 NHNBM2R1dUxPTW05cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr8AAwDQYJKoZIhvcNAQELBQADggEBADx2uu/2/CSNuwtTfGWwYzolJs8K69db f8xXiNBCeRKaVensl/zc4Js2qaP6AS6ghs5cjnY9vITAijLBRrXglMAIPZbuEfhZ WE4pZnRMUKOicDRXSE10auRCq6oJL82pM02lK08WF0/1vCx0l+QxpTCUTUPmVBEs 6fhLZdR1JQIs278AurFpkzRkU05o4KB6BtKGiFoPo+NeTzTcqLR7N/pkJJquShDL izr8GX/1NqaCnZzEZONxqHvim4GBo1GxwnyqJ8l55t5KGAhaGNz0IKp9KRYM4a7y 0Xt1sgtjIogkbHwknrNQDcSHqIkXT1RhAmKUGOE0Gr9KXRA/4ZeYksg= -----END CERTIFICATE-----Generated at Sun May 18 12:21:33 2025 by rpki-client