$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/mZ655_Mm_AAI4kl8dUpMGZf7mbY.roa File: mZ655_Mm_AAI4kl8dUpMGZf7mbY.roa (raw, json) Hash identifier: i4ZU88VES3WnFdjiM6ip7erWQPo+8zUMkZM1KAuvcFE= Subject key identifier: 99:9E:B9:E7:F3:26:FC:00:08:E2:49:7C:75:4A:4C:19:97:FB:99:B6 Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 0D23 Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/mZ655_Mm_AAI4kl8dUpMGZf7mbY.roa Signing time: Wed 02 Jul 2025 09:25:41 +0000 ROA not before: Wed 02 Jul 2025 09:25:41 +0000 ROA not after: Thu 09 Apr 2026 06:41:00 +0000 asID: 63567 IP address blocks: 43.241.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 03:44:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3363 (0xd23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: Jul 2 09:25:41 2025 GMT Not After : Apr 9 06:41:00 2026 GMT Subject: CN=999EB9E7F326FC0008E2497C754A4C1997FB99B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:78:78:b4:30:6f:c8:e9:a1:05:65:45:42:43: 87:fe:47:5b:3c:a5:f7:23:10:e9:f0:b6:ee:c2:4c: 61:95:9a:69:8d:0d:81:ac:e3:68:51:39:3a:2e:2a: 7e:9f:68:6b:b3:73:72:6f:48:de:13:3b:05:06:fc: 13:8d:ab:ec:19:a6:10:9a:81:1e:3c:7d:5a:fd:75: eb:cf:3a:e3:6d:4f:df:0b:e3:10:4a:f6:a9:85:62: e2:70:67:b0:35:46:b8:88:2b:d3:3e:f9:0e:df:e7: 9a:c6:78:d2:22:be:bc:c6:c6:57:32:60:cc:ac:82: b2:8e:04:6a:36:ca:2e:7f:49:8c:5c:91:27:1c:63: a7:ae:28:22:2f:03:84:ac:3a:17:61:71:5d:e9:09: 1c:6f:ce:8e:cc:f1:b7:43:a7:f9:fd:51:97:3a:03: 33:3a:f4:9a:76:55:7c:60:8d:ac:84:28:c9:58:70: 6d:d7:80:f1:b2:85:a7:0a:61:ae:ff:dc:d6:02:e6: bc:4a:2b:bd:a3:37:c5:d2:e8:3e:22:5c:8b:46:a4: bc:57:e2:82:3c:35:e6:df:3d:17:1e:06:91:dc:1c: d9:e6:61:59:35:09:d1:7c:cb:d7:d4:e6:9f:51:1e: 62:26:16:e5:34:42:af:d5:4c:84:c2:a7:e4:36:e9: 08:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:9E:B9:E7:F3:26:FC:00:08:E2:49:7C:75:4A:4C:19:97:FB:99:B6 X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/mZ655_Mm_AAI4kl8dUpMGZf7mbY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.241.51.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:8e:db:38:b3:64:e3:60:e8:bc:03:5d:f4:e1:00:f6:80:be: 0a:fc:77:79:83:b9:5f:78:62:6c:5f:b2:da:95:0d:85:a0:a5: 37:46:f4:9a:66:2c:96:df:c3:d8:87:0b:bb:f9:75:b6:77:dc: 47:10:25:8c:8f:f3:b1:34:30:35:df:73:ae:62:b9:fa:f9:10: 0d:7f:6a:ed:a4:2c:c7:15:be:27:8d:67:72:90:77:67:f9:40: 1d:23:fe:b2:65:fb:93:cf:0d:71:ba:1a:e8:93:71:fa:b9:50: de:32:d6:0d:df:ae:c7:5e:4b:29:e5:6a:45:41:cd:b5:74:18: 67:ea:c0:76:4b:bc:83:c7:75:74:3b:74:4f:15:d1:e2:b3:17: 1b:ae:fe:11:7f:0d:1b:2d:8f:5b:69:17:c2:38:42:91:45:ec: 3b:bb:0d:e9:09:5b:69:1f:60:d0:ff:32:df:4f:df:03:bc:32: 4a:3c:5b:1c:30:b9:fd:c7:fa:65:fc:76:5d:69:55:58:d5:af: ae:04:1d:70:bf:16:be:e3:b8:ef:ae:6f:4f:7a:6c:f3:b2:ce: 7a:ac:d6:90:c5:33:76:15:f3:4b:2c:b1:56:4a:6c:bf:43:f6: e6:60:f9:dd:0e:ce:15:a3:a2:5a:87:d3:58:ac:b1:27:3b:ec: d7:66:b9:26 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDSMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA3MDIw OTI1NDFaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDk5OUVCOUU3RjMyNkZD MDAwOEUyNDk3Qzc1NEE0QzE5OTdGQjk5QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDweHi0MG/I6aEFZUVCQ4f+R1s8pfcjEOnwtu7CTGGVmmmNDYGs 42hROTouKn6faGuzc3JvSN4TOwUG/BONq+wZphCagR48fVr9devPOuNtT98L4xBK 9qmFYuJwZ7A1RriIK9M++Q7f55rGeNIivrzGxlcyYMysgrKOBGo2yi5/SYxckScc Y6euKCIvA4SsOhdhcV3pCRxvzo7M8bdDp/n9UZc6AzM69Jp2VXxgjayEKMlYcG3X gPGyhacKYa7/3NYC5rxKK72jN8XS6D4iXItGpLxX4oI8NebfPRceBpHcHNnmYVk1 CdF8y9fU5p9RHmImFuU0Qq/VTITCp+Q26QhjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUmZ655/Mm/AAI4kl8dUpMGZf7mbYwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL21aNjU1X01tX0FBSTRr bDhkVXBNR1pmN21iWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr8TMwDQYJKoZIhvcNAQELBQADggEBACyO2zizZONg6LwDXfThAPaAvgr8d3mD uV94YmxfstqVDYWgpTdG9JpmLJbfw9iHC7v5dbZ33EcQJYyP87E0MDXfc65iufr5 EA1/au2kLMcVvieNZ3KQd2f5QB0j/rJl+5PPDXG6GuiTcfq5UN4y1g3frsdeSynl akVBzbV0GGfqwHZLvIPHdXQ7dE8V0eKzFxuu/hF/DRstj1tpF8I4QpFF7Du7DekJ W2kfYND/Mt9P3wO8Mko8Wxwwuf3H+mX8dl1pVVjVr64EHXC/Fr7juO+ub096bPOy znqs1pDFM3YV80sssVZKbL9D9uZg+d0OzhWjolqH01issSc77NdmuSY= -----END CERTIFICATE-----Generated at Sat Jul 5 02:54:05 2025 by rpki-client