$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/Mb88DUngG1AeeJ_spzyhH1MtIe8.roa File: Mb88DUngG1AeeJ_spzyhH1MtIe8.roa (raw, json) Hash identifier: rPbaYvCyBWVV6nFsWT4yFzdUpbPZoHNmTE5IeHtHFsA= Subject key identifier: 31:BF:3C:0D:49:E0:1B:50:1E:78:9F:EC:A7:3C:A1:1F:53:2D:21:EF Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 202E Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/Mb88DUngG1AeeJ_spzyhH1MtIe8.roa Signing time: Fri 17 Jan 2025 01:24:12 +0000 ROA not before: Fri 17 Jan 2025 01:24:12 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 209242 IP address blocks: 103.244.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8238 (0x202e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:12 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=31BF3C0D49E01B501E789FECA73CA11F532D21EF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:03:cc:41:01:7c:b6:67:cd:20:6b:78:51:a8: 08:96:39:64:4b:1b:18:41:42:ff:a3:4e:44:f2:ff: ce:c5:ab:eb:41:72:80:03:c4:c0:fd:b0:bb:ad:52: 42:99:0f:93:2e:21:70:03:97:ce:e9:3a:26:e4:44: 47:a2:d2:ed:f5:c2:34:0b:44:10:f9:4f:36:7f:b3: 54:94:9c:53:91:52:3b:e4:62:12:ca:a4:46:a8:e9: 3e:6f:50:e2:65:8d:74:39:40:4a:8a:72:ff:8f:b5: f2:4f:66:06:f4:63:16:90:2c:e5:9d:31:64:98:99: f4:59:f2:61:5e:30:fa:77:3d:35:c4:b9:17:f8:be: 0f:ef:f3:f8:34:a1:9d:b6:c5:a7:66:dd:3f:b6:20: 68:38:f0:34:50:92:64:14:0b:ae:17:4f:3c:2a:d4: a7:58:6b:1a:08:20:0d:91:58:d5:96:e9:5c:0d:fc: ce:0d:90:50:ae:cb:77:8a:a1:9a:97:2a:f8:7e:7a: cb:75:c6:a1:e1:94:60:dc:73:75:6e:3a:02:d1:26: 2e:b0:68:b9:44:ec:6e:d4:b8:47:32:45:36:7f:48: 66:21:90:cc:3f:62:d2:f7:08:df:6d:ff:c7:29:7f: c7:76:db:22:16:75:79:f9:c6:bc:8b:dd:2c:38:b8: c0:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:BF:3C:0D:49:E0:1B:50:1E:78:9F:EC:A7:3C:A1:1F:53:2D:21:EF X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/Mb88DUngG1AeeJ_spzyhH1MtIe8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.118.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:96:46:6c:4b:70:e4:af:63:b8:4d:dc:f3:12:92:37:b3:bb: 40:75:ba:d8:b8:d3:9d:cf:eb:1e:87:fa:d8:a3:3f:ba:c5:05: 9d:95:96:e6:c1:75:0f:ea:15:fb:80:6b:e7:08:51:09:7d:1c: ab:79:77:59:85:81:09:81:0a:8e:51:79:99:9b:52:a1:32:0b: 4f:55:a5:39:11:67:2b:65:24:68:e0:77:4a:f3:6f:4d:14:20: 38:0f:40:b8:06:af:ee:c7:7d:5a:fb:fb:ec:ed:46:f3:63:e3: fc:12:1e:ab:e1:2b:3a:50:d9:87:6f:c1:f0:c3:55:0e:3f:e9: da:cc:90:79:9b:df:1d:0b:a4:81:5d:f8:5d:ba:01:38:5d:3c: b1:74:39:94:b1:a4:a9:ac:d7:e2:04:a3:8a:9c:9c:af:d5:6d: 10:6e:73:1a:0a:51:32:d9:91:e1:cb:01:85:8d:1b:20:f9:43: 8d:9d:66:c5:a0:cd:61:a0:76:68:3b:ec:22:55:7e:20:d3:7d: c6:bd:0a:70:eb:43:d3:0c:be:c6:9a:3c:e4:2b:57:fe:59:fb: 71:cd:df:08:8f:68:95:9c:94:4c:35:bb:a0:a6:29:85:7b:3e: 5b:11:77:ff:2a:91:6c:b9:50:d7:2b:31:b6:a9:8c:17:15:42: 60:b3:29:ec -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMxQkYzQzBENDlFMDFC NTAxRTc4OUZFQ0E3M0NBMTFGNTMyRDIxRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4A8xBAXy2Z80ga3hRqAiWOWRLGxhBQv+jTkTy/87Fq+tBcoAD xMD9sLutUkKZD5MuIXADl87pOibkREei0u31wjQLRBD5TzZ/s1SUnFORUjvkYhLK pEao6T5vUOJljXQ5QEqKcv+PtfJPZgb0YxaQLOWdMWSYmfRZ8mFeMPp3PTXEuRf4 vg/v8/g0oZ22xadm3T+2IGg48DRQkmQUC64XTzwq1KdYaxoIIA2RWNWW6VwN/M4N kFCuy3eKoZqXKvh+est1xqHhlGDcc3VuOgLRJi6waLlE7G7UuEcyRTZ/SGYhkMw/ YtL3CN9t/8cpf8d22yIWdXn5xryL3Sw4uMBhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMb88DUngG1AeeJ/spzyhH1MtIe8wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvTWI4OERVbmdHMUFl ZUpfc3B6eWhIMU10SWU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGf0djANBgkqhkiG9w0BAQsFAAOCAQEAbZZGbEtw5K9juE3c8xKSN7O7QHW6 2LjTnc/rHof62KM/usUFnZWW5sF1D+oV+4Br5whRCX0cq3l3WYWBCYEKjlF5mZtS oTILT1WlORFnK2UkaOB3SvNvTRQgOA9AuAav7sd9Wvv77O1G82Pj/BIeq+ErOlDZ h2/B8MNVDj/p2syQeZvfHQukgV34XboBOF08sXQ5lLGkqazX4gSjipycr9VtEG5z GgpRMtmR4csBhY0bIPlDjZ1mxaDNYaB2aDvsIlV+INN9xr0KcOtD0wy+xpo85CtX /ln7cc3fCI9olZyUTDW7oKYphXs+WxF3/yqRbLlQ1ysxtqmMFxVCYLMp7A== -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:16 2025 by rpki-client