$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/kFq6PeZfE0EEFhDuCy93d7VYH3A.roa File: kFq6PeZfE0EEFhDuCy93d7VYH3A.roa (raw, json) Hash identifier: EBhwZCv6thWeEBufuvdoCNNvOuTc2q/xd/SoCakoqmY= Subject key identifier: 90:5A:BA:3D:E6:5F:13:41:04:16:10:EE:0B:2F:77:77:B5:58:1F:70 Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Certificate serial: 1D84 Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/kFq6PeZfE0EEFhDuCy93d7VYH3A.roa Signing time: Thu 03 Apr 2025 08:53:55 +0000 ROA not before: Thu 03 Apr 2025 08:53:55 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63689 IP address blocks: 103.204.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7556 (0x1d84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Validity Not Before: Apr 3 08:53:55 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=905ABA3DE65F1341041610EE0B2F7777B5581F70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:de:93:20:22:34:32:1a:58:e8:5e:5c:7d:bb: fe:08:69:f1:40:9c:0d:1c:e4:85:1c:95:a4:f0:7d: 32:cc:f0:ef:6c:4a:b6:41:05:3b:df:bc:8d:f6:01: 2d:d4:e8:a6:cb:55:6c:5f:c8:47:e4:a7:fc:0a:7b: 7e:cd:e9:47:3e:42:7f:1f:b5:92:e2:61:17:9c:73: 3a:f4:7a:9f:ab:e0:3b:8a:14:7e:5b:7a:cc:90:e7: 05:1b:96:56:dc:fb:37:98:f1:34:40:29:e5:d6:d1: 87:92:93:89:a2:9d:eb:06:f4:41:ca:0f:3f:cc:52: 3c:ff:04:16:40:de:fa:2b:1c:54:5e:8b:99:52:b3: f3:66:c5:7a:de:21:0a:52:a1:85:98:2c:46:b5:6d: 29:23:c8:c8:89:a6:5e:1f:63:4e:c2:46:cb:31:79: ff:4d:3c:1e:c4:3c:17:9b:50:5a:9a:11:c5:99:39: cc:c6:c7:0b:55:e1:a9:43:4c:d3:3a:45:49:7e:d9: 1f:50:6e:89:01:36:35:c0:83:34:8e:5c:a4:11:ad: 14:f4:80:93:6f:3d:2f:ec:26:16:1f:2c:0c:f8:20: 90:85:66:95:ea:8a:8b:30:b6:d7:9a:80:8a:b6:e4: 6c:06:5d:f6:bc:4f:21:4a:12:a3:b5:9f:33:e0:67: 0f:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:5A:BA:3D:E6:5F:13:41:04:16:10:EE:0B:2F:77:77:B5:58:1F:70 X509v3 Authority Key Identifier: keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/kFq6PeZfE0EEFhDuCy93d7VYH3A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.204.72.0/22 Signature Algorithm: sha256WithRSAEncryption 41:30:81:8b:62:81:63:9a:69:af:42:c5:5f:19:47:ea:49:aa: b1:ea:b6:50:5c:47:27:53:fb:e0:0c:a8:5f:03:79:3c:e8:9a: ef:9e:b7:25:dc:d5:59:04:04:37:69:d5:9e:90:6a:f9:4b:21: ef:f2:fd:49:2f:87:7e:c8:cc:b9:6b:68:f4:16:92:a2:ca:88: 09:3e:eb:21:95:bc:30:c6:f5:89:d8:d5:04:64:0f:ee:ae:fe: ee:d1:ad:9e:9c:07:94:93:58:3e:e2:0c:6a:72:7c:b1:0b:e4: 01:8e:3a:0b:f1:29:61:29:52:95:28:1e:73:2e:47:48:1a:ba: d4:ff:3d:e9:f8:45:15:b2:25:19:b9:bf:67:9e:66:76:12:fa: ad:3f:c2:8b:a7:e3:7a:09:01:26:86:89:c8:0a:38:c1:76:42: d6:a7:77:fe:33:e8:eb:b7:73:83:a8:2b:d2:a6:7b:a7:98:90: 8b:e4:1d:bb:3b:d5:b4:b9:e9:b6:bb:90:48:2a:94:3a:4f:d8: 8c:56:a0:73:b9:a6:46:96:dd:a6:eb:c6:6f:2e:27:4e:be:54: c4:9d:a3:d4:81:d5:c4:b7:85:27:f0:65:1e:1b:50:89:2f:77: 75:62:a8:3f:c0:d6:37:94:05:f5:86:cd:5f:62:e9:2e:71:ec: 5c:b5:9e:c3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTA0MDMw ODUzNTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkwNUFCQTNERTY1RjEz NDEwNDE2MTBFRTBCMkY3Nzc3QjU1ODFGNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF3pMgIjQyGljoXlx9u/4IafFAnA0c5IUclaTwfTLM8O9sSrZB BTvfvI32AS3U6KbLVWxfyEfkp/wKe37N6Uc+Qn8ftZLiYRecczr0ep+r4DuKFH5b esyQ5wUbllbc+zeY8TRAKeXW0YeSk4minesG9EHKDz/MUjz/BBZA3vorHFRei5lS s/NmxXreIQpSoYWYLEa1bSkjyMiJpl4fY07CRssxef9NPB7EPBebUFqaEcWZOczG xwtV4alDTNM6RUl+2R9QbokBNjXAgzSOXKQRrRT0gJNvPS/sJhYfLAz4IJCFZpXq ioswtteagIq25GwGXfa8TyFKEqO1nzPgZw9jAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUkFq6PeZfE0EEFhDuCy93d7VYH3AwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcva0ZxNlBlWmZFMEVF RmhEdUN5OTNkN1ZZSDNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmfMSDANBgkqhkiG9w0BAQsFAAOCAQEAQTCBi2KBY5ppr0LFXxlH6kmqseq2 UFxHJ1P74AyoXwN5POia7563JdzVWQQEN2nVnpBq+Ush7/L9SS+HfsjMuWto9BaS osqICT7rIZW8MMb1idjVBGQP7q7+7tGtnpwHlJNYPuIManJ8sQvkAY46C/EpYSlS lSgecy5HSBq61P896fhFFbIlGbm/Z55mdhL6rT/Ci6fjegkBJoaJyAo4wXZC1qd3 /jPo67dzg6gr0qZ7p5iQi+QduzvVtLnptruQSCqUOk/YjFagc7mmRpbdpuvGby4n Tr5UxJ2j1IHVxLeFJ/BlHhtQiS93dWKoP8DWN5QF9YbNX2LpLnHsXLWeww== -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:42 2025 by rpki-client