$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/ppHf14MzECzhrMYjBEgv5bsQX-w.roa File: ppHf14MzECzhrMYjBEgv5bsQX-w.roa (raw, json) Hash identifier: wSF2eIYSzbb9GWp1Z2yFVWOEMNlDEJ7hbzYQcpR1Tjc= Subject key identifier: A6:91:DF:D7:83:33:10:2C:E1:AC:C6:23:04:48:2F:E5:BB:10:5F:EC Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Certificate serial: 1D88 Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/ppHf14MzECzhrMYjBEgv5bsQX-w.roa Signing time: Thu 03 Apr 2025 08:53:56 +0000 ROA not before: Thu 03 Apr 2025 08:53:56 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 59033 IP address blocks: 103.204.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7560 (0x1d88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Validity Not Before: Apr 3 08:53:56 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A691DFD78333102CE1ACC62304482FE5BB105FEC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8f:bf:e7:7d:57:b1:7a:79:4e:ed:2a:a0:e5: 9c:5f:e9:4a:7e:1b:4e:b5:4d:8d:6d:75:42:5f:79: a0:8c:ef:d9:d5:9f:72:3e:26:c2:37:1c:e9:88:ba: e4:4b:cd:f0:b5:e8:13:80:8f:ff:4c:40:42:f7:ba: 6b:8a:37:a4:a2:15:cc:a6:31:98:dc:ed:cc:b5:b2: 4c:4a:4e:3a:07:12:52:11:47:2c:94:ae:06:3b:9f: 66:45:e2:0d:53:74:60:d2:4c:ab:52:62:21:c0:aa: f5:fd:ae:8b:72:52:df:28:0d:14:31:bd:cf:5d:d9: 0c:86:33:34:0c:cc:68:4a:fd:e4:96:7b:be:58:b4: 7c:52:88:6e:f5:db:e0:76:d3:d6:f1:95:54:9a:39: 19:87:81:5c:90:32:a4:5c:99:57:39:43:36:03:e5: 3b:3d:ef:b1:02:b3:65:d2:98:e4:7f:3b:93:06:8e: d9:a2:bc:96:ca:11:d9:82:33:2e:7f:85:42:a0:3b: 0d:48:b9:7e:54:95:2f:13:3a:f6:32:59:cf:08:76: 9b:10:78:c5:bb:f5:26:5a:34:3d:1b:95:66:1a:e2: d6:1f:86:1f:22:12:90:f1:f8:a9:de:ef:55:ec:b2: 76:a7:22:15:40:7d:05:82:c6:3c:f2:8b:6b:35:c3: fe:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:91:DF:D7:83:33:10:2C:E1:AC:C6:23:04:48:2F:E5:BB:10:5F:EC X509v3 Authority Key Identifier: keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/ppHf14MzECzhrMYjBEgv5bsQX-w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.204.72.0/22 Signature Algorithm: sha256WithRSAEncryption 09:9a:a8:31:96:82:5f:0a:06:1c:66:5c:38:ec:b0:97:b9:27: f1:e6:a0:e9:dc:47:59:50:6f:00:72:af:f8:c4:25:35:1b:48: 2d:d6:7e:04:bf:c1:c3:4e:4e:46:e2:0e:5d:26:5a:78:f3:12: 6e:db:28:6d:96:5f:ce:33:57:39:0a:59:e3:a3:a2:21:dc:60: ca:c4:69:b9:4d:a0:15:d3:4a:65:0f:9c:59:a9:05:17:25:87: c7:06:78:fe:a2:40:58:4b:ae:8a:85:83:9f:db:69:0e:53:ca: 04:a2:08:b3:a6:6e:52:ad:28:22:33:20:40:30:45:04:34:b4: 9f:f1:ed:50:f8:17:e9:32:b9:ea:c2:64:1a:b2:47:71:a4:a6: bf:e9:0c:1a:f7:39:59:3c:0a:dc:5a:01:72:e1:84:8e:fa:b5: 14:05:c3:6c:5e:a0:30:05:b2:e9:e8:f9:67:66:cd:5d:97:f9: 4c:82:a5:2e:ba:7a:44:62:1a:ad:5a:4e:26:15:18:d2:f8:f6: 7e:67:43:1e:25:f7:a7:63:29:ac:67:9d:24:71:e4:c3:a3:d6: ae:a2:e6:56:45:eb:bc:f2:e4:46:45:92:14:39:58:81:72:3b: 1a:43:14:c6:c9:c8:03:b2:92:d0:65:da:13:5d:45:6d:b7:2b: b0:21:c0:4c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHYgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTA0MDMw ODUzNTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE2OTFERkQ3ODMzMzEw MkNFMUFDQzYyMzA0NDgyRkU1QkIxMDVGRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1j7/nfVexenlO7Sqg5Zxf6Up+G061TY1tdUJfeaCM79nVn3I+ JsI3HOmIuuRLzfC16BOAj/9MQEL3umuKN6SiFcymMZjc7cy1skxKTjoHElIRRyyU rgY7n2ZF4g1TdGDSTKtSYiHAqvX9rotyUt8oDRQxvc9d2QyGMzQMzGhK/eSWe75Y tHxSiG712+B209bxlVSaORmHgVyQMqRcmVc5QzYD5Ts977ECs2XSmOR/O5MGjtmi vJbKEdmCMy5/hUKgOw1IuX5UlS8TOvYyWc8IdpsQeMW79SZaND0blWYa4tYfhh8i EpDx+Kne71XssnanIhVAfQWCxjzyi2s1w/7HAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUppHf14MzECzhrMYjBEgv5bsQX+wwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvcHBIZjE0TXpFQ3po ck1ZakJFZ3Y1YnNRWC13LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmfMSDANBgkqhkiG9w0BAQsFAAOCAQEACZqoMZaCXwoGHGZcOOywl7kn8eag 6dxHWVBvAHKv+MQlNRtILdZ+BL/Bw05ORuIOXSZaePMSbtsobZZfzjNXOQpZ46Oi IdxgysRpuU2gFdNKZQ+cWakFFyWHxwZ4/qJAWEuuioWDn9tpDlPKBKIIs6ZuUq0o IjMgQDBFBDS0n/HtUPgX6TK56sJkGrJHcaSmv+kMGvc5WTwK3FoBcuGEjvq1FAXD bF6gMAWy6ej5Z2bNXZf5TIKlLrp6RGIarVpOJhUY0vj2fmdDHiX3p2MprGedJHHk w6PWrqLmVkXrvPLkRkWSFDlYgXI7GkMUxsnIA7KS0GXaE11FbbcrsCHATA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:06 2025 by rpki-client