$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1630/dRzZBwD8nn9NRnPMSg6KYfYpdwU.roa File: dRzZBwD8nn9NRnPMSg6KYfYpdwU.roa (raw, json) Hash identifier: 7mntN1EQX9ULdC3vyzx+A7+0SpzueCgIht3TR71acNE= Subject key identifier: 75:1C:D9:07:00:FC:9E:7F:4D:46:73:CC:4A:0E:8A:61:F6:29:77:05 Certificate issuer: /CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A Certificate serial: 1BD0 Authority key identifier: 4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/dRzZBwD8nn9NRnPMSg6KYfYpdwU.roa Signing time: Fri 17 Jan 2025 01:27:05 +0000 ROA not before: Fri 17 Jan 2025 01:27:05 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63679 IP address blocks: 27.0.204.0/22 maxlen: 24 27.0.207.0/24 maxlen: 24 103.208.48.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7120 (0x1bd0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A Validity Not Before: Jan 17 01:27:05 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=751CD90700FC9E7F4D4673CC4A0E8A61F6297705 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:f2:ad:09:3d:18:ef:bd:c6:99:8d:ab:ff:2f: 49:4e:37:79:14:51:99:f3:62:61:42:3d:02:c9:45: 58:e9:fa:88:74:f0:da:f1:4b:60:d7:ec:3f:ed:c2: bf:f1:ac:d9:78:df:04:03:54:22:14:00:1a:50:b7: 3e:9d:88:0b:e2:af:f0:d1:e7:1d:1b:0b:7d:70:e6: e2:12:bf:7b:7c:d3:21:0e:14:9c:60:47:ca:c7:5c: a5:a5:b5:62:a4:23:e7:ec:06:d5:79:9e:ef:e2:c3: fd:7e:7e:ca:9d:c3:c1:89:3f:cd:9e:ea:52:95:d9: a4:3e:a1:b3:cc:5d:fd:ec:32:bd:43:0c:42:b5:28: 53:21:53:58:8b:a0:14:56:75:66:e5:f1:5c:88:f4: 7e:64:2a:d3:32:76:ca:fd:c9:19:0e:7a:a3:20:a6: fe:97:17:6a:48:83:68:9d:14:c2:1c:46:1b:0d:2c: 02:aa:e1:4e:a5:4a:33:07:c4:cb:dd:7f:ad:22:83: ee:9a:05:67:2e:6e:65:2b:45:ad:15:f7:5e:ea:c6: 69:13:0b:b9:86:e7:0a:06:5d:46:b3:cd:eb:95:58: 10:6c:31:4c:ea:6f:07:f7:2d:6c:da:2d:87:37:95: ed:ee:b0:36:19:26:b0:82:9a:b1:b7:e9:41:49:9b: e3:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:1C:D9:07:00:FC:9E:7F:4D:46:73:CC:4A:0E:8A:61:F6:29:77:05 X509v3 Authority Key Identifier: keyid:4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/dRzZBwD8nn9NRnPMSg6KYfYpdwU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.0.204.0/22 103.208.48.0/22 Signature Algorithm: sha256WithRSAEncryption 54:33:f1:e3:d6:5a:92:3e:0b:f9:48:e7:bb:d6:cf:68:02:6b: 0d:f3:6b:01:7b:5e:18:93:3f:83:c6:41:c6:c5:b0:87:be:27: 3a:9d:97:8b:e0:51:86:99:1f:3b:d1:7d:2d:ca:c9:b1:f4:57: b4:ec:49:08:1c:de:69:ac:ec:5c:f1:03:54:ce:d1:aa:df:46: 24:98:4a:19:61:2c:dd:c5:3e:c8:63:05:6f:62:aa:f2:12:47: 64:5e:ff:4f:67:49:c9:b4:40:32:2a:f3:e9:29:7e:8f:e4:68: 11:47:c0:a9:24:b8:ef:4a:64:c9:44:95:4e:3c:ca:09:ab:52: 87:01:2d:64:e1:c6:2e:6b:55:07:06:63:5e:d8:b9:9b:cc:55: b9:72:a4:ba:62:39:b7:04:14:97:22:c9:75:5d:0e:74:0b:e0: 66:85:e0:0a:31:d0:be:f7:35:71:4a:ae:81:ee:fc:ca:3d:3a: 89:2f:2c:12:9e:dc:99:cc:e1:60:cd:07:05:6d:5c:38:2c:63: 4e:97:1d:ab:ad:d6:1e:b1:6b:2c:51:4c:62:a3:fb:8b:dc:fb: 1f:c2:a8:fc:9d:ab:88:2f:5f:90:35:47:8f:10:ab:df:78:6f: b2:11:4d:84:83:3e:43:43:46:8e:81:e4:d5:5d:d3:84:9f:09: d7:ca:5e:44 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICG9AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEMx RkI1NTNGRjIzMzEyQ0Q5QzI1REUxREE3MjA0OEYwNjQ4M0M1QTAeFw0yNTAxMTcw MTI3MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc1MUNEOTA3MDBGQzlF N0Y0RDQ2NzNDQzRBMEU4QTYxRjYyOTc3MDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDU8q0JPRjvvcaZjav/L0lON3kUUZnzYmFCPQLJRVjp+oh08Nrx S2DX7D/twr/xrNl43wQDVCIUABpQtz6diAvir/DR5x0bC31w5uISv3t80yEOFJxg R8rHXKWltWKkI+fsBtV5nu/iw/1+fsqdw8GJP82e6lKV2aQ+obPMXf3sMr1DDEK1 KFMhU1iLoBRWdWbl8VyI9H5kKtMydsr9yRkOeqMgpv6XF2pIg2idFMIcRhsNLAKq 4U6lSjMHxMvdf60ig+6aBWcubmUrRa0V917qxmkTC7mG5woGXUazzeuVWBBsMUzq bwf3LWzaLYc3le3usDYZJrCCmrG36UFJm+MZAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUdRzZBwD8nn9NRnPMSg6KYfYpdwUwHwYDVR0jBBgwFoAUTB+1U/8jMSzZwl3h 2nIEjwZIPFowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTYz MC9UQi0xVV84ak1Telp3bDNoMm5JRWp3WklQRm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RCLTFVXzhqTVN6WndsM2gybklFandaSVBGby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2MzAvZFJ6WkJ3RDhubjlO Um5QTVNnNktZZllwZHdVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAhsAzAMEAmfQMDANBgkqhkiG9w0BAQsFAAOCAQEAVDPx49Zakj4L+Ujnu9bP aAJrDfNrAXteGJM/g8ZBxsWwh74nOp2Xi+BRhpkfO9F9LcrJsfRXtOxJCBzeaazs XPEDVM7Rqt9GJJhKGWEs3cU+yGMFb2Kq8hJHZF7/T2dJybRAMirz6Sl+j+RoEUfA qSS470pkyUSVTjzKCatShwEtZOHGLmtVBwZjXti5m8xVuXKkumI5twQUlyLJdV0O dAvgZoXgCjHQvvc1cUquge78yj06iS8sEp7cmczhYM0HBW1cOCxjTpcdq63WHrFr LFFMYqP7i9z7H8Ko/J2riC9fkDVHjxCr33hvshFNhIM+Q0NGjoHk1V3ThJ8J18pe RA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:46 2025 by rpki-client