$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/1PjOYcD6n59OGHy74GY01mQgKWU.roa File: 1PjOYcD6n59OGHy74GY01mQgKWU.roa (raw, json) Hash identifier: slNcbUJ32/fRic88R1QJAzj8l6OQcCQSFCDPq6Lf1Qo= Subject key identifier: D4:F8:CE:61:C0:FA:9F:9F:4E:18:7C:BB:E0:66:34:D6:64:20:29:65 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3058 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/1PjOYcD6n59OGHy74GY01mQgKWU.roa Signing time: Sun 30 Mar 2025 19:58:17 +0000 ROA not before: Sun 30 Mar 2025 19:58:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4816 IP address blocks: 103.40.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12376 (0x3058) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 30 19:58:17 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D4F8CE61C0FA9F9F4E187CBBE06634D664202965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e0:22:ac:4d:bc:88:03:8f:c0:57:11:aa:a7: ea:22:22:a1:2a:1b:c3:48:f3:e3:25:88:1c:ca:af: bc:42:cf:d2:18:98:96:4f:83:2f:0c:a6:18:63:63: 4a:2f:e3:4c:70:3b:dc:da:24:c7:54:db:c3:b6:a0: d1:4f:24:74:02:08:77:19:51:09:45:c1:16:8a:e2: b4:a3:97:97:b3:be:dc:9d:ab:d2:3a:8e:78:0d:cb: 44:c5:ce:93:e3:3e:b1:e0:59:7d:a8:4c:5a:ab:bb: cf:dd:ae:5c:de:bf:58:61:d6:f0:a1:35:e2:15:ec: 7a:d1:cd:eb:ed:a9:48:99:2e:c5:5f:e0:31:c5:0f: dc:b8:96:6b:4a:58:27:7c:55:da:f0:05:3e:40:6e: 43:fa:9d:67:53:54:dd:ef:c4:31:37:a2:70:31:20: fc:66:f4:55:14:e8:d4:03:fb:ab:69:86:1c:46:c6: da:ed:60:95:56:db:92:9c:99:a6:67:97:99:3f:d6: 82:ba:28:b0:bd:d1:5c:d9:aa:84:fd:28:55:20:be: 70:86:4a:3b:ba:1d:ed:1b:d4:1a:9b:01:7f:5b:2f: 98:24:16:61:29:14:2e:4e:7c:82:c2:c1:9e:43:6f: 1e:25:9c:dc:32:7e:70:47:ad:66:c1:11:48:4b:e7: a9:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:F8:CE:61:C0:FA:9F:9F:4E:18:7C:BB:E0:66:34:D6:64:20:29:65 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/1PjOYcD6n59OGHy74GY01mQgKWU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.40.240.0/20 Signature Algorithm: sha256WithRSAEncryption 1e:8c:ee:b5:3f:91:1b:4d:9b:b2:23:5b:61:c5:ce:20:74:7e: 11:da:b3:b2:44:cd:db:e4:0b:e7:a9:96:2e:96:2e:2c:38:57: 5d:e9:1b:60:e1:73:a9:49:ab:b3:d5:7f:5f:fa:53:5e:62:43: fb:13:32:27:22:1e:e3:a1:0e:8d:f9:6e:6f:37:1b:0f:c9:1c: e4:9b:87:3b:0c:f4:8f:34:7b:3e:a3:e1:9d:fd:d8:64:4b:d9: f2:8a:39:4b:ba:29:b0:50:be:d8:58:fe:29:cd:2c:f7:ee:c0: b6:b6:b0:be:2f:87:88:d0:d2:60:14:52:e3:47:b1:ee:aa:c1: b3:7d:72:cc:50:0b:cd:cc:5a:0f:94:9f:da:7e:64:14:e6:48: 14:45:42:7d:54:c2:fd:ba:62:02:3c:97:34:9e:24:b2:4f:b8: a5:25:02:2c:63:2e:fd:18:c7:f8:3a:79:62:eb:ca:51:a2:64: 5b:62:cd:24:15:fe:ac:36:28:84:1e:0d:f5:83:06:5e:5c:1d: 89:28:38:2e:7b:30:9a:ef:35:a9:1d:6c:62:26:e0:4d:21:c5: fd:f4:b2:ab:58:d4:e8:04:89:8f:40:72:85:c4:c3:e0:8d:c5: b7:c7:2d:6e:72:f3:36:66:d6:74:58:5e:9f:ee:ba:41:a2:c0: a3:0c:75:76 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMFgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx OTU4MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ0RjhDRTYxQzBGQTlG OUY0RTE4N0NCQkUwNjYzNEQ2NjQyMDI5NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCl4CKsTbyIA4/AVxGqp+oiIqEqG8NI8+MliBzKr7xCz9IYmJZP gy8MphhjY0ov40xwO9zaJMdU28O2oNFPJHQCCHcZUQlFwRaK4rSjl5ezvtydq9I6 jngNy0TFzpPjPrHgWX2oTFqru8/drlzev1hh1vChNeIV7HrRzevtqUiZLsVf4DHF D9y4lmtKWCd8VdrwBT5AbkP6nWdTVN3vxDE3onAxIPxm9FUU6NQD+6tphhxGxtrt YJVW25KcmaZnl5k/1oK6KLC90VzZqoT9KFUgvnCGSju6He0b1BqbAX9bL5gkFmEp FC5OfILCwZ5Dbx4lnNwyfnBHrWbBEUhL56kxAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU1PjOYcD6n59OGHy74GY01mQgKWUwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvMVBqT1ljRDZuNTlP R0h5NzRHWTAxbVFnS1dVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBGco8DANBgkqhkiG9w0BAQsFAAOCAQEAHozutT+RG02bsiNbYcXOIHR+Edqz skTN2+QL56mWLpYuLDhXXekbYOFzqUmrs9V/X/pTXmJD+xMyJyIe46EOjflubzcb D8kc5JuHOwz0jzR7PqPhnf3YZEvZ8oo5S7opsFC+2Fj+Kc0s9+7Atrawvi+HiNDS YBRS40ex7qrBs31yzFALzcxaD5Sf2n5kFOZIFEVCfVTC/bpiAjyXNJ4ksk+4pSUC LGMu/RjH+Dp5YuvKUaJkW2LNJBX+rDYohB4N9YMGXlwdiSg4Lnswmu81qR1sYibg TSHF/fSyq1jU6ASJj0ByhcTD4I3Ft8ctbnLzNmbWdFhen+66QaLAowx1dg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:53 2025 by rpki-client