$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/IFidcHNPXthCJghiVHydJRJn1rw.roa File: IFidcHNPXthCJghiVHydJRJn1rw.roa (raw, json) Hash identifier: +pTlkb483uRH5SA8wmAgOQc/g2KfZ9hHgdcBfOy1Tco= Subject key identifier: 20:58:9D:70:73:4F:5E:D8:42:26:08:62:54:7C:9D:25:12:67:D6:BC Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3057 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/IFidcHNPXthCJghiVHydJRJn1rw.roa Signing time: Sun 30 Mar 2025 19:58:17 +0000 ROA not before: Sun 30 Mar 2025 19:58:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 134762 IP address blocks: 103.45.172.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12375 (0x3057) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 30 19:58:17 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=20589D70734F5ED842260862547C9D251267D6BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:35:27:1a:d7:3b:49:ab:68:8e:1f:f2:d1:35: 28:2d:2b:a8:f7:49:82:7d:2d:87:47:e4:9a:8c:38: f9:7d:bc:7f:f5:8c:50:ee:51:4d:29:04:36:20:8a: 53:f3:d6:a6:39:8f:96:29:4a:a2:8b:fc:82:0a:be: 1c:3a:58:85:9f:c9:72:ba:e4:87:4b:69:33:fa:3a: d7:da:45:df:08:b2:3c:85:5e:99:c9:55:7b:d1:1a: b6:fa:e2:69:f4:01:ee:39:b2:1d:a8:a4:f7:f2:60: 52:29:ff:da:0a:7a:5b:8c:3d:4c:da:2f:fa:1f:32: f6:79:7c:6a:b4:e7:ba:36:b5:7e:71:5e:cf:07:77: 00:2f:7a:dd:3a:be:8a:16:c2:d4:a0:72:36:3a:7a: 06:55:cd:40:f1:66:aa:5d:84:e2:8e:69:87:a7:ac: 60:a6:55:3b:7c:08:e8:18:21:8b:c2:ff:ce:65:cc: 0e:2d:e8:84:94:b0:88:c5:31:9b:1a:fc:e2:90:83: c4:2d:d9:2a:95:04:8b:5e:dc:20:cd:c1:18:7a:89: 92:2c:75:c0:b4:89:65:45:f5:be:c8:82:46:7a:13: c1:4b:c5:c9:a1:a7:4c:d1:59:af:be:1e:16:03:1b: 4b:bf:8c:8f:3b:8f:ce:88:04:94:c1:f0:19:ae:09: e2:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:58:9D:70:73:4F:5E:D8:42:26:08:62:54:7C:9D:25:12:67:D6:BC X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/IFidcHNPXthCJghiVHydJRJn1rw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.45.172.0/22 Signature Algorithm: sha256WithRSAEncryption 90:8d:45:4f:e6:b1:fe:84:3a:a5:db:ee:3f:85:e0:b2:61:49: 83:6b:5b:52:2a:9e:35:b6:2d:45:a2:2f:22:7f:6c:cd:6c:24: 78:e9:08:0e:b0:86:a9:8d:f9:b5:1f:81:d4:50:7f:a4:7b:b6: e8:12:82:89:2f:2f:9b:6d:80:e6:0f:35:3f:ab:bb:e9:c3:99: d8:45:59:e6:91:e8:92:f1:74:0a:a6:e6:ae:8e:62:49:cf:84: ed:5d:5c:63:4e:26:1f:9a:d3:75:90:03:b0:01:a8:94:82:18: d9:24:de:a6:6d:17:a3:46:3b:53:20:19:61:e6:f4:4a:14:18: 5f:43:38:e5:73:ca:a9:ba:c2:9c:3a:13:69:0f:15:bc:cb:fc: 6e:a8:35:a9:40:08:ce:47:f7:a7:d3:37:5d:4f:06:ae:22:5d: f6:cb:80:1d:cb:d8:14:7f:3d:fe:1c:5c:ef:1d:3b:9b:f7:be: c0:4a:a7:9f:fd:80:db:92:20:9e:f8:06:40:24:3d:a6:44:82: 08:8c:68:cd:85:cb:69:1a:3d:9b:27:9c:4f:fb:0a:22:90:a2: a9:e3:05:53:3c:d9:c0:12:54:16:d9:70:19:28:cb:a8:17:f3: bb:e8:19:c0:f5:7a:52:1e:65:e3:45:58:ab:f0:17:89:56:cd: 41:4d:bc:c6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx OTU4MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIwNTg5RDcwNzM0RjVF RDg0MjI2MDg2MjU0N0M5RDI1MTI2N0Q2QkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSNSca1ztJq2iOH/LRNSgtK6j3SYJ9LYdH5JqMOPl9vH/1jFDu UU0pBDYgilPz1qY5j5YpSqKL/IIKvhw6WIWfyXK65IdLaTP6OtfaRd8IsjyFXpnJ VXvRGrb64mn0Ae45sh2opPfyYFIp/9oKeluMPUzaL/ofMvZ5fGq057o2tX5xXs8H dwAvet06vooWwtSgcjY6egZVzUDxZqpdhOKOaYenrGCmVTt8COgYIYvC/85lzA4t 6ISUsIjFMZsa/OKQg8Qt2SqVBIte3CDNwRh6iZIsdcC0iWVF9b7IgkZ6E8FLxcmh p0zRWa++HhYDG0u/jI87j86IBJTB8BmuCeIRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUIFidcHNPXthCJghiVHydJRJn1rwwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvSUZpZGNITlBYdGhD SmdoaVZIeWRKUkpuMXJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmctrDANBgkqhkiG9w0BAQsFAAOCAQEAkI1FT+ax/oQ6pdvuP4XgsmFJg2tb UiqeNbYtRaIvIn9szWwkeOkIDrCGqY35tR+B1FB/pHu26BKCiS8vm22A5g81P6u7 6cOZ2EVZ5pHokvF0Cqbmro5iSc+E7V1cY04mH5rTdZADsAGolIIY2STepm0Xo0Y7 UyAZYeb0ShQYX0M45XPKqbrCnDoTaQ8VvMv8bqg1qUAIzkf3p9M3XU8GriJd9suA HcvYFH89/hxc7x07m/e+wEqnn/2A25IgnvgGQCQ9pkSCCIxozYXLaRo9myecT/sK IpCiqeMFUzzZwBJUFtlwGSjLqBfzu+gZwPV6Uh5l40VYq/AXiVbNQU28xg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:41 2025 by rpki-client