$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/KIDNSOBC8JqfVS2pTb-e-Ms3bYE.roa File: KIDNSOBC8JqfVS2pTb-e-Ms3bYE.roa (raw, json) Hash identifier: 7BBFlQcOGZq8ItBfVjuFavrJu7MwP1pl143cfGMIp5I= Subject key identifier: 28:80:CD:48:E0:42:F0:9A:9F:55:2D:A9:4D:BF:9E:F8:CB:37:6D:81 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3060 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/KIDNSOBC8JqfVS2pTb-e-Ms3bYE.roa Signing time: Sun 30 Mar 2025 19:58:19 +0000 ROA not before: Sun 30 Mar 2025 19:58:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 134762 IP address blocks: 43.226.72.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12384 (0x3060) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 30 19:58:19 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2880CD48E042F09A9F552DA94DBF9EF8CB376D81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:46:84:37:2e:1a:ff:47:ff:15:c6:eb:27:95: 82:fa:e9:83:71:3b:f0:f6:ec:86:5d:f5:e7:1a:4d: 0e:a1:5b:c8:bd:54:0f:77:75:b4:2b:b2:89:f9:2c: 20:ba:13:2b:bc:52:46:4c:8e:b5:ab:d6:65:bc:ec: 82:9a:f7:d9:dc:ec:23:b5:ad:07:a2:09:6b:47:c9: c0:15:77:ca:b5:b8:c6:dd:66:b9:3a:6a:82:72:fb: 1d:34:d9:6f:53:56:17:3b:33:3e:86:e1:92:71:7a: f3:e9:3c:e0:40:07:81:ef:ea:7d:3b:76:5a:9f:93: 68:48:5d:64:69:a3:36:8f:a8:c3:c6:8c:f9:71:41: 8d:6b:07:a9:c4:ea:f2:d6:86:52:0a:0c:fb:04:ce: 39:59:cb:ec:16:8f:91:83:51:ea:4e:72:81:d8:00: 47:6d:1e:2f:27:27:53:ca:5f:6a:48:5a:29:84:d6: 2d:a9:f7:b3:de:73:0d:5e:26:d9:fd:ba:42:31:9d: 1d:60:c1:3c:ab:dd:f6:3d:e8:f5:93:06:37:1c:99: 65:1c:00:e8:56:2e:07:50:2f:d4:01:e5:93:a2:db: e2:58:aa:37:f1:e9:aa:bc:c5:aa:83:43:43:7d:31: d2:54:16:1e:fb:4e:5e:df:ae:41:b9:10:d8:68:73: ab:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:80:CD:48:E0:42:F0:9A:9F:55:2D:A9:4D:BF:9E:F8:CB:37:6D:81 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/KIDNSOBC8JqfVS2pTb-e-Ms3bYE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.72.0/22 Signature Algorithm: sha256WithRSAEncryption 95:f2:39:93:41:cb:66:24:49:e0:ef:7a:33:1a:b3:5e:5e:c0: aa:ec:8a:7d:a6:11:13:5a:77:aa:b0:54:7c:43:fc:26:ac:ca: 85:fa:cc:fc:8f:f9:28:0c:4d:55:b1:41:2b:a5:d5:96:ac:80: d6:41:0b:94:f4:88:a0:d4:a5:de:04:9d:3e:2d:ec:ea:9f:26: 8e:97:cc:d7:c2:8a:29:08:87:53:39:e6:4f:c6:c5:e8:e8:c7: 1d:b3:11:98:c2:05:85:66:79:25:b7:bd:81:1e:3e:05:bc:23: 05:fc:02:59:c1:2f:99:42:b6:5e:12:b0:7b:a3:4d:59:83:2c: ce:ed:8c:70:68:eb:15:29:31:65:84:be:fb:e5:cd:97:c5:4b: 61:77:76:af:ed:33:d4:3f:66:86:07:0e:9f:20:89:c0:43:07: d7:59:37:ed:e8:49:7c:98:01:3f:1d:0b:c9:80:6f:a5:93:f6: f2:80:b6:a4:ef:4b:49:37:09:0f:34:96:3d:5c:a5:e8:a7:b1: 59:74:a9:61:b9:92:b3:8f:94:7a:e3:d7:52:4a:d9:2e:59:ee: 0e:ea:a5:63:be:48:a6:0d:5e:fc:99:0a:e5:d8:5c:a5:ee:22: 6a:09:4e:63:09:0a:e8:63:ea:4b:a2:25:46:12:ff:cb:60:f8: f3:53:16:3c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx OTU4MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI4ODBDRDQ4RTA0MkYw OUE5RjU1MkRBOTREQkY5RUY4Q0IzNzZEODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvRoQ3Lhr/R/8VxusnlYL66YNxO/D27IZd9ecaTQ6hW8i9VA93 dbQrson5LCC6Eyu8UkZMjrWr1mW87IKa99nc7CO1rQeiCWtHycAVd8q1uMbdZrk6 aoJy+x002W9TVhc7Mz6G4ZJxevPpPOBAB4Hv6n07dlqfk2hIXWRpozaPqMPGjPlx QY1rB6nE6vLWhlIKDPsEzjlZy+wWj5GDUepOcoHYAEdtHi8nJ1PKX2pIWimE1i2p 97Pecw1eJtn9ukIxnR1gwTyr3fY96PWTBjccmWUcAOhWLgdQL9QB5ZOi2+JYqjfx 6aq8xaqDQ0N9MdJUFh77Tl7frkG5ENhoc6sZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUKIDNSOBC8JqfVS2pTb+e+Ms3bYEwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvS0lETlNPQkM4SnFm VlMycFRiLWUtTXMzYllFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAiviSDANBgkqhkiG9w0BAQsFAAOCAQEAlfI5k0HLZiRJ4O96MxqzXl7AquyK faYRE1p3qrBUfEP8JqzKhfrM/I/5KAxNVbFBK6XVlqyA1kELlPSIoNSl3gSdPi3s 6p8mjpfM18KKKQiHUznmT8bF6OjHHbMRmMIFhWZ5Jbe9gR4+BbwjBfwCWcEvmUK2 XhKwe6NNWYMszu2McGjrFSkxZYS+++XNl8VLYXd2r+0z1D9mhgcOnyCJwEMH11k3 7ehJfJgBPx0LyYBvpZP28oC2pO9LSTcJDzSWPVyl6KexWXSpYbmSs4+UeuPXUkrZ LlnuDuqlY75Ipg1e/JkK5dhcpe4iaglOYwkK6GPqS6IlRhL/y2D481MWPA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:37 2025 by rpki-client