$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/TzcA4SvlW4dDnwgnj75iZobTJRo.roa File: TzcA4SvlW4dDnwgnj75iZobTJRo.roa (raw, json) Hash identifier: Xv9Q2kxWm0g9IFUUrlfdAks/1WpiCsp5fLwysnIO7a4= Subject key identifier: 4F:37:00:E1:2B:E5:5B:87:43:9F:08:27:8F:BE:62:66:86:D3:25:1A Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3052 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/TzcA4SvlW4dDnwgnj75iZobTJRo.roa Signing time: Sun 30 Mar 2025 19:58:15 +0000 ROA not before: Sun 30 Mar 2025 19:58:15 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 134762 IP address blocks: 43.226.64.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12370 (0x3052) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 30 19:58:15 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4F3700E12BE55B87439F08278FBE626686D3251A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:97:b0:a1:62:ab:a6:fc:2a:45:51:27:f8:01: 84:f4:1a:42:43:6c:cb:e4:ad:95:8a:36:5f:81:f4: 22:70:95:96:0f:e2:d4:19:b8:12:68:11:e9:32:75: 87:c0:15:36:4c:b1:b6:bf:20:a5:b3:d6:e4:20:af: 41:b5:de:6c:ff:9b:c5:bf:32:9c:9c:05:17:1f:e0: 3c:43:e5:ff:8d:4b:d6:b7:71:8b:bd:03:b4:ac:d0: 8e:e4:af:f6:d1:74:b6:72:ad:b7:94:0d:29:72:2b: 68:a9:f8:57:63:ed:2b:47:96:36:0d:12:f4:7b:4e: bf:6d:bb:a5:20:65:c6:7c:53:91:53:b5:c0:de:76: 93:6a:11:56:fd:ad:be:56:8d:6b:5a:49:f6:d2:26: 1a:6a:0d:37:f9:ef:bc:fd:60:6d:90:70:0d:95:8b: 97:eb:3a:17:9d:38:3c:7b:6e:f9:c7:e1:77:f0:17: 26:21:03:1c:1b:4c:2f:bd:da:02:30:0b:ed:54:e6: 00:c6:ed:97:b6:79:f8:1a:03:c0:78:89:39:37:25: f8:b5:c0:54:2e:9b:6a:f5:e2:1d:b0:18:75:30:92: f5:14:6c:cb:21:cb:7e:31:fd:27:f3:37:54:b4:a5: e4:c0:66:88:22:42:9e:24:3a:4e:fb:89:2e:aa:5c: dc:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:37:00:E1:2B:E5:5B:87:43:9F:08:27:8F:BE:62:66:86:D3:25:1A X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/TzcA4SvlW4dDnwgnj75iZobTJRo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.64.0/21 Signature Algorithm: sha256WithRSAEncryption a5:71:92:3e:ff:81:36:c9:7f:ab:31:0e:4f:92:3f:09:4b:3c: a7:08:2b:1d:62:f8:94:c0:2f:6b:0b:35:d0:54:e1:d1:98:ac: 00:1f:77:8c:6b:99:5a:a5:40:de:b2:4d:1f:55:5f:c8:96:30: cb:80:28:de:26:8a:02:8b:74:cc:80:da:e4:1e:a2:8d:e8:be: 02:00:42:ad:96:13:de:a5:0b:b9:8f:e6:69:e2:96:d0:a6:e5: be:1e:87:3f:3f:c3:cb:df:c8:02:82:b5:8d:7d:f0:f5:62:03: 8a:e9:20:71:f5:40:fe:40:90:42:0d:19:3f:cc:9e:c4:86:0c: 7b:60:64:ee:e1:21:0d:24:4b:c3:49:ac:64:b4:e0:a6:ea:64: 7e:13:e7:09:d9:3d:1d:00:1b:14:2c:2a:ce:8d:7f:75:92:0d: 03:c1:a7:10:0e:3c:ef:32:01:9a:5d:70:77:84:80:36:fa:94: f7:ee:ee:29:69:b1:87:1a:3f:68:b9:26:fb:39:a0:81:37:1c: db:9d:8c:ae:27:27:b4:e1:d8:c5:e2:96:cf:4c:fa:86:07:a3: 2d:46:6c:89:fa:cb:87:9d:6d:ce:ec:95:6d:72:bf:be:70:7d: 76:19:c5:4b:87:b7:36:17:fe:94:06:80:74:a3:8d:57:b6:bb: 6d:ec:29:74 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMFIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx OTU4MTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRGMzcwMEUxMkJFNTVC ODc0MzlGMDgyNzhGQkU2MjY2ODZEMzI1MUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDml7ChYqum/CpFUSf4AYT0GkJDbMvkrZWKNl+B9CJwlZYP4tQZ uBJoEekydYfAFTZMsba/IKWz1uQgr0G13mz/m8W/MpycBRcf4DxD5f+NS9a3cYu9 A7Ss0I7kr/bRdLZyrbeUDSlyK2ip+Fdj7StHljYNEvR7Tr9tu6UgZcZ8U5FTtcDe dpNqEVb9rb5WjWtaSfbSJhpqDTf577z9YG2QcA2Vi5frOhedODx7bvnH4XfwFyYh AxwbTC+92gIwC+1U5gDG7Ze2efgaA8B4iTk3Jfi1wFQum2r14h2wGHUwkvUUbMsh y34x/SfzN1S0peTAZogiQp4kOk77iS6qXNylAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTzcA4SvlW4dDnwgnj75iZobTJRowHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvVHpjQTRTdmxXNGRE bndnbmo3NWlab2JUSlJvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAyviQDANBgkqhkiG9w0BAQsFAAOCAQEApXGSPv+BNsl/qzEOT5I/CUs8pwgr HWL4lMAvaws10FTh0ZisAB93jGuZWqVA3rJNH1VfyJYwy4Ao3iaKAot0zIDa5B6i jei+AgBCrZYT3qULuY/maeKW0Kblvh6HPz/Dy9/IAoK1jX3w9WIDiukgcfVA/kCQ Qg0ZP8yexIYMe2Bk7uEhDSRLw0msZLTgpupkfhPnCdk9HQAbFCwqzo1/dZINA8Gn EA487zIBml1wd4SANvqU9+7uKWmxhxo/aLkm+zmggTcc252MricntOHYxeKWz0z6 hgejLUZsifrLh51tzuyVbXK/vnB9dhnFS4e3Nhf+lAaAdKONV7a7bewpdA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:42:02 2025 by rpki-client