$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZBWpzeAt4uqUq0zsmnYx0BN3IfQ.roa File: ZBWpzeAt4uqUq0zsmnYx0BN3IfQ.roa (raw, json) Hash identifier: 9gV5/OPikxwwnMuhVftvUlu1wHHuXCirb8WorV2MFrM= Subject key identifier: 64:15:A9:CD:E0:2D:E2:EA:94:AB:4C:EC:9A:76:31:D0:13:77:21:F4 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3063 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZBWpzeAt4uqUq0zsmnYx0BN3IfQ.roa Signing time: Sun 30 Mar 2025 19:58:20 +0000 ROA not before: Sun 30 Mar 2025 19:58:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 134762 IP address blocks: 43.226.32.0/20 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12387 (0x3063) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 30 19:58:20 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=6415A9CDE02DE2EA94AB4CEC9A7631D0137721F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d0:ae:af:11:87:ea:f5:78:25:a9:50:cc:65: 23:9a:65:14:a0:8e:41:1a:a4:24:b0:63:c6:f1:3d: 9b:e4:a3:fe:d8:df:9d:e7:5e:86:9b:7b:34:78:4b: 7d:e7:99:3e:8e:bb:37:d5:11:0e:05:54:51:97:97: 8e:0a:c9:cc:96:f0:b9:e6:fa:a2:51:6c:11:34:29: 8e:84:f2:cf:db:7a:8d:9f:c5:de:d7:ee:25:1d:24: 84:41:d7:00:79:83:e2:27:d5:ef:82:81:a5:82:da: 79:3c:21:93:ed:63:cb:02:ae:91:51:68:f1:f5:73: de:43:ed:93:57:02:c9:8c:b7:90:f1:7c:48:a0:78: c5:49:95:85:57:ec:52:41:80:57:64:4c:0c:f9:58: c4:c9:b9:f4:f1:0d:a9:64:34:72:85:e6:b4:f5:1b: 7a:0f:ef:c4:fa:52:77:07:13:6e:f9:04:d1:98:c2: 2d:c1:11:c6:2c:51:1e:af:d8:ff:52:4c:7e:9b:67: 96:ec:05:97:d2:fd:a0:a2:95:ce:0d:28:62:0e:10: ce:4d:cf:c6:35:23:07:e0:af:8a:68:35:90:8a:4d: 27:26:b6:20:c3:2e:d4:07:a2:19:51:8a:ba:e3:1a: 22:23:fa:7c:0a:52:f9:03:27:f8:5d:ab:3c:a0:66: 12:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:15:A9:CD:E0:2D:E2:EA:94:AB:4C:EC:9A:76:31:D0:13:77:21:F4 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZBWpzeAt4uqUq0zsmnYx0BN3IfQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.32.0/20 Signature Algorithm: sha256WithRSAEncryption 6d:f5:75:ac:fa:51:b0:de:4d:c4:44:57:d6:4e:81:63:7f:31: 48:55:cd:5c:10:76:30:f8:9d:65:b6:3f:21:ca:09:04:48:cf: c3:2a:64:ea:c9:20:3c:3b:2f:7e:69:78:05:7b:ae:35:f4:b0: 47:07:69:7b:a2:8f:68:14:0b:be:22:38:61:53:b4:e2:8d:c7: 1c:bb:71:8a:fd:ec:90:f5:f2:8f:e6:7d:0b:df:bf:b5:30:cb: 17:20:39:b7:fc:5d:57:2d:d9:f2:04:89:1b:6a:0a:e3:71:a2: 61:43:d4:00:1a:f6:b2:cd:bc:b2:e8:4b:40:72:43:fb:a7:e9: 49:d7:2c:74:52:79:1e:9e:72:5a:5e:e8:60:45:b6:7c:76:6a: 85:5b:03:8d:bf:7a:79:15:68:b3:77:56:85:66:b0:4b:fc:6b: fd:29:ee:04:88:a4:04:9c:35:98:cc:26:e0:8d:e2:eb:8c:45: 79:68:92:17:31:1e:dd:5c:74:dd:4b:0e:a7:2f:7b:72:f7:57: c8:e6:f7:0f:ea:98:8e:a7:49:fe:61:ed:88:eb:7c:db:3e:b0: 67:32:34:26:d5:48:2b:30:99:07:70:c0:9f:47:b2:bf:b7:3a: d2:f7:04:74:c6:f3:92:76:47:9d:5a:ab:78:ae:79:1e:bf:fd: 03:41:13:db -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMGMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx OTU4MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY0MTVBOUNERTAyREUy RUE5NEFCNENFQzlBNzYzMUQwMTM3NzIxRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDY0K6vEYfq9XglqVDMZSOaZRSgjkEapCSwY8bxPZvko/7Y353n XoabezR4S33nmT6OuzfVEQ4FVFGXl44KycyW8Lnm+qJRbBE0KY6E8s/beo2fxd7X 7iUdJIRB1wB5g+In1e+CgaWC2nk8IZPtY8sCrpFRaPH1c95D7ZNXAsmMt5DxfEig eMVJlYVX7FJBgFdkTAz5WMTJufTxDalkNHKF5rT1G3oP78T6UncHE275BNGYwi3B EcYsUR6v2P9STH6bZ5bsBZfS/aCilc4NKGIOEM5Nz8Y1Iwfgr4poNZCKTScmtiDD LtQHohlRirrjGiIj+nwKUvkDJ/hdqzygZhIfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZBWpzeAt4uqUq0zsmnYx0BN3IfQwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvWkJXcHplQXQ0dXFV cTB6c21uWXgwQk4zSWZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBCviIDANBgkqhkiG9w0BAQsFAAOCAQEAbfV1rPpRsN5NxERX1k6BY38xSFXN XBB2MPidZbY/IcoJBEjPwypk6skgPDsvfml4BXuuNfSwRwdpe6KPaBQLviI4YVO0 4o3HHLtxiv3skPXyj+Z9C9+/tTDLFyA5t/xdVy3Z8gSJG2oK43GiYUPUABr2ss28 suhLQHJD+6fpSdcsdFJ5Hp5yWl7oYEW2fHZqhVsDjb96eRVos3dWhWawS/xr/Snu BIikBJw1mMwm4I3i64xFeWiSFzEe3Vx03UsOpy97cvdXyOb3D+qYjqdJ/mHtiOt8 2z6wZzI0JtVIKzCZB3DAn0eyv7c60vcEdMbzknZHnVqreK55Hr/9A0ET2w== -----END CERTIFICATE-----Generated at Fri Apr 4 18:44:37 2025 by rpki-client