$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZT29OOC9Z7MkG06WXQhj1eon2nQ.roa File: ZT29OOC9Z7MkG06WXQhj1eon2nQ.roa (raw, json) Hash identifier: nTNiOVkdppVAOZ6tb/ipCtFlrKVaOZKu3RMYe/FzQPY= Subject key identifier: 65:3D:BD:38:E0:BD:67:B3:24:1B:4E:96:5D:08:63:D5:EA:27:DA:74 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 3054 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZT29OOC9Z7MkG06WXQhj1eon2nQ.roa Signing time: Sun 30 Mar 2025 19:58:16 +0000 ROA not before: Sun 30 Mar 2025 19:58:16 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 134762 IP address blocks: 43.226.50.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12372 (0x3054) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 30 19:58:16 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=653DBD38E0BD67B3241B4E965D0863D5EA27DA74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:35:0f:1d:f3:cd:03:d4:31:92:03:a0:2e:18: a7:e4:73:c7:16:77:06:44:87:d6:b0:b1:ca:80:53: 51:22:f5:25:54:46:e0:11:c3:35:86:ff:47:7b:8a: 47:6a:54:5c:7d:ff:af:cf:ff:b2:56:8f:ea:3e:10: d3:52:c1:9f:85:1f:dd:af:2c:a5:e4:28:93:d5:f7: 93:a1:1a:17:e5:71:78:dc:44:e2:f6:ca:8b:22:27: 29:4a:43:12:2e:0b:d1:0d:12:de:a7:3d:13:1b:8a: e9:b1:7e:73:6c:ba:72:ec:08:b5:da:18:b6:a8:19: c3:18:22:41:f7:b6:fd:e5:2a:ef:76:49:6b:81:6b: 9b:e5:fa:e6:b1:35:63:48:3f:76:de:88:4e:df:27: 83:ce:48:16:f4:fa:f2:94:f0:b0:fb:c5:4d:5e:ab: 5b:33:4c:d9:fe:0d:15:b7:2a:af:04:7c:b0:b2:b4: f8:f3:03:05:66:1e:d5:0e:d9:28:54:7b:9e:6c:d5: b9:cb:e9:b9:b1:3a:ba:e9:6b:10:c3:bd:31:7d:a5: f2:96:ba:b5:9a:b9:e2:ae:63:cb:c0:5c:db:fd:89: 36:25:a2:c3:48:d5:05:c0:1d:e1:d4:6a:df:bc:47: 64:83:51:23:cb:43:5f:2e:57:e6:68:66:00:f6:c0: 0f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:3D:BD:38:E0:BD:67:B3:24:1B:4E:96:5D:08:63:D5:EA:27:DA:74 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/ZT29OOC9Z7MkG06WXQhj1eon2nQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.50.0/23 Signature Algorithm: sha256WithRSAEncryption 14:b1:d3:07:a6:18:d1:7e:08:ac:97:63:16:01:9f:58:a8:08: 82:7e:be:3b:b5:e0:72:4d:74:12:e4:5d:7a:af:35:3f:5a:e8: d4:75:38:15:bb:aa:5b:6a:1d:a0:c0:41:2d:55:41:32:7e:93: 59:e1:0c:59:2e:42:f6:a8:c6:1c:12:f9:5c:a4:e8:dd:88:a9: 31:1d:36:7d:4f:73:b0:b6:c7:5e:61:59:c0:dc:21:41:ac:5e: c8:ed:e5:03:96:bd:af:85:55:72:24:f0:43:79:1c:be:f2:cf: 15:7a:04:1c:3f:44:cc:58:07:c6:39:df:a9:07:55:45:4c:0c: 85:bc:b2:2f:d8:4d:f6:6b:fd:39:13:bf:1b:df:3e:b9:fa:bd: 12:33:5b:f5:d3:48:c9:f8:fe:10:1b:0d:40:b0:1a:b7:8f:db: 0a:be:db:a2:f6:17:bc:01:b5:b8:cd:21:62:be:60:3f:b9:c0: 3c:91:d5:e5:74:16:6b:a4:7b:d7:73:fd:8f:43:ce:21:ca:b6: 5b:3a:96:d1:87:ce:d2:56:a7:12:85:ed:4c:81:74:05:64:23: a2:ef:59:6e:9a:86:d7:c3:44:c0:36:f2:de:50:d5:6c:f8:f5: 79:bc:0b:53:79:10:66:30:94:ad:9c:07:3f:12:49:a3:b9:eb: ce:9d:a4:f5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMFQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx OTU4MTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY1M0RCRDM4RTBCRDY3 QjMyNDFCNEU5NjVEMDg2M0Q1RUEyN0RBNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8NQ8d880D1DGSA6AuGKfkc8cWdwZEh9awscqAU1Ei9SVURuAR wzWG/0d7ikdqVFx9/6/P/7JWj+o+ENNSwZ+FH92vLKXkKJPV95OhGhflcXjcROL2 yosiJylKQxIuC9ENEt6nPRMbiumxfnNsunLsCLXaGLaoGcMYIkH3tv3lKu92SWuB a5vl+uaxNWNIP3beiE7fJ4POSBb0+vKU8LD7xU1eq1szTNn+DRW3Kq8EfLCytPjz AwVmHtUO2ShUe55s1bnL6bmxOrrpaxDDvTF9pfKWurWaueKuY8vAXNv9iTYlosNI 1QXAHeHUat+8R2SDUSPLQ18uV+ZoZgD2wA9TAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZT29OOC9Z7MkG06WXQhj1eon2nQwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvWlQyOU9PQzlaN01r RzA2V1hRaGoxZW9uMm5RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEASviMjANBgkqhkiG9w0BAQsFAAOCAQEAFLHTB6YY0X4IrJdjFgGfWKgIgn6+ O7Xgck10EuRdeq81P1ro1HU4FbuqW2odoMBBLVVBMn6TWeEMWS5C9qjGHBL5XKTo 3YipMR02fU9zsLbHXmFZwNwhQaxeyO3lA5a9r4VVciTwQ3kcvvLPFXoEHD9EzFgH xjnfqQdVRUwMhbyyL9hN9mv9ORO/G98+ufq9EjNb9dNIyfj+EBsNQLAat4/bCr7b ovYXvAG1uM0hYr5gP7nAPJHV5XQWa6R713P9j0POIcq2WzqW0YfO0lanEoXtTIF0 BWQjou9ZbpqG18NEwDby3lDVbPj1ebwLU3kQZjCUrZwHPxJJo7nrzp2k9Q== -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:43 2025 by rpki-client