$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/yASZAsuKpltkjXYnJ0q2zvTZQ0s.roa File: yASZAsuKpltkjXYnJ0q2zvTZQ0s.roa (raw, json) Hash identifier: CwIh5fGnQ/SVdtUsyIfM2FJbYVKjc2PgFK4eHor269E= Subject key identifier: C8:04:99:02:CB:8A:A6:5B:64:8D:76:27:27:4A:B6:CE:F4:D9:43:4B Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 305C Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/yASZAsuKpltkjXYnJ0q2zvTZQ0s.roa Signing time: Sun 30 Mar 2025 19:58:18 +0000 ROA not before: Sun 30 Mar 2025 19:58:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 134762 IP address blocks: 43.227.64.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12380 (0x305c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 30 19:58:18 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C8049902CB8AA65B648D7627274AB6CEF4D9434B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:32:38:9d:46:bd:8c:61:e3:48:41:2f:59:64: 7c:0f:82:ff:94:f8:58:e6:37:a7:51:8d:33:38:7e: fd:d0:9f:8e:2e:4b:ef:4e:a0:e8:31:78:e5:44:0a: 8a:7c:8d:bc:b5:bd:cb:75:e2:26:26:53:e7:87:8e: a8:7b:dd:75:1c:a5:15:e1:e4:4a:bd:ca:aa:3c:90: 62:07:6d:23:05:fd:4b:9a:ab:48:24:95:08:ca:2e: f4:83:cf:9d:82:a4:ab:30:26:f0:ea:b0:f9:64:ce: 1a:1b:a7:b6:55:a9:b7:43:7e:f6:3b:bc:db:16:49: 13:a6:25:0d:da:ba:2d:a7:72:19:38:d8:e8:70:a8: 7b:06:8f:cf:82:81:5b:58:e8:88:54:b9:54:5b:20: 86:9b:5d:f9:42:32:a4:cc:12:cc:a2:e4:ea:99:ef: da:3d:4f:22:5a:5e:66:ed:7a:25:b6:c9:7b:2d:46: bf:bf:27:ce:2d:5e:66:8d:92:9a:84:cd:71:af:34: e8:2a:b5:a2:b7:28:c5:dc:dd:7c:24:2c:0d:23:8f: 9c:c0:08:59:cb:97:f4:f1:64:1e:a4:c7:63:dd:b6: 2f:a6:c2:1d:2d:94:51:ca:53:70:77:b9:b5:1c:27: 22:01:69:e5:26:8f:3c:60:b7:eb:db:3e:ab:cc:d0: d4:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:04:99:02:CB:8A:A6:5B:64:8D:76:27:27:4A:B6:CE:F4:D9:43:4B X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/yASZAsuKpltkjXYnJ0q2zvTZQ0s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.227.64.0/22 Signature Algorithm: sha256WithRSAEncryption 56:f5:57:85:a3:38:69:69:b0:17:13:07:91:e1:2d:2f:db:08: 1c:7c:51:5f:fa:3d:ac:37:3c:11:9b:83:c9:27:9c:93:99:3e: dd:72:fa:37:8d:ff:6a:9f:71:88:47:82:d8:23:6b:4c:51:5d: 90:67:c7:6f:1e:97:da:3c:5c:44:85:ec:e9:e7:fb:2d:50:ab: 33:30:e5:28:73:2f:36:f9:d6:09:1d:d3:eb:b5:4d:97:d2:d6: 26:2c:3f:20:83:34:75:c8:7b:73:bc:27:fc:79:17:08:f5:8e: d7:c7:91:69:fb:3f:45:e6:80:3d:90:b6:f4:94:66:65:f2:71: 0c:2b:af:50:38:63:2e:39:8d:7e:74:5e:83:61:f4:53:3d:ac: 3d:85:05:db:a8:71:10:ec:3a:63:46:2c:8e:da:13:22:16:44: d9:14:14:fc:7a:a2:78:42:8a:7b:9d:66:46:11:79:08:22:36: 9f:8f:17:1d:c1:77:b8:02:a8:93:6d:b7:6c:98:c5:56:f9:e7: 04:c8:23:e7:45:28:47:e1:c1:51:78:2b:b9:31:27:d6:9f:8e: 18:63:6c:9d:7b:19:d8:c8:47:af:ac:da:69:6e:be:92:8b:8b: c8:08:22:90:ed:ea:77:4f:29:77:c3:dd:3e:49:91:10:6a:80: 49:f7:f2:5e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMFwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx OTU4MThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM4MDQ5OTAyQ0I4QUE2 NUI2NDhENzYyNzI3NEFCNkNFRjREOTQzNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWMjidRr2MYeNIQS9ZZHwPgv+U+FjmN6dRjTM4fv3Qn44uS+9O oOgxeOVECop8jby1vct14iYmU+eHjqh73XUcpRXh5Eq9yqo8kGIHbSMF/Uuaq0gk lQjKLvSDz52CpKswJvDqsPlkzhobp7ZVqbdDfvY7vNsWSROmJQ3aui2nchk42Ohw qHsGj8+CgVtY6IhUuVRbIIabXflCMqTMEsyi5OqZ79o9TyJaXmbteiW2yXstRr+/ J84tXmaNkpqEzXGvNOgqtaK3KMXc3XwkLA0jj5zACFnLl/TxZB6kx2Pdti+mwh0t lFHKU3B3ubUcJyIBaeUmjzxgt+vbPqvM0NQ5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUyASZAsuKpltkjXYnJ0q2zvTZQ0swHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMveUFTWkFzdUtwbHRr alhZbkowcTJ6dlRaUTBzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAivjQDANBgkqhkiG9w0BAQsFAAOCAQEAVvVXhaM4aWmwFxMHkeEtL9sIHHxR X/o9rDc8EZuDySeck5k+3XL6N43/ap9xiEeC2CNrTFFdkGfHbx6X2jxcRIXs6ef7 LVCrMzDlKHMvNvnWCR3T67VNl9LWJiw/IIM0dch7c7wn/HkXCPWO18eRafs/ReaA PZC29JRmZfJxDCuvUDhjLjmNfnReg2H0Uz2sPYUF26hxEOw6Y0YsjtoTIhZE2RQU /HqieEKKe51mRhF5CCI2n48XHcF3uAKok223bJjFVvnnBMgj50UoR+HBUXgruTEn 1p+OGGNsnXsZ2MhHr6zaaW6+kouLyAgikO3qd08pd8PdPkmREGqASffyXg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:53 2025 by rpki-client