$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2048/yDAVP8H_i8ah3EyHDhnWJS6tjLU.roa File: yDAVP8H_i8ah3EyHDhnWJS6tjLU.roa (raw, json) Hash identifier: CIzjhzifWM6nzfG8hoac4C+5WTIAXYEvq69J+GVoSuE= Subject key identifier: C8:30:15:3F:C1:FF:8B:C6:A1:DC:4C:87:0E:19:D6:25:2E:AD:8C:B5 Certificate issuer: /CN=4E25934FE8D89959425D1018EB121981DA250985 Certificate serial: 06DF Authority key identifier: 4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/yDAVP8H_i8ah3EyHDhnWJS6tjLU.roa Signing time: Sun 16 Feb 2025 02:25:44 +0000 ROA not before: Sun 16 Feb 2025 02:25:44 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 151296 IP address blocks: 103.9.24.0/22 maxlen: 24 103.9.108.0/22 maxlen: 24 103.71.68.0/22 maxlen: 24 180.210.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1759 (0x6df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4E25934FE8D89959425D1018EB121981DA250985 Validity Not Before: Feb 16 02:25:44 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C830153FC1FF8BC6A1DC4C870E19D6252EAD8CB5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:98:fb:e2:e7:1c:af:4b:4c:62:57:7f:6e:50: 84:26:b5:7c:a6:16:e2:ef:d8:55:b2:83:f9:9d:c4: 93:e6:16:f3:a8:65:93:6c:e7:ee:bf:7a:33:71:69: ec:33:a3:20:25:0b:75:b1:34:bc:9a:21:2c:b7:56: 06:c0:fc:8c:b9:28:13:ec:76:f9:f0:1a:19:75:b3: 93:5e:10:40:6a:bd:9d:47:2b:c8:ae:b5:78:2c:a7: 27:48:79:eb:ed:bc:81:98:24:49:89:b9:ba:f0:76: 51:1a:6a:df:01:e7:2d:43:e3:04:10:57:62:ac:58: 8c:50:06:71:46:ab:a3:8b:27:e6:96:d7:f5:a5:d7: 9d:59:ed:68:69:e0:18:7e:f6:0e:95:cb:3c:54:98: ad:78:8d:bb:48:5a:3c:48:38:db:27:ec:67:ee:9b: a7:de:73:98:a8:bd:a7:ca:c4:4e:c8:31:43:6d:ab: b3:67:9f:74:75:3b:0b:c9:72:f1:1d:de:0f:85:29: 2f:2b:9f:7b:36:9b:f7:37:b0:0d:6b:3b:8c:5d:56: 38:a0:9d:54:6a:2f:f4:e0:bb:39:e8:7f:ba:f0:00: fa:57:d8:82:86:9b:97:98:bc:f7:df:f4:c7:a9:0e: a7:7e:79:e4:d5:e0:e6:4f:ca:44:75:72:d1:47:01: f5:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:30:15:3F:C1:FF:8B:C6:A1:DC:4C:87:0E:19:D6:25:2E:AD:8C:B5 X509v3 Authority Key Identifier: keyid:4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/yDAVP8H_i8ah3EyHDhnWJS6tjLU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.9.24.0/22 103.9.108.0/22 103.71.68.0/22 180.210.212.0/22 Signature Algorithm: sha256WithRSAEncryption 62:1c:0b:81:86:68:7c:b2:94:de:9d:3e:33:aa:c9:46:be:88: 12:a1:9f:78:4e:5f:a4:76:4e:3f:6e:19:39:62:4a:b2:f7:4b: 38:fa:d8:c0:63:86:a6:bb:9f:07:78:11:2f:0b:1a:db:95:7b: 32:85:98:8f:f2:4f:01:04:cb:cc:bd:32:27:fb:46:b8:5c:3f: b2:a8:97:ff:19:08:dc:5e:c7:aa:70:04:e0:f9:fb:7d:eb:53: 6d:6f:dd:5d:e5:e4:e6:c2:5a:51:50:45:ff:47:b5:b9:0e:a5: d6:50:d5:22:bd:12:21:01:12:ed:57:bd:13:dd:4c:b7:60:e0: 2b:f9:ee:b6:85:09:8e:93:23:e4:a3:70:c9:a5:9c:48:cf:e7: 93:e1:6f:15:00:2f:8b:3e:6d:fe:46:09:7b:57:f9:a1:f4:6e: 86:5d:8d:3a:fc:a9:9d:c7:1b:9e:09:a5:79:18:20:be:de:a3: 08:d0:8d:fc:ec:ea:52:81:5e:38:3b:c3:0c:b8:14:9c:ea:00: 36:7d:5e:31:66:4d:d7:66:d3:83:56:28:2f:6e:eb:59:20:5b: e1:60:87:ac:8c:cf:7e:89:3b:37:be:51:23:70:dc:c4:d6:64: c6:e0:53:78:ae:95:f2:56:0e:70:cf:bb:2b:59:ab:d3:f7:bc: b8:97:42:1f -----BEGIN CERTIFICATE----- MIIE6TCCA9GgAwIBAgICBt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEUy NTkzNEZFOEQ4OTk1OTQyNUQxMDE4RUIxMjE5ODFEQTI1MDk4NTAeFw0yNTAyMTYw MjI1NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM4MzAxNTNGQzFGRjhC QzZBMURDNEM4NzBFMTlENjI1MkVBRDhDQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9mPvi5xyvS0xiV39uUIQmtXymFuLv2FWyg/mdxJPmFvOoZZNs 5+6/ejNxaewzoyAlC3WxNLyaISy3VgbA/Iy5KBPsdvnwGhl1s5NeEEBqvZ1HK8iu tXgspydIeevtvIGYJEmJubrwdlEaat8B5y1D4wQQV2KsWIxQBnFGq6OLJ+aW1/Wl 151Z7Whp4Bh+9g6VyzxUmK14jbtIWjxIONsn7Gfum6fec5iovafKxE7IMUNtq7Nn n3R1OwvJcvEd3g+FKS8rn3s2m/c3sA1rO4xdVjignVRqL/Tguznof7rwAPpX2IKG m5eYvPff9MepDqd+eeTV4OZPykR1ctFHAfVnAgMBAAGjggIFMIICATAdBgNVHQ4E FgQUyDAVP8H/i8ah3EyHDhnWJS6tjLUwHwYDVR0jBBgwFoAUTiWTT+jYmVlCXRAY 6xIZgdolCYUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA0 OC9UaVdUVC1qWW1WbENYUkFZNnhJWmdkb2xDWVUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RpV1RULWpZbVZsQ1hSQVk2eElaZ2RvbENZVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNDgveURBVlA4SF9pOGFo M0V5SERobldKUzZ0akxVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEw GAMEAmcJGAMEAmcJbAMEAmdHRAMEArTS1DANBgkqhkiG9w0BAQsFAAOCAQEAYhwL gYZofLKU3p0+M6rJRr6IEqGfeE5fpHZOP24ZOWJKsvdLOPrYwGOGprufB3gRLwsa 25V7MoWYj/JPAQTLzL0yJ/tGuFw/sqiX/xkI3F7HqnAE4Pn7fetTbW/dXeXk5sJa UVBF/0e1uQ6l1lDVIr0SIQES7Ve9E91Mt2DgK/nutoUJjpMj5KNwyaWcSM/nk+Fv FQAviz5t/kYJe1f5ofRuhl2NOvypnccbngmleRggvt6jCNCN/OzqUoFeODvDDLgU nOoANn1eMWZN12bTg1YoL27rWSBb4WCHrIzPfok7N75RI3DcxNZkxuBTeK6V8lYO cM+7K1mr0/e8uJdCHw== -----END CERTIFICATE-----Generated at Fri Apr 4 21:56:07 2025 by rpki-client