$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/22/si24gGFg-sQtUpvK4DZtlqNS05c.roa File: si24gGFg-sQtUpvK4DZtlqNS05c.roa (raw, json) Hash identifier: /h7TLGBM959FC9Cv5rtuoN4A205gm+8xj8hpkkz0h/c= Subject key identifier: B2:2D:B8:80:61:60:FA:C4:2D:52:9B:CA:E0:36:6D:96:A3:52:D3:97 Certificate issuer: /CN=ECB273B097997C02B4F52E5C1BB4FEFE66797850 Certificate serial: 07 Authority key identifier: EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/si24gGFg-sQtUpvK4DZtlqNS05c.roa Signing time: Tue 14 Jan 2025 08:18:20 +0000 ROA not before: Tue 14 Jan 2025 08:18:20 +0000 ROA not after: Wed 14 Jan 2026 07:53:29 +0000 asID: 17969 IP address blocks: 27.144.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ECB273B097997C02B4F52E5C1BB4FEFE66797850 Validity Not Before: Jan 14 08:18:20 2025 GMT Not After : Jan 14 07:53:29 2026 GMT Subject: CN=B22DB8806160FAC42D529BCAE0366D96A352D397 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:51:b0:c7:f4:63:03:48:3b:25:85:69:5f:dc: 36:de:34:2e:b8:03:d4:70:56:c7:a4:0a:88:b1:3a: 1d:26:ad:0d:68:c8:1a:d1:fb:f2:86:b3:3e:50:1d: 46:e6:58:e1:fb:87:cf:42:1c:d5:66:7e:df:18:8c: 67:29:08:4f:e4:46:34:e5:26:2b:8a:5c:b7:c8:4b: ee:38:03:29:9a:2e:22:c8:db:ad:f1:c7:57:33:fb: bb:ec:09:2c:22:70:5d:3b:84:97:dc:65:1e:98:d4: b3:71:fb:c7:b5:b9:43:69:36:75:9e:2b:e4:a7:45: 76:9d:f5:00:d8:d7:b8:9a:55:95:6b:ea:57:05:31: 1e:9f:01:51:d1:06:be:f7:eb:5a:52:5c:68:8d:0f: c0:0c:11:77:75:51:a6:1a:62:28:4c:3f:29:7e:5a: ca:4d:6e:da:96:9d:f5:9e:3e:46:86:7f:f4:a7:ce: b8:a7:18:ff:e7:ae:c2:d2:77:68:e3:c4:f9:f8:70: 33:e0:34:04:5f:52:2f:85:2b:59:01:e0:f1:07:d0: ec:89:bf:d7:09:46:3e:01:48:50:c5:d7:e6:83:28: a1:0d:7d:26:ee:43:25:c4:d5:89:fc:3e:ee:28:fe: 75:9c:98:77:a9:0c:b3:d9:da:24:38:d5:31:12:ab: 21:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:2D:B8:80:61:60:FA:C4:2D:52:9B:CA:E0:36:6D:96:A3:52:D3:97 X509v3 Authority Key Identifier: keyid:EC:B2:73:B0:97:99:7C:02:B4:F5:2E:5C:1B:B4:FE:FE:66:79:78:50 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/7LJzsJeZfAK09S5cG7T-_mZ5eFA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7LJzsJeZfAK09S5cG7T-_mZ5eFA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/22/si24gGFg-sQtUpvK4DZtlqNS05c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.144.0.0/16 Signature Algorithm: sha256WithRSAEncryption 47:8a:f8:f7:bb:f3:08:75:9a:78:5b:e6:3e:40:ea:8a:70:47: eb:ca:41:98:43:91:f7:c7:2d:3e:39:6a:64:d1:a5:ff:4a:fe: ce:47:a8:14:53:58:1d:ad:69:73:86:68:ff:92:8f:cc:2f:15: 1f:b6:40:f1:3f:37:ab:bb:42:e6:5f:59:b1:f2:53:ac:cf:13: c4:3e:02:9c:fc:a3:fa:7d:df:63:4d:76:39:96:50:4c:83:3e: 9f:0c:e3:60:69:55:5b:d0:44:6f:24:72:7b:2e:cb:4d:85:1b: ca:ea:69:2a:63:3f:c6:fb:8f:ca:7a:b8:f9:9d:57:c0:00:ea: 4c:7f:87:65:ea:b2:08:99:9e:57:ac:d7:29:88:dc:ea:9f:93: 93:05:96:c4:63:e5:17:83:69:6b:70:58:6d:a7:60:e4:ca:55: 03:54:d7:a4:78:9f:2b:42:1d:00:c5:fb:1d:dc:80:f3:40:4d: 9a:4d:c8:61:67:cd:a6:ce:de:62:5a:1f:7c:36:21:79:78:63: ba:1b:72:8c:57:0a:fe:22:ea:4d:7f:d1:37:23:75:30:ef:c8: 37:5a:9d:89:f6:34:ae:d7:9a:70:8f:1d:f3:1e:5c:ed:7e:80: 08:ee:23:73:5e:d8:1c:5d:32:d6:54:bd:71:62:83:e3:c5:21: 6a:76:da:69 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFQ0Iy NzNCMDk3OTk3QzAyQjRGNTJFNUMxQkI0RkVGRTY2Nzk3ODUwMB4XDTI1MDExNDA4 MTgyMFoXDTI2MDExNDA3NTMyOVowMzExMC8GA1UEAxMoQjIyREI4ODA2MTYwRkFD NDJENTI5QkNBRTAzNjZEOTZBMzUyRDM5NzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMdRsMf0YwNIOyWFaV/cNt40LrgD1HBWx6QKiLE6HSatDWjIGtH7 8oazPlAdRuZY4fuHz0Ic1WZ+3xiMZykIT+RGNOUmK4pct8hL7jgDKZouIsjbrfHH VzP7u+wJLCJwXTuEl9xlHpjUs3H7x7W5Q2k2dZ4r5KdFdp31ANjXuJpVlWvqVwUx Hp8BUdEGvvfrWlJcaI0PwAwRd3VRphpiKEw/KX5ayk1u2pad9Z4+RoZ/9KfOuKcY /+euwtJ3aOPE+fhwM+A0BF9SL4UrWQHg8QfQ7Im/1wlGPgFIUMXX5oMooQ19Ju5D JcTVifw+7ij+dZyYd6kMs9naJDjVMRKrIYsCAwEAAaOCAe4wggHqMB0GA1UdDgQW BBSyLbiAYWD6xC1Sm8rgNm2Wo1LTlzAfBgNVHSMEGDAWgBTssnOwl5l8ArT1Llwb tP7+Znl4UDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yMi83 TEp6c0plWmZBSzA5UzVjRzdULV9tWjVlRkEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwLzdMSnpzSmVaZkFLMDlTNWNHN1QtX21aNWVGQS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIyL3NpMjRnR0ZnLXNRdFVwdks0 RFp0bHFOUzA1Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwAb kDANBgkqhkiG9w0BAQsFAAOCAQEAR4r497vzCHWaeFvmPkDqinBH68pBmEOR98ct PjlqZNGl/0r+zkeoFFNYHa1pc4Zo/5KPzC8VH7ZA8T83q7tC5l9ZsfJTrM8TxD4C nPyj+n3fY012OZZQTIM+nwzjYGlVW9BEbyRyey7LTYUbyuppKmM/xvuPynq4+Z1X wADqTH+HZeqyCJmeV6zXKYjc6p+TkwWWxGPlF4Npa3BYbadg5MpVA1TXpHifK0Id AMX7HdyA80BNmk3IYWfNps7eYloffDYheXhjuhtyjFcK/iLqTX/RNyN1MO/IN1qd ifY0rteacI8d8x5c7X6ACO4jc17YHF0y1lS9cWKD48UhanbaaQ== -----END CERTIFICATE-----Generated at Wed Jun 4 00:52:29 2025 by rpki-client