$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/SnwzkyZwfLVEJiP7wGX50bglsyU.roa File: SnwzkyZwfLVEJiP7wGX50bglsyU.roa (raw, json) Hash identifier: Es9/z1r/+Fywv8gJgfUxwAGY0kCQtfSuFzlK9mwSc3I= Subject key identifier: 4A:7C:33:93:26:70:7C:B5:44:26:23:FB:C0:65:F9:D1:B8:25:B3:25 Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 1BF8 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/SnwzkyZwfLVEJiP7wGX50bglsyU.roa Signing time: Fri 17 Jan 2025 01:27:20 +0000 ROA not before: Fri 17 Jan 2025 01:27:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 18257 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:11:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7160 (0x1bf8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Jan 17 01:27:20 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4A7C339326707CB5442623FBC065F9D1B825B325 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:bb:71:97:9e:91:1a:23:98:c7:c4:2d:f2:39: 3f:98:ec:4c:b5:d6:62:a9:00:bf:09:43:a3:24:48: 66:63:95:e3:e4:f5:fe:ef:71:8c:ef:1c:ec:49:fa: 1c:69:7e:e0:64:79:d4:c3:d2:34:ed:04:38:b2:2a: 06:0f:c2:45:a0:48:1d:62:41:7a:6e:ff:ca:80:ed: 28:77:07:ce:8c:79:45:03:2c:9c:3b:2a:15:12:c9: 1d:82:5f:cc:3d:0b:7a:f0:fb:55:ee:da:f2:9c:f6: 3b:17:ee:9d:d8:47:fc:80:76:2f:9d:bd:7a:ec:97: c0:a0:aa:b2:ed:3a:81:d6:bb:af:46:08:b7:68:48: bb:45:15:e9:0f:27:08:94:19:e3:ce:8b:4e:79:14: 6a:f1:55:e3:15:72:28:51:5b:47:d3:b4:d8:d4:2f: ea:82:c4:56:64:9f:fb:e7:e9:07:88:52:c6:eb:65: c9:28:29:8e:71:26:44:69:3d:85:6f:c0:9d:e0:64: b3:8a:a1:8e:7e:e7:45:df:e8:2e:a9:3d:3d:5a:1f: e1:10:04:10:14:e6:49:e7:ac:3e:8a:bc:78:80:45: 05:a6:cb:8c:63:38:bb:c9:c0:9d:42:4c:38:d4:c4: 39:24:b9:0c:2a:10:4c:bb:7a:b9:42:98:b8:e1:21: 48:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:7C:33:93:26:70:7C:B5:44:26:23:FB:C0:65:F9:D1:B8:25:B3:25 X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/SnwzkyZwfLVEJiP7wGX50bglsyU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption 65:63:be:42:0d:70:69:19:68:ca:92:6f:17:65:d1:a0:ca:0a: 8b:80:d5:d2:d7:81:4d:9b:85:59:a0:26:5b:e4:ea:09:18:45: dd:ee:5c:4f:b9:f1:36:7f:d7:da:45:0d:e5:25:0a:80:17:67: 2e:66:56:d1:47:41:6a:6b:8d:13:59:b6:21:4b:a8:07:e4:e6: 26:9f:b6:29:b4:02:3e:79:1e:30:ab:63:54:15:81:c7:6a:cc: c5:29:ca:98:fb:10:ae:76:89:ae:34:5e:7d:35:9a:48:59:ac: ad:ef:59:86:bb:09:49:6d:de:7c:a4:74:3a:49:c4:0e:df:9a: 14:2e:9f:88:45:6f:ba:a2:62:cd:25:d9:56:30:f9:29:1a:16: c7:d3:d4:ee:5a:93:c3:46:b4:68:e2:e6:68:2b:3b:49:1a:53: 59:3b:0d:a0:cb:83:6a:a6:a4:c9:48:36:00:9e:51:7d:78:40: 5c:19:96:3a:83:99:03:60:8a:ac:99:57:9d:a8:dd:f1:87:42: 58:5f:49:38:11:e6:85:dd:3e:e3:40:48:b3:04:79:1d:a3:48: 4e:00:ee:49:e6:95:b9:d7:fa:0b:5b:bd:b9:47:6c:b3:7f:dc: 55:1e:29:6c:eb:6c:24:ae:85:1a:5a:19:f5:35:52:13:ef:1a: 7c:be:89:0a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG/gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTAxMTcw MTI3MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRBN0MzMzkzMjY3MDdD QjU0NDI2MjNGQkMwNjVGOUQxQjgyNUIzMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGu3GXnpEaI5jHxC3yOT+Y7Ey11mKpAL8JQ6MkSGZjlePk9f7v cYzvHOxJ+hxpfuBkedTD0jTtBDiyKgYPwkWgSB1iQXpu/8qA7Sh3B86MeUUDLJw7 KhUSyR2CX8w9C3rw+1Xu2vKc9jsX7p3YR/yAdi+dvXrsl8CgqrLtOoHWu69GCLdo SLtFFekPJwiUGePOi055FGrxVeMVcihRW0fTtNjUL+qCxFZkn/vn6QeIUsbrZcko KY5xJkRpPYVvwJ3gZLOKoY5+50Xf6C6pPT1aH+EQBBAU5knnrD6KvHiARQWmy4xj OLvJwJ1CTDjUxDkkuQwqEEy7erlCmLjhIUiHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUSnwzkyZwfLVEJiP7wGX50bglsyUwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvU253emt5WndmTFZF SmlQN3dHWDUwYmdsc3lVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEAZWO+Qg1waRloypJvF2XRoMoKi4DV 0teBTZuFWaAmW+TqCRhF3e5cT7nxNn/X2kUN5SUKgBdnLmZW0UdBamuNE1m2IUuo B+TmJp+2KbQCPnkeMKtjVBWBx2rMxSnKmPsQrnaJrjRefTWaSFmsre9ZhrsJSW3e fKR0OknEDt+aFC6fiEVvuqJizSXZVjD5KRoWx9PU7lqTw0a0aOLmaCs7SRpTWTsN oMuDaqakyUg2AJ5RfXhAXBmWOoOZA2CKrJlXnajd8YdCWF9JOBHmhd0+40BIswR5 HaNITgDuSeaVudf6C1u9uUdss3/cVR4pbOtsJK6FGloZ9TVSE+8afL6JCg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:39 2025 by rpki-client