$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/jhEg6HuRZNTrgrJYUd5elMT5s9c.roa File: jhEg6HuRZNTrgrJYUd5elMT5s9c.roa (raw, json) Hash identifier: sWbzhWThXRWbF9GlffFSK1iZraf+0A95K++Of9ZD/lk= Subject key identifier: 8E:11:20:E8:7B:91:64:D4:EB:82:B2:58:51:DE:5E:94:C4:F9:B3:D7 Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 1BF5 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/jhEg6HuRZNTrgrJYUd5elMT5s9c.roa Signing time: Fri 17 Jan 2025 01:27:19 +0000 ROA not before: Fri 17 Jan 2025 01:27:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4837 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:11:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7157 (0x1bf5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Jan 17 01:27:19 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8E1120E87B9164D4EB82B25851DE5E94C4F9B3D7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:67:c4:92:ed:fc:d9:6f:79:9c:0b:b1:36:dc: 26:17:80:e1:6c:f2:77:d9:b3:99:ed:39:fa:d0:d2: 3e:0f:5c:c1:3d:6a:27:5c:e6:1c:da:56:69:4f:06: 85:22:53:46:ef:4f:a2:a0:92:d3:f2:53:42:23:65: ad:82:a6:d8:4b:a6:56:f8:80:e4:42:79:18:2a:eb: 9e:ef:75:c9:b9:1e:80:c9:18:a6:48:37:ac:7b:dc: 59:32:b7:44:19:a2:13:3d:a5:1f:a9:e3:b7:0c:e0: f3:98:92:cf:d7:9a:ac:67:cf:b4:47:f8:88:67:e1: 97:b3:10:e9:ae:62:81:52:ad:89:22:63:67:69:0e: 5b:de:2e:d8:92:f0:09:52:3d:da:12:09:8b:31:be: e6:e1:86:76:cf:07:7d:13:85:a1:97:56:78:ec:ce: fc:aa:46:e8:86:da:64:32:2e:7a:db:5c:4a:bf:b7: 83:9f:bc:19:33:d0:98:13:fc:ea:e1:a0:3e:1f:c8: 18:5a:59:12:1b:99:50:9f:99:92:91:37:3c:69:e0: fe:90:fc:de:f8:e0:07:c3:7a:ef:1f:0c:69:48:fd: d9:d0:c1:85:f4:d2:0b:96:a7:b9:be:6d:ca:2e:d3: 1e:0f:b4:6b:e5:d4:b4:23:87:dc:95:d9:ad:d4:bd: 10:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:11:20:E8:7B:91:64:D4:EB:82:B2:58:51:DE:5E:94:C4:F9:B3:D7 X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/jhEg6HuRZNTrgrJYUd5elMT5s9c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption 09:2b:3b:ea:e5:63:fc:e4:8b:07:74:fc:5c:c4:52:15:d0:c6: 29:ad:e5:2f:4e:7b:52:14:dc:66:c7:aa:30:3e:2f:a4:23:7e: 48:6f:e8:e4:1d:68:53:10:12:ff:ee:9a:ea:22:31:15:d4:8d: 8a:4f:c2:ff:da:fa:0f:18:8e:30:42:4c:7c:fd:bc:ad:07:90: 12:0a:c1:d8:f0:27:a6:41:fc:b5:cd:36:e6:40:fb:6e:12:45: b7:84:c3:29:4f:59:8d:e1:8d:8d:59:04:78:19:3b:e6:23:1f: 89:f6:a8:34:78:0d:60:9f:89:ff:2f:7b:3d:59:92:c1:9b:fe: 3f:ec:57:8a:03:e7:ba:d0:d1:3d:1d:a6:0d:f6:13:41:6f:59: 60:ba:97:ec:8c:40:ed:8b:64:c4:20:41:fe:8c:fc:0a:39:52: 15:29:92:13:ef:fa:df:ce:b9:77:14:7a:0a:35:c5:ae:ea:32: f9:7f:15:7c:3e:f9:4f:13:07:25:e2:94:4b:31:82:32:9a:f4: b2:c8:32:4f:84:9f:b4:09:48:0c:7f:a0:5e:20:18:36:ce:d1: 00:1a:9b:12:c5:d9:b7:c5:b4:17:a0:c5:5f:90:5a:f3:8f:4b: 21:82:c6:fc:7c:33:2c:ec:50:e0:ab:a9:39:e1:f7:b5:11:75: b7:2c:4b:64 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG/UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTAxMTcw MTI3MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhFMTEyMEU4N0I5MTY0 RDRFQjgyQjI1ODUxREU1RTk0QzRGOUIzRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTZ8SS7fzZb3mcC7E23CYXgOFs8nfZs5ntOfrQ0j4PXME9aidc 5hzaVmlPBoUiU0bvT6KgktPyU0IjZa2CpthLplb4gORCeRgq657vdcm5HoDJGKZI N6x73Fkyt0QZohM9pR+p47cM4POYks/Xmqxnz7RH+Ihn4ZezEOmuYoFSrYkiY2dp DlveLtiS8AlSPdoSCYsxvubhhnbPB30ThaGXVnjszvyqRuiG2mQyLnrbXEq/t4Of vBkz0JgT/OrhoD4fyBhaWRIbmVCfmZKRNzxp4P6Q/N744AfDeu8fDGlI/dnQwYX0 0guWp7m+bcou0x4PtGvl1LQjh9yV2a3UvRAFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUjhEg6HuRZNTrgrJYUd5elMT5s9cwHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvamhFZzZIdVJaTlRy Z3JKWVVkNWVsTVQ1czljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEACSs76uVj/OSLB3T8XMRSFdDGKa3l L057UhTcZseqMD4vpCN+SG/o5B1oUxAS/+6a6iIxFdSNik/C/9r6DxiOMEJMfP28 rQeQEgrB2PAnpkH8tc025kD7bhJFt4TDKU9ZjeGNjVkEeBk75iMfifaoNHgNYJ+J /y97PVmSwZv+P+xXigPnutDRPR2mDfYTQW9ZYLqX7IxA7YtkxCBB/oz8CjlSFSmS E+/63865dxR6CjXFruoy+X8VfD75TxMHJeKUSzGCMpr0ssgyT4SftAlIDH+gXiAY Ns7RABqbEsXZt8W0F6DFX5Ba849LIYLG/HwzLOxQ4KupOeH3tRF1tyxLZA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:46:14 2025 by rpki-client