$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2329/tOrFct_T2uf3YfTFAUqLYVfWzos.roa File: tOrFct_T2uf3YfTFAUqLYVfWzos.roa (raw, json) Hash identifier: 1joSZa7uWWmp1eUI7gk+vcbJECdoLlixcSZdzkjVXik= Subject key identifier: B4:EA:C5:72:DF:D3:DA:E7:F7:61:F4:C5:01:4A:8B:61:57:D6:CE:8B Certificate issuer: /CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Certificate serial: 1BF7 Authority key identifier: EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/tOrFct_T2uf3YfTFAUqLYVfWzos.roa Signing time: Fri 17 Jan 2025 01:27:19 +0000 ROA not before: Fri 17 Jan 2025 01:27:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 140293 IP address blocks: 118.184.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:11:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7159 (0x1bf7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EC10C93455759C659D2BB819FB07FF7063CECC32 Validity Not Before: Jan 17 01:27:19 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B4EAC572DFD3DAE7F761F4C5014A8B6157D6CE8B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:92:f0:a2:e1:dd:c5:2e:3c:8e:8b:8c:bd:be: d2:4a:e6:65:86:7d:6e:de:36:54:9e:70:89:05:2c: 92:17:14:62:c5:75:ec:a0:74:dd:2d:0a:43:f0:68: e7:b3:f9:fc:cb:ba:1b:ee:0b:a2:bd:83:e8:4b:44: 1c:54:2f:e9:67:d2:42:f2:d4:bc:24:24:aa:be:a7: 5a:fa:83:5b:45:b4:61:d7:3c:a6:f3:c8:7e:fb:77: 9a:32:f4:f5:b7:db:38:21:19:1b:a0:b7:99:5d:8f: c2:67:eb:15:b4:6d:ee:51:50:3e:25:99:5e:68:1b: cb:a3:e1:d3:b3:cb:34:c4:4f:0e:4c:b7:4c:a0:c3: 2c:2d:fa:96:58:56:2e:0c:8a:ba:50:2b:d0:f6:b0: 68:81:fb:0e:ee:6e:e0:77:02:c3:c0:8a:8e:f7:03: e0:a2:6d:04:22:18:92:19:5d:75:68:84:9d:ab:4e: 84:f5:cc:79:f2:a4:6a:9f:1e:4c:f4:03:d4:05:74: c6:a9:a8:25:63:38:73:26:a9:2d:c9:e2:46:4c:c6: ed:07:df:b6:27:2a:d2:59:6d:77:c7:95:17:7c:59: 28:7a:d6:0a:aa:84:5e:21:b0:9c:46:ae:12:e6:89: 96:51:7a:a7:f6:ee:ca:f8:66:36:7e:a8:d4:66:a6: 8b:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:EA:C5:72:DF:D3:DA:E7:F7:61:F4:C5:01:4A:8B:61:57:D6:CE:8B X509v3 Authority Key Identifier: keyid:EC:10:C9:34:55:75:9C:65:9D:2B:B8:19:FB:07:FF:70:63:CE:CC:32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7BDJNFV1nGWdK7gZ-wf_cGPOzDI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2329/tOrFct_T2uf3YfTFAUqLYVfWzos.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.184.128.0/17 Signature Algorithm: sha256WithRSAEncryption 1c:b8:a0:d6:88:b1:7c:c9:3b:91:72:c5:f0:e4:ee:31:4e:9c: 3c:03:e6:47:3e:8f:6e:55:db:8c:7e:9a:08:1a:9f:55:70:21: 5a:57:12:e2:c1:56:47:b2:f8:b8:a4:00:c8:45:a1:fe:4c:cf: 5c:29:5f:cf:6c:7a:ac:80:e3:21:06:3e:37:dc:20:ac:4c:b1: f3:be:51:42:d8:3c:55:c3:5d:bd:12:55:69:df:ba:16:af:50: 98:ac:6c:f0:20:8c:e8:36:5c:e1:88:36:79:54:72:c2:a9:73: d2:46:00:cd:b0:38:fa:b4:9d:c1:d3:02:48:65:5a:00:cb:69: de:bf:13:2b:18:f4:83:69:67:1a:a6:cb:e1:0c:83:74:63:9c: ee:9e:80:e7:71:08:71:6e:d8:b8:50:fe:34:7d:4d:c9:83:2d: 1b:b8:a2:58:da:49:4e:f8:d0:8b:20:1c:c8:d2:43:63:a0:c4: d1:69:26:c1:21:17:58:c4:3b:1e:d0:fb:93:b5:25:da:b7:b4: 35:60:b7:c0:0d:4c:1a:d6:ab:ba:17:74:e9:cf:a5:96:b0:69: 9c:3c:5e:6f:cc:f5:21:90:c3:56:30:96:88:db:ce:7f:19:6f: d9:ba:86:d6:8f:bb:47:20:ce:e8:8d:1e:bb:ca:a8:61:b6:27: 9a:05:98:f8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUMx MEM5MzQ1NTc1OUM2NTlEMkJCODE5RkIwN0ZGNzA2M0NFQ0MzMjAeFw0yNTAxMTcw MTI3MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI0RUFDNTcyREZEM0RB RTdGNzYxRjRDNTAxNEE4QjYxNTdENkNFOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6kvCi4d3FLjyOi4y9vtJK5mWGfW7eNlSecIkFLJIXFGLFdeyg dN0tCkPwaOez+fzLuhvuC6K9g+hLRBxUL+ln0kLy1LwkJKq+p1r6g1tFtGHXPKbz yH77d5oy9PW32zghGRugt5ldj8Jn6xW0be5RUD4lmV5oG8uj4dOzyzTETw5Mt0yg wywt+pZYVi4MirpQK9D2sGiB+w7ubuB3AsPAio73A+CibQQiGJIZXXVohJ2rToT1 zHnypGqfHkz0A9QFdMapqCVjOHMmqS3J4kZMxu0H37YnKtJZbXfHlRd8WSh61gqq hF4hsJxGrhLmiZZReqf27sr4ZjZ+qNRmpotfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUtOrFct/T2uf3YfTFAUqLYVfWzoswHwYDVR0jBBgwFoAU7BDJNFV1nGWdK7gZ +wf/cGPOzDIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMy OS83QkRKTkZWMW5HV2RLN2daLXdmX2NHUE96REkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzdCREpORlYxbkdXZEs3Z1otd2ZfY0dQT3pESS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMjkvdE9yRmN0X1QydWYz WWZURkFVcUxZVmZXem9zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEB3a4gDANBgkqhkiG9w0BAQsFAAOCAQEAHLig1oixfMk7kXLF8OTuMU6cPAPm Rz6PblXbjH6aCBqfVXAhWlcS4sFWR7L4uKQAyEWh/kzPXClfz2x6rIDjIQY+N9wg rEyx875RQtg8VcNdvRJVad+6Fq9QmKxs8CCM6DZc4Yg2eVRywqlz0kYAzbA4+rSd wdMCSGVaAMtp3r8TKxj0g2lnGqbL4QyDdGOc7p6A53EIcW7YuFD+NH1NyYMtG7ii WNpJTvjQiyAcyNJDY6DE0WkmwSEXWMQ7HtD7k7Ul2re0NWC3wA1MGtaruhd06c+l lrBpnDxeb8z1IZDDVjCWiNvOfxlv2bqG1o+7RyDO6I0eu8qoYbYnmgWY+A== -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:30 2025 by rpki-client