$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/vsCb1gfzCZQSeph_HdAeeNgF874.roa File: vsCb1gfzCZQSeph_HdAeeNgF874.roa (raw, json) Hash identifier: 1uUbExkvMNjyRg7sRiwkOs40dB1SMw82GaAUU552bRc= Subject key identifier: BE:C0:9B:D6:07:F3:09:94:12:7A:98:7F:1D:D0:1E:78:D8:05:F3:BE Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Certificate serial: 1BD1 Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/vsCb1gfzCZQSeph_HdAeeNgF874.roa Signing time: Fri 17 Jan 2025 01:27:30 +0000 ROA not before: Fri 17 Jan 2025 01:27:30 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 103.98.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:11:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7121 (0x1bd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Validity Not Before: Jan 17 01:27:30 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=BEC09BD607F30994127A987F1DD01E78D805F3BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:a0:ea:53:65:22:1c:57:db:a3:ae:52:1f:e1: 92:1a:f7:ed:1c:c0:5f:42:74:0c:52:22:d4:9c:66: 0e:9c:05:62:ca:19:32:b6:62:bf:ac:df:0a:78:ed: 6a:4d:e3:7e:28:d4:b8:cd:95:47:81:b5:9a:c7:0d: f6:a9:a5:45:6c:e0:9b:ac:bd:9f:96:d5:2b:5c:f8: af:29:8a:13:62:b8:40:aa:cb:cd:66:77:ca:c1:ff: 6e:09:14:c8:37:67:3e:20:89:7e:50:cf:8f:3c:18: cc:c1:5a:39:09:4b:29:36:18:00:bc:0c:65:92:d5: e1:bb:41:b4:89:c2:55:ec:3a:8d:38:4e:b9:cb:68: 6a:9c:48:c1:67:6a:94:9e:6f:69:51:89:8e:e4:01: 50:f2:67:c3:e6:f1:eb:00:0b:5b:4d:c7:8a:c7:5e: 2d:6c:67:bb:75:0a:8d:b1:29:d1:a0:38:95:ac:78: 38:1e:b6:66:1f:ba:ca:9e:2f:68:4d:f7:03:2d:e3: 8e:2a:b8:71:60:80:07:51:9b:08:64:7f:f9:c9:e5: c1:01:6f:5d:fd:fa:19:d9:13:ec:82:77:d3:9b:86: 0c:45:53:db:31:8b:d2:26:01:48:bd:5d:4a:74:5a: 59:bb:c3:ff:0a:a9:05:71:b0:fe:1a:ca:92:b0:4e: 2a:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:C0:9B:D6:07:F3:09:94:12:7A:98:7F:1D:D0:1E:78:D8:05:F3:BE X509v3 Authority Key Identifier: keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/vsCb1gfzCZQSeph_HdAeeNgF874.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.164.0/22 Signature Algorithm: sha256WithRSAEncryption 21:78:76:b7:40:d3:6d:60:4d:66:f5:ea:6b:cf:aa:22:9d:39: 42:a6:fa:3c:4c:02:2e:d4:03:91:20:1c:7f:f5:39:87:73:bb: 98:93:f9:96:ea:c6:59:89:c9:a1:0a:4a:95:c9:23:7b:5d:fe: a3:cb:cf:fe:d8:d9:9c:ae:5a:1c:0d:02:5e:32:1b:19:00:1e: ca:73:f2:6b:0d:bf:77:66:d0:56:e6:e6:03:19:0e:b8:63:57: e1:17:83:ce:f7:b3:f4:f2:97:70:a4:e0:d4:50:74:75:b9:bb: 4e:89:63:bf:0e:d8:fe:64:06:8f:89:b1:e3:a0:86:e4:90:2c: 78:d9:e5:49:91:74:17:2b:5b:fb:65:1d:1f:5a:f4:ad:c3:e8: c6:68:9b:7a:aa:ac:c3:26:20:50:c8:36:33:ee:ab:9a:2a:26: 28:6c:b9:bf:ce:ee:b9:08:f5:e0:4a:73:b4:31:7d:0c:23:ca: 77:e7:c3:f4:95:9b:c2:ba:51:68:2e:b3:bb:83:68:7c:15:02: 77:1e:30:26:c8:cb:f9:22:40:01:b5:79:34:8f:1b:6e:78:b1: 88:eb:a5:3f:25:90:c1:c9:0f:4d:bf:eb:9b:d4:cd:09:d8:04: 6e:ef:a6:c4:2c:62:5c:1e:8b:6d:59:38:4b:f0:00:98:8b:cd: c6:00:af:0d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNTAxMTcw MTI3MzBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJFQzA5QkQ2MDdGMzA5 OTQxMjdBOTg3RjFERDAxRTc4RDgwNUYzQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+oOpTZSIcV9ujrlIf4ZIa9+0cwF9CdAxSItScZg6cBWLKGTK2 Yr+s3wp47WpN434o1LjNlUeBtZrHDfappUVs4JusvZ+W1Stc+K8pihNiuECqy81m d8rB/24JFMg3Zz4giX5Qz488GMzBWjkJSyk2GAC8DGWS1eG7QbSJwlXsOo04TrnL aGqcSMFnapSeb2lRiY7kAVDyZ8Pm8esAC1tNx4rHXi1sZ7t1Co2xKdGgOJWseDge tmYfusqeL2hN9wMt444quHFggAdRmwhkf/nJ5cEBb139+hnZE+yCd9ObhgxFU9sx i9ImAUi9XUp0Wlm7w/8KqQVxsP4aypKwTipjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUvsCb1gfzCZQSeph/HdAeeNgF874wHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2 NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvdnNDYjFnZnpDWlFT ZXBoX0hkQWVlTmdGODc0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdipDANBgkqhkiG9w0BAQsFAAOCAQEAIXh2t0DTbWBNZvXqa8+qIp05Qqb6 PEwCLtQDkSAcf/U5h3O7mJP5lurGWYnJoQpKlckje13+o8vP/tjZnK5aHA0CXjIb GQAeynPyaw2/d2bQVubmAxkOuGNX4ReDzvez9PKXcKTg1FB0dbm7Toljvw7Y/mQG j4mx46CG5JAseNnlSZF0Fytb+2UdH1r0rcPoxmibeqqswyYgUMg2M+6rmiomKGy5 v87uuQj14EpztDF9DCPKd+fD9JWbwrpRaC6zu4NofBUCdx4wJsjL+SJAAbV5NI8b bnixiOulPyWQwckPTb/rm9TNCdgEbu+mxCxiXB6LbVk4S/AAmIvNxgCvDQ== -----END CERTIFICATE-----Generated at Fri Apr 4 18:44:19 2025 by rpki-client