$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/yWrpRzy-pXo5DqN4ghePjg83Q5s.roa File: yWrpRzy-pXo5DqN4ghePjg83Q5s.roa (raw, json) Hash identifier: sxKoArpcodf1XhHERSuGUAuqoIJ+zjBluNq+X0Glo5I= Subject key identifier: C9:6A:E9:47:3C:BE:A5:7A:39:0E:A3:78:82:17:8F:8E:0F:37:43:9B Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Certificate serial: 1BD0 Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/yWrpRzy-pXo5DqN4ghePjg83Q5s.roa Signing time: Fri 17 Jan 2025 01:27:30 +0000 ROA not before: Fri 17 Jan 2025 01:27:30 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 131482 IP address blocks: 103.98.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:11:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7120 (0x1bd0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Validity Not Before: Jan 17 01:27:30 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C96AE9473CBEA57A390EA37882178F8E0F37439B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ba:49:ea:90:bf:ea:7c:9d:57:74:20:db:e6: 05:4f:b5:d1:3c:58:9e:82:9c:97:dc:d0:46:50:c5: 4a:f0:76:9a:7d:f0:e3:fe:ee:8e:9f:b1:c8:81:2b: fd:dd:fb:61:97:16:21:cd:39:84:4a:7f:9c:d8:4a: e7:c9:e8:ec:df:98:0f:cb:0e:a4:17:64:15:28:b2: c0:d4:ec:b3:50:64:b1:c8:51:b8:a6:93:40:9f:7d: 2a:58:88:69:b1:3e:28:8f:39:d9:0a:e9:04:c7:11: e9:35:c8:a5:fa:f2:fa:90:cf:c9:9b:b1:e6:c8:3a: df:90:a8:9e:dd:94:63:35:06:5f:bd:bf:ac:34:59: ea:67:93:b6:3e:47:2f:89:ab:3d:a8:60:3d:aa:ef: df:62:fe:b8:74:47:06:ae:1a:93:ae:98:68:f0:41: 80:a9:d2:60:bc:1a:ee:6b:9a:3a:99:d8:90:06:47: 89:ee:08:35:37:91:bb:bd:ca:91:82:d8:68:bf:7a: 36:83:38:a5:aa:5a:22:df:9d:0d:aa:a0:ab:94:ac: a8:83:0b:9a:5b:47:06:df:e8:4c:77:28:fe:ee:a2: 89:87:0d:6d:ad:27:fc:6d:a7:00:60:f0:61:f0:ba: 71:16:74:af:62:10:94:25:53:a3:4c:63:e5:06:f6: ed:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:6A:E9:47:3C:BE:A5:7A:39:0E:A3:78:82:17:8F:8E:0F:37:43:9B X509v3 Authority Key Identifier: keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/yWrpRzy-pXo5DqN4ghePjg83Q5s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.164.0/22 Signature Algorithm: sha256WithRSAEncryption 48:7c:5b:e5:29:4b:93:21:86:1a:45:3e:0c:6a:1d:12:0c:99: 27:99:57:30:d1:c8:f4:e9:3f:9c:b7:b3:15:a1:e2:9b:d6:26: 14:8a:88:42:64:51:f9:ce:31:55:0e:f7:ca:10:0e:ac:23:26: 6e:d2:a2:cb:00:fa:8c:a8:ed:cd:17:2e:35:08:38:5c:a1:28: ae:5c:6f:bc:74:4b:fd:26:fc:fc:c2:32:ad:20:79:3e:53:41: 97:dd:eb:28:36:c0:df:8b:f8:d8:b0:7d:e4:83:ec:24:9b:f6: 14:7b:98:14:34:c0:49:30:16:f3:14:05:ef:b5:f3:9a:18:27: 02:59:6a:11:c9:97:98:81:44:6d:c7:95:34:e3:a8:93:ed:08: 3a:eb:3e:2e:e5:c6:a5:cf:c3:67:a5:98:b9:d9:67:d9:1c:46: 20:41:e0:11:36:ff:3e:c5:87:1e:96:e0:78:b5:2c:ca:de:19: cd:69:68:ff:99:fd:35:3d:34:78:8f:7d:95:9a:97:d6:d0:bb: 55:ed:e0:3e:2f:f4:cf:d9:1e:6e:b1:7c:d7:92:52:4b:61:44: 6e:52:e7:7f:59:9d:69:ac:74:87:55:60:f9:8e:d2:4a:60:ae: db:a2:40:94:82:ec:d0:e4:bd:2b:ef:43:f5:3f:47:53:5e:a3: 6a:48:1f:c5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG9AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNTAxMTcw MTI3MzBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM5NkFFOTQ3M0NCRUE1 N0EzOTBFQTM3ODgyMTc4RjhFMEYzNzQzOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+uknqkL/qfJ1XdCDb5gVPtdE8WJ6CnJfc0EZQxUrwdpp98OP+ 7o6fsciBK/3d+2GXFiHNOYRKf5zYSufJ6OzfmA/LDqQXZBUossDU7LNQZLHIUbim k0CffSpYiGmxPiiPOdkK6QTHEek1yKX68vqQz8mbsebIOt+QqJ7dlGM1Bl+9v6w0 Wepnk7Y+Ry+Jqz2oYD2q799i/rh0RwauGpOumGjwQYCp0mC8Gu5rmjqZ2JAGR4nu CDU3kbu9ypGC2Gi/ejaDOKWqWiLfnQ2qoKuUrKiDC5pbRwbf6Ex3KP7uoomHDW2t J/xtpwBg8GHwunEWdK9iEJQlU6NMY+UG9u1NAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUyWrpRzy+pXo5DqN4ghePjg83Q5swHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2 NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQveVdycFJ6eS1wWG81 RHFONGdoZVBqZzgzUTVzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdipDANBgkqhkiG9w0BAQsFAAOCAQEASHxb5SlLkyGGGkU+DGodEgyZJ5lX MNHI9Ok/nLezFaHim9YmFIqIQmRR+c4xVQ73yhAOrCMmbtKiywD6jKjtzRcuNQg4 XKEorlxvvHRL/Sb8/MIyrSB5PlNBl93rKDbA34v42LB95IPsJJv2FHuYFDTASTAW 8xQF77XzmhgnAllqEcmXmIFEbceVNOOok+0IOus+LuXGpc/DZ6WYudln2RxGIEHg ETb/PsWHHpbgeLUsyt4ZzWlo/5n9NT00eI99lZqX1tC7Ve3gPi/0z9kebrF815JS S2FEblLnf1mdaax0h1Vg+Y7SSmCu26JAlILs0OS9K+9D9T9HU16jakgfxQ== -----END CERTIFICATE-----Generated at Fri Apr 4 18:49:03 2025 by rpki-client