$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2793/bu1io0YGUyVGXJmlBFXCkqNhHzU.roa File: bu1io0YGUyVGXJmlBFXCkqNhHzU.roa (raw, json) Hash identifier: yjvnS6F+0OxhpQIQ3KjhJ2RFbPyMa6dRGhAGQNbL7Y4= Subject key identifier: 6E:ED:62:A3:46:06:53:25:46:5C:99:A5:04:55:C2:92:A3:61:1F:35 Certificate issuer: /CN=D6C5C18CCE6030730BC222AB17F4E3D8F1603033 Certificate serial: 1BBF Authority key identifier: D6:C5:C1:8C:CE:60:30:73:0B:C2:22:AB:17:F4:E3:D8:F1:60:30:33 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1sXBjM5gMHMLwiKrF_Tj2PFgMDM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2793/bu1io0YGUyVGXJmlBFXCkqNhHzU.roa Signing time: Fri 17 Jan 2025 01:30:18 +0000 ROA not before: Fri 17 Jan 2025 01:30:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 38344 IP address blocks: 103.9.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2793/1sXBjM5gMHMLwiKrF_Tj2PFgMDM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2793/1sXBjM5gMHMLwiKrF_Tj2PFgMDM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1sXBjM5gMHMLwiKrF_Tj2PFgMDM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:11:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7103 (0x1bbf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D6C5C18CCE6030730BC222AB17F4E3D8F1603033 Validity Not Before: Jan 17 01:30:18 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=6EED62A346065325465C99A50455C292A3611F35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:2d:ae:c2:cc:c4:b7:d9:20:0a:64:b3:cd:c6: 5d:ee:3a:38:0e:17:6a:df:bf:56:36:58:5b:76:44: 22:69:0e:72:f9:dd:72:5f:5d:a1:1c:37:e9:78:7c: ed:db:69:eb:5d:a3:19:49:4e:7d:0f:ce:36:45:eb: 26:33:c8:ff:80:37:31:77:2d:e8:d2:cb:42:60:66: 66:68:96:7c:e2:8f:a4:99:d5:16:69:2f:88:17:f0: ec:63:eb:24:37:17:92:dd:85:28:78:f1:4a:d2:b3: 19:d6:46:3f:2c:62:59:74:02:36:4d:1f:ad:e1:2f: 64:66:0e:ec:74:3b:fe:29:a3:e5:3a:7c:14:78:ab: 30:f7:6f:9b:95:1d:fc:05:1b:f5:fd:b8:b6:d8:33: ac:81:1d:94:08:7e:36:46:b1:59:c1:61:b8:95:ed: cb:2f:9a:75:1c:7c:7b:ed:fe:e7:67:c1:20:98:fa: ab:1b:87:81:60:31:48:78:1e:ad:04:98:a9:ba:e4: d5:ae:b8:5c:61:dc:49:60:82:3b:c9:eb:a2:50:92: 9a:48:f7:cd:3e:dd:21:fb:f0:aa:b6:90:e4:9e:0e: 79:2c:31:6a:00:bc:b2:a2:04:a9:ed:be:ce:71:ce: 53:ff:39:34:06:6f:5f:80:4e:3d:65:8f:fa:1c:41: e2:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:ED:62:A3:46:06:53:25:46:5C:99:A5:04:55:C2:92:A3:61:1F:35 X509v3 Authority Key Identifier: keyid:D6:C5:C1:8C:CE:60:30:73:0B:C2:22:AB:17:F4:E3:D8:F1:60:30:33 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2793/1sXBjM5gMHMLwiKrF_Tj2PFgMDM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1sXBjM5gMHMLwiKrF_Tj2PFgMDM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2793/bu1io0YGUyVGXJmlBFXCkqNhHzU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.9.152.0/24 Signature Algorithm: sha256WithRSAEncryption 98:8e:fd:10:78:38:5c:dd:d2:ea:60:da:03:99:a3:b2:b4:68: be:8d:3d:e5:2f:df:76:ca:0e:82:ee:73:42:59:70:de:f4:e9: 54:3b:61:3f:af:d4:16:2b:59:e7:5e:f6:43:a7:00:3d:72:c8: 5f:d2:eb:03:05:bc:0f:74:de:f8:da:fe:0c:6d:3e:be:6e:8c: 88:4a:14:6f:0b:49:64:0b:4e:60:97:fd:e7:bc:fe:21:1c:4f: 6d:13:85:31:e3:11:ee:0c:81:9a:1a:9e:75:ee:89:b5:0e:d5: 41:bd:23:63:8b:77:5e:27:27:82:6d:3f:9a:d4:07:97:51:22: e8:bd:a2:93:3d:ea:2a:4f:02:11:32:21:8b:31:61:31:37:2d: 1d:dc:3d:1e:04:e8:fe:ad:c4:75:eb:f5:02:cf:1a:c3:8a:c1: 8b:5e:8f:ba:22:ce:2b:83:ff:2c:95:be:c6:c8:61:9a:9d:5e: e5:08:8d:1e:37:c1:a6:d2:ff:04:44:e9:1a:5f:17:ee:27:40: 4d:5b:12:49:69:35:81:c4:9b:0b:82:4d:48:77:09:b0:d2:ca: be:f8:20:77:aa:82:11:08:01:55:66:6e:a8:f3:4d:b4:e6:5e: 17:16:80:9e:34:cc:d7:84:74:43:13:09:68:75:c2:60:93:b6: cc:48:48:49 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG78wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDZD NUMxOENDRTYwMzA3MzBCQzIyMkFCMTdGNEUzRDhGMTYwMzAzMzAeFw0yNTAxMTcw MTMwMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZFRUQ2MkEzNDYwNjUz MjU0NjVDOTlBNTA0NTVDMjkyQTM2MTFGMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdLa7CzMS32SAKZLPNxl3uOjgOF2rfv1Y2WFt2RCJpDnL53XJf XaEcN+l4fO3baetdoxlJTn0PzjZF6yYzyP+ANzF3LejSy0JgZmZolnzij6SZ1RZp L4gX8Oxj6yQ3F5LdhSh48UrSsxnWRj8sYll0AjZNH63hL2RmDux0O/4po+U6fBR4 qzD3b5uVHfwFG/X9uLbYM6yBHZQIfjZGsVnBYbiV7csvmnUcfHvt/udnwSCY+qsb h4FgMUh4Hq0EmKm65NWuuFxh3ElggjvJ66JQkppI980+3SH78Kq2kOSeDnksMWoA vLKiBKntvs5xzlP/OTQGb1+ATj1lj/ocQeIrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbu1io0YGUyVGXJmlBFXCkqNhHzUwHwYDVR0jBBgwFoAU1sXBjM5gMHMLwiKr F/Tj2PFgMDMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc5 My8xc1hCak01Z01ITUx3aUtyRl9UajJQRmdNRE0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzFzWEJqTTVnTUhNTHdpS3JGX1RqMlBGZ01ETS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3OTMvYnUxaW8wWUdVeVZH WEptbEJGWENrcU5oSHpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGcJmDANBgkqhkiG9w0BAQsFAAOCAQEAmI79EHg4XN3S6mDaA5mjsrRovo09 5S/fdsoOgu5zQllw3vTpVDthP6/UFitZ5172Q6cAPXLIX9LrAwW8D3Te+Nr+DG0+ vm6MiEoUbwtJZAtOYJf957z+IRxPbROFMeMR7gyBmhqede6JtQ7VQb0jY4t3Xicn gm0/mtQHl1Ei6L2ikz3qKk8CETIhizFhMTctHdw9HgTo/q3Edev1As8aw4rBi16P uiLOK4P/LJW+xshhmp1e5QiNHjfBptL/BETpGl8X7idATVsSSWk1gcSbC4JNSHcJ sNLKvvggd6qCEQgBVWZuqPNNtOZeFxaAnjTM14R0QxMJaHXCYJO2zEhISQ== -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:13 2025 by rpki-client