$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa File: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (raw, json) Hash identifier: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg= Subject key identifier: 69:CF:73:9F:52:99:CF:C1:92:A6:5B:09:EE:7D:F0:86:93:97:67:A6 Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672 Certificate serial: 05A8 Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa Signing time: Wed 09 Apr 2025 07:08:45 +0000 ROA not before: Wed 09 Apr 2025 07:08:45 +0000 ROA not after: Thu 09 Apr 2026 06:41:32 +0000 asID: 132019 IP address blocks: 103.69.116.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Apr 2025 14:06:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1448 (0x5a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672 Validity Not Before: Apr 9 07:08:45 2025 GMT Not After : Apr 9 06:41:32 2026 GMT Subject: CN=69CF739F5299CFC192A65B09EE7DF086939767A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:24:58:0e:26:22:46:e6:dd:c1:99:b8:91:ac: 19:64:3f:34:f1:c8:a7:3f:01:05:7f:9a:3a:31:35: 06:8f:fc:20:09:2f:55:6e:d7:f8:72:3a:f9:0b:17: 36:0a:2e:ec:af:5f:d9:3c:51:a2:de:60:4a:09:30: 18:ea:81:e4:74:f2:2e:b0:36:15:7b:60:68:81:10: fe:ab:f3:a0:d4:ef:ff:9a:c4:13:04:00:75:e9:13: 5d:00:3c:8e:76:12:02:e7:35:02:33:66:83:1e:42: e3:8e:7e:0b:66:90:76:b8:08:15:a6:b3:98:6a:f6: 57:a1:35:cf:1c:f7:81:26:ed:9e:57:97:e5:c5:98: e3:ac:e6:b1:7c:31:b5:6b:36:99:ce:4e:61:1e:3b: d9:44:07:42:b5:0d:62:e2:3c:f1:0e:0f:ab:a7:bf: 29:3d:c3:b8:cf:4d:6a:39:28:29:ae:27:ca:18:78: 48:e4:be:7a:06:62:45:00:7a:57:1c:6c:00:dd:1a: 61:86:c7:aa:a0:40:f4:b5:dd:3a:b7:11:88:c8:ef: 80:5b:1c:7e:e9:e1:04:bd:32:a0:1b:41:0a:cc:1d: 0e:60:bb:e5:12:19:b7:66:24:bb:70:fc:60:99:f7: 83:0d:91:b7:61:56:79:77:f5:8a:62:f1:65:15:b5: 4b:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:CF:73:9F:52:99:CF:C1:92:A6:5B:09:EE:7D:F0:86:93:97:67:A6 X509v3 Authority Key Identifier: keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.69.116.0/24 Signature Algorithm: sha256WithRSAEncryption 71:7c:ff:97:aa:41:d0:d0:39:22:fa:8e:24:8e:0d:6b:5d:68: 44:3a:25:c1:5c:85:98:8f:da:f2:f0:2d:c0:1f:f5:43:e2:9d: 38:df:d6:17:21:73:c7:18:fd:90:4a:78:8e:96:f1:67:5b:d8: c4:64:46:32:71:0b:a8:72:e8:b6:3b:85:c4:d9:cb:e7:7f:e7: 57:21:57:3d:0d:94:b1:e4:b8:70:0a:dc:f7:de:e2:e4:2b:d6: c9:00:ef:42:b5:23:57:93:d7:41:c4:71:c2:4e:30:5b:62:7d: 20:77:75:be:f4:55:9c:0a:73:fa:8d:ea:e0:19:e2:f6:5e:e3: f1:e3:3f:50:a5:ad:02:00:bc:53:0f:7c:17:13:25:2d:a3:ea: eb:76:11:a4:d6:89:33:cd:37:83:8e:c7:62:2d:20:9c:74:86: 1e:b0:8a:49:51:76:b6:ab:eb:58:94:20:3c:b1:8b:9a:b2:e9: 85:b2:20:77:94:2a:bb:81:b8:51:04:f3:e5:9e:6a:24:04:be: ee:5f:df:b2:72:68:d2:23:32:08:80:b4:d0:46:65:54:81:89: 51:71:40:5f:c5:1e:b1:50:2a:72:da:b5:2b:94:59:95:b2:fb: e8:13:a9:57:56:b8:6f:81:1c:e8:ee:15:38:2b:2f:a9:b6:91: f4:3c:e8:5e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTA0MDkw NzA4NDVaFw0yNjA0MDkwNjQxMzJaMDMxMTAvBgNVBAMTKDY5Q0Y3MzlGNTI5OUNG QzE5MkE2NUIwOUVFN0RGMDg2OTM5NzY3QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAJFgOJiJG5t3BmbiRrBlkPzTxyKc/AQV/mjoxNQaP/CAJL1Vu 1/hyOvkLFzYKLuyvX9k8UaLeYEoJMBjqgeR08i6wNhV7YGiBEP6r86DU7/+axBME AHXpE10API52EgLnNQIzZoMeQuOOfgtmkHa4CBWms5hq9lehNc8c94Em7Z5Xl+XF mOOs5rF8MbVrNpnOTmEeO9lEB0K1DWLiPPEOD6unvyk9w7jPTWo5KCmuJ8oYeEjk vnoGYkUAelccbADdGmGGx6qgQPS13Tq3EYjI74BbHH7p4QS9MqAbQQrMHQ5gu+US GbdmJLtw/GCZ94MNkbdhVnl39Ypi8WUVtUtnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUac9zn1KZz8GSplsJ7n3whpOXZ6YwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+ iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvYWM5em4xS1p6OEdT cGxzSjduM3docE9YWjZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdFdDANBgkqhkiG9w0BAQsFAAOCAQEAcXz/l6pB0NA5IvqOJI4Na11oRDol wVyFmI/a8vAtwB/1Q+KdON/WFyFzxxj9kEp4jpbxZ1vYxGRGMnELqHLotjuFxNnL 53/nVyFXPQ2UseS4cArc997i5CvWyQDvQrUjV5PXQcRxwk4wW2J9IHd1vvRVnApz +o3q4Bni9l7j8eM/UKWtAgC8Uw98FxMlLaPq63YRpNaJM803g47HYi0gnHSGHrCK SVF2tqvrWJQgPLGLmrLphbIgd5Qqu4G4UQTz5Z5qJAS+7l/fsnJo0iMyCIC00EZl VIGJUXFAX8UesVAqctq1K5RZlbL76BOpV1a4b4Ec6O4VOCsvqbaR9DzoXg== -----END CERTIFICATE-----Generated at Tue Apr 22 12:37:07 2025 by rpki-client