$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/ME9y6iE9_arWH9Fs4BYwAi0vlDo.roa File: ME9y6iE9_arWH9Fs4BYwAi0vlDo.roa (raw, json) Hash identifier: ccNS9q/DL6E/wtDUgZtIMTYW86d7GQqpLSA3TKwdwhY= Subject key identifier: 30:4F:72:EA:21:3D:FD:AA:D6:1F:D1:6C:E0:16:30:02:2D:2F:94:3A Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 1BCA Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/ME9y6iE9_arWH9Fs4BYwAi0vlDo.roa Signing time: Fri 17 Jan 2025 01:27:34 +0000 ROA not before: Fri 17 Jan 2025 01:27:34 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137443 IP address blocks: 219.234.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7114 (0x1bca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: Jan 17 01:27:34 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=304F72EA213DFDAAD61FD16CE01630022D2F943A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:cf:21:2d:0d:81:8b:15:23:79:b4:ae:71:0c: cd:83:55:fa:da:99:18:e1:25:6b:c3:51:6c:1e:f6: 7e:b2:28:fd:cb:12:4a:41:42:f1:c2:bc:03:36:cf: 53:cc:0d:8f:c3:4d:e9:67:f4:9c:4c:51:ae:ba:e0: 56:a2:10:06:50:e1:a1:2a:20:2f:86:c5:41:f3:70: 2e:b5:ec:4c:66:44:9e:ab:bd:f4:99:1b:36:14:10: a9:2c:a8:34:ec:7a:d3:13:cc:08:d3:74:ee:3e:79: 75:5c:ea:81:f0:3b:de:d8:a6:32:21:49:6f:08:75: bb:00:02:f7:59:0c:97:fd:f3:78:ac:8a:ba:68:48: 7f:52:86:b5:2b:cc:f2:96:96:80:97:fb:b8:1e:14: 72:5d:a2:47:d6:98:e2:f8:65:f1:2c:37:4a:2d:c6: 0a:ef:b1:cf:c0:b0:c5:b0:69:2b:f4:9b:7b:c2:88: a1:5a:5f:66:2c:8e:be:7f:ef:40:c0:e0:9f:81:38: 82:c6:bb:2e:a9:6d:d4:4b:49:9b:a9:aa:3a:8f:9c: 63:4c:a1:4e:1c:d6:20:e9:44:df:ce:23:92:1a:16: 22:6e:4a:b8:e7:80:da:d2:03:d8:16:01:e7:58:34: a5:63:f8:f9:17:47:15:98:5f:22:2b:a6:86:b8:be: d6:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:4F:72:EA:21:3D:FD:AA:D6:1F:D1:6C:E0:16:30:02:2D:2F:94:3A X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/ME9y6iE9_arWH9Fs4BYwAi0vlDo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.234.8.0/21 Signature Algorithm: sha256WithRSAEncryption c7:4f:2e:b9:48:40:7c:4d:80:b4:00:0e:ce:27:fb:bf:39:2a: 0b:d6:05:0c:61:22:5e:9f:0b:4a:b8:d7:ba:0a:e1:84:26:71: 90:ef:06:95:45:24:a1:49:1e:8f:9e:5b:11:14:28:a3:9d:23: bf:75:c3:62:9c:1c:5b:66:78:aa:08:d1:9b:71:0d:63:65:b0: 7e:5e:0d:de:50:6b:4c:8c:fb:4a:b8:99:9b:b4:0c:7f:62:09: 58:25:2a:08:69:99:b0:74:23:01:f7:7f:d3:ee:d1:30:70:b6: e2:d5:a5:31:4b:21:6f:d7:4a:06:cb:c5:4f:06:df:49:ce:26: 1b:75:d4:93:38:b4:d9:ae:2a:14:5d:2b:d4:7e:27:31:76:cf: f0:10:51:ac:37:c8:43:15:45:15:78:43:7e:9e:98:d9:67:dd: 02:42:02:15:60:49:87:11:13:42:e0:e3:69:93:a9:1b:be:b8: c3:66:33:3e:ad:5d:77:43:44:5c:ae:f1:14:c2:aa:58:9d:96: f5:91:c5:7d:a9:ff:7b:84:b8:5f:b0:52:60:5b:16:40:dc:d6: 26:5e:3c:1c:24:86:ef:f6:b5:c1:00:b4:9b:d4:e4:57:af:3d: b4:df:47:a4:83:19:4b:1e:57:91:1c:2c:76:bd:bf:45:1a:0f: 04:2b:ef:c0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNTAxMTcw MTI3MzRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMwNEY3MkVBMjEzREZE QUFENjFGRDE2Q0UwMTYzMDAyMkQyRjk0M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDzyEtDYGLFSN5tK5xDM2DVframRjhJWvDUWwe9n6yKP3LEkpB QvHCvAM2z1PMDY/DTeln9JxMUa664FaiEAZQ4aEqIC+GxUHzcC617ExmRJ6rvfSZ GzYUEKksqDTsetMTzAjTdO4+eXVc6oHwO97YpjIhSW8IdbsAAvdZDJf983isirpo SH9ShrUrzPKWloCX+7geFHJdokfWmOL4ZfEsN0otxgrvsc/AsMWwaSv0m3vCiKFa X2Ysjr5/70DA4J+BOILGuy6pbdRLSZupqjqPnGNMoU4c1iDpRN/OI5IaFiJuSrjn gNrSA9gWAedYNKVj+PkXRxWYXyIrpoa4vtapAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUME9y6iE9/arWH9Fs4BYwAi0vlDowHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvTUU5eTZpRTlfYXJX SDlGczRCWXdBaTB2bERvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA9vqCDANBgkqhkiG9w0BAQsFAAOCAQEAx08uuUhAfE2AtAAOzif7vzkqC9YF DGEiXp8LSrjXugrhhCZxkO8GlUUkoUkej55bERQoo50jv3XDYpwcW2Z4qgjRm3EN Y2Wwfl4N3lBrTIz7SriZm7QMf2IJWCUqCGmZsHQjAfd/0+7RMHC24tWlMUshb9dK BsvFTwbfSc4mG3XUkzi02a4qFF0r1H4nMXbP8BBRrDfIQxVFFXhDfp6Y2WfdAkIC FWBJhxETQuDjaZOpG764w2YzPq1dd0NEXK7xFMKqWJ2W9ZHFfan/e4S4X7BSYFsW QNzWJl48HCSG7/a1wQC0m9TkV689tN9HpIMZSx5XkRwsdr2/RRoPBCvvwA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:46:01 2025 by rpki-client