$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/UYYH8nf7t3pHRtHfYdrj9_du1LI.roa File: UYYH8nf7t3pHRtHfYdrj9_du1LI.roa (raw, json) Hash identifier: TaRSS1gmX2lvWtqnWK7fdhRVGpVjUSEIVC9l9749sHc= Subject key identifier: 51:86:07:F2:77:FB:B7:7A:47:46:D1:DF:61:DA:E3:F7:F7:6E:D4:B2 Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 1BCF Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/UYYH8nf7t3pHRtHfYdrj9_du1LI.roa Signing time: Fri 17 Jan 2025 01:27:37 +0000 ROA not before: Fri 17 Jan 2025 01:27:37 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139021 IP address blocks: 103.139.0.0/23 maxlen: 23 218.247.84.0/23 maxlen: 23 218.247.86.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:10:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7119 (0x1bcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: Jan 17 01:27:37 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=518607F277FBB77A4746D1DF61DAE3F7F76ED4B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:27:8f:00:df:ac:d9:4a:51:89:7c:5c:e9:60: 2c:ce:c4:c8:e8:11:b7:ca:a1:1c:56:ae:59:77:2e: bc:fa:c1:27:51:7b:00:06:96:5e:35:52:a4:b5:1e: b2:19:04:4f:65:2e:ba:a9:ed:4c:5c:08:09:b3:88: 56:db:36:eb:e6:40:20:9d:6e:43:81:c7:df:d7:53: 33:e0:6d:52:a5:e1:54:2f:12:79:64:da:27:ec:fe: 7a:76:a7:33:fd:98:38:70:c6:ea:0c:90:dc:6a:00: 97:0b:c2:f4:aa:6c:52:db:c5:91:8f:21:6a:c6:db: 04:a0:d3:63:39:42:b1:c1:b0:75:68:51:ec:1b:97: 38:2e:35:f6:fc:3a:3b:5e:35:9e:42:0e:14:13:30: ca:67:4d:71:e7:48:e1:b4:2e:03:08:67:52:9a:ed: 3d:8c:ab:3e:e3:59:4a:75:cd:37:5d:32:3a:56:59: de:da:f8:90:44:1e:3c:b3:37:f6:08:e4:0f:af:8c: 65:a4:b4:62:05:65:81:49:77:54:af:02:15:0b:0c: 27:5f:f9:c4:a2:11:77:52:74:52:d1:e6:4b:fd:18: 89:ca:9e:cb:13:f7:36:04:09:a9:18:0e:c9:51:9e: 25:b9:f8:c1:10:22:60:2c:ab:b6:60:03:1c:78:f7: e3:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:86:07:F2:77:FB:B7:7A:47:46:D1:DF:61:DA:E3:F7:F7:6E:D4:B2 X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/UYYH8nf7t3pHRtHfYdrj9_du1LI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.0.0/23 218.247.84.0/22 Signature Algorithm: sha256WithRSAEncryption 41:9c:43:d7:5e:52:ac:c6:a0:4e:10:54:cf:fb:97:d2:6d:10: 75:d3:d4:6a:82:72:3f:23:96:9b:19:91:b3:19:17:b2:1d:5d: f0:41:71:67:9e:72:76:e6:0b:c7:bb:ed:07:75:41:9c:60:ba: c9:98:ea:f3:bc:e6:a4:18:35:c3:d4:65:5f:bf:6b:61:ab:44: 84:0d:a2:17:26:76:74:18:a4:b8:34:12:e2:2f:f6:57:aa:2c: 44:4e:56:c4:35:51:8a:a7:29:72:8a:ac:54:1f:44:49:cd:d9: 83:3b:cb:c3:91:b4:85:e4:94:5c:7c:af:7c:d2:fa:aa:96:24: 7a:cf:f7:6b:50:21:01:62:bc:84:5e:49:5d:4c:c0:f8:24:0a: ac:0d:a9:65:dd:ac:64:1b:5b:9f:c0:e1:85:14:5c:7c:20:1c: 4d:ad:1d:61:f3:ed:79:8b:e4:f1:8d:a8:8e:ea:2a:de:8e:c5: 6b:60:9d:61:b8:f5:d8:13:95:f6:de:b4:6e:b5:ce:f9:46:07: 4a:bc:c4:3d:b6:9f:ca:57:77:70:94:09:07:d8:47:d0:7c:94: 21:46:42:5a:5c:2e:99:76:82:8a:7e:d3:c1:22:90:25:b8:93: d0:f3:4a:23:3b:da:6b:11:c8:be:fc:d3:61:03:cd:49:41:b2: 30:f3:2d:71 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICG88wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNTAxMTcw MTI3MzdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUxODYwN0YyNzdGQkI3 N0E0NzQ2RDFERjYxREFFM0Y3Rjc2RUQ0QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDnJ48A36zZSlGJfFzpYCzOxMjoEbfKoRxWrll3Lrz6wSdRewAG ll41UqS1HrIZBE9lLrqp7UxcCAmziFbbNuvmQCCdbkOBx9/XUzPgbVKl4VQvEnlk 2ifs/np2pzP9mDhwxuoMkNxqAJcLwvSqbFLbxZGPIWrG2wSg02M5QrHBsHVoUewb lzguNfb8OjteNZ5CDhQTMMpnTXHnSOG0LgMIZ1Ka7T2Mqz7jWUp1zTddMjpWWd7a +JBEHjyzN/YI5A+vjGWktGIFZYFJd1SvAhULDCdf+cSiEXdSdFLR5kv9GInKnssT 9zYECakYDslRniW5+MEQImAsq7ZgAxx49+NdAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUUYYH8nf7t3pHRtHfYdrj9/du1LIwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvVVlZSDhuZjd0M3BI UnRIZllkcmo5X2R1MUxJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAWeLAAMEAtr3VDANBgkqhkiG9w0BAQsFAAOCAQEAQZxD115SrMagThBUz/uX 0m0QddPUaoJyPyOWmxmRsxkXsh1d8EFxZ55yduYLx7vtB3VBnGC6yZjq87zmpBg1 w9RlX79rYatEhA2iFyZ2dBikuDQS4i/2V6osRE5WxDVRiqcpcoqsVB9ESc3ZgzvL w5G0heSUXHyvfNL6qpYkes/3a1AhAWK8hF5JXUzA+CQKrA2pZd2sZBtbn8DhhRRc fCAcTa0dYfPteYvk8Y2ojuoq3o7Fa2CdYbj12BOV9t60brXO+UYHSrzEPbafyld3 cJQJB9hH0HyUIUZCWlwumXaCin7TwSKQJbiT0PNKIzvaaxHIvvzTYQPNSUGyMPMt cQ== -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:39 2025 by rpki-client