$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2967/fg7mHGtLtil2WyprsbsP8S_RBvA.roa File: fg7mHGtLtil2WyprsbsP8S_RBvA.roa (raw, json) Hash identifier: sLPHg9eF5ssDrusbPD1wVP4SHX6OeNZW9+5YSQY1aUg= Subject key identifier: 7E:0E:E6:1C:6B:4B:B6:29:76:5B:2A:6B:B1:BB:0F:F1:2F:D1:06:F0 Certificate issuer: /CN=0AB6F528865292E198F98B68B72D98D130AF532E Certificate serial: 129F Authority key identifier: 0A:B6:F5:28:86:52:92:E1:98:F9:8B:68:B7:2D:98:D1:30:AF:53:2E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/fg7mHGtLtil2WyprsbsP8S_RBvA.roa Signing time: Fri 17 Jan 2025 01:27:07 +0000 ROA not before: Fri 17 Jan 2025 01:27:07 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 131482 IP address blocks: 103.150.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4767 (0x129f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0AB6F528865292E198F98B68B72D98D130AF532E Validity Not Before: Jan 17 01:27:07 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=7E0EE61C6B4BB629765B2A6BB1BB0FF12FD106F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:48:2f:0d:09:5f:03:5c:e3:5e:be:df:84:b5: 0d:05:a3:90:04:ea:e3:17:89:dc:bf:98:8c:0f:21: a1:a8:f8:1b:a4:6f:59:0f:ca:98:2f:26:22:8c:fe: ba:d8:38:cf:4d:12:5f:64:0f:62:40:4b:73:2d:fe: 5c:f4:cd:94:e4:27:19:d7:77:8b:a3:1c:92:10:f2: 8f:4f:5d:da:28:da:00:29:6a:67:bb:51:03:93:b8: ac:3d:95:4f:ab:77:ef:1e:37:e6:3d:23:f4:c8:d8: e3:3b:a9:86:b3:20:5e:62:92:c0:cb:85:90:df:f8: de:b1:8f:b7:af:3a:9b:c9:22:b4:a0:58:af:4c:91: 9a:5b:61:c1:fb:11:d7:0e:db:c7:89:ac:b0:ab:41: 46:30:90:bc:5b:20:c4:1e:b0:58:96:4b:73:ef:50: a3:07:54:d6:0d:7c:33:7c:fe:4b:46:db:f6:12:c6: 4d:cf:5d:c4:39:9d:0e:dd:29:01:ec:79:9e:c6:3d: 90:b2:a9:60:2e:0a:ab:88:70:95:fd:35:43:2b:36: a5:3a:3d:0c:85:25:ab:5e:f2:4f:c1:e1:7f:39:87: cb:9e:e7:18:bf:3f:b5:e4:aa:42:7a:15:27:3c:ae: c1:42:ea:ac:8d:d2:10:0d:11:50:90:b1:b2:9e:a3: 80:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:0E:E6:1C:6B:4B:B6:29:76:5B:2A:6B:B1:BB:0F:F1:2F:D1:06:F0 X509v3 Authority Key Identifier: keyid:0A:B6:F5:28:86:52:92:E1:98:F9:8B:68:B7:2D:98:D1:30:AF:53:2E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/fg7mHGtLtil2WyprsbsP8S_RBvA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.150.130.0/23 Signature Algorithm: sha256WithRSAEncryption 96:19:c9:e4:91:c0:5e:69:34:c2:a3:db:31:01:46:74:0e:25: eb:97:df:c2:9d:7e:57:27:69:e5:6a:ee:9c:4e:e6:a5:e4:e9: 27:11:90:4c:b3:08:9d:34:9d:f4:02:6e:26:82:fa:1c:e1:f1: d9:41:c9:85:bb:4d:de:7c:10:ce:ca:87:97:54:2d:cc:f8:80: 06:f1:63:08:11:18:73:8d:7e:8e:17:65:6d:76:39:dd:3f:81: 53:91:9f:28:1c:c9:1c:c3:da:17:fd:bf:e9:4d:93:36:9d:0c: ae:3d:82:1f:b1:df:f3:b0:94:e1:3c:16:6d:1f:b9:98:ae:e1: 4a:ec:00:18:55:85:80:12:c2:91:6c:14:fc:c8:f4:a2:2e:03: 5d:0c:16:02:3a:4d:56:07:fb:97:a5:0d:51:b5:ed:ff:8f:61: 96:fc:59:1e:29:91:62:1a:de:3e:6e:15:0d:6a:75:92:e6:fa: d6:da:bf:25:2f:04:c7:64:39:0f:6e:7b:9d:64:a8:1b:64:6e: 78:ab:81:8c:ba:00:1f:33:6a:fb:84:2b:53:f1:5a:cf:0b:f3: ec:65:be:03:bd:e2:b5:05:dc:7b:bb:98:32:bd:ce:38:7a:7c: d9:79:70:ca:05:d3:10:c7:94:d1:7f:1c:56:1c:89:04:ea:d0: 39:26:b0:af -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEp8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEFC NkY1Mjg4NjUyOTJFMTk4Rjk4QjY4QjcyRDk4RDEzMEFGNTMyRTAeFw0yNTAxMTcw MTI3MDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdFMEVFNjFDNkI0QkI2 Mjk3NjVCMkE2QkIxQkIwRkYxMkZEMTA2RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHSC8NCV8DXONevt+EtQ0Fo5AE6uMXidy/mIwPIaGo+Bukb1kP ypgvJiKM/rrYOM9NEl9kD2JAS3Mt/lz0zZTkJxnXd4ujHJIQ8o9PXdoo2gApame7 UQOTuKw9lU+rd+8eN+Y9I/TI2OM7qYazIF5iksDLhZDf+N6xj7evOpvJIrSgWK9M kZpbYcH7EdcO28eJrLCrQUYwkLxbIMQesFiWS3PvUKMHVNYNfDN8/ktG2/YSxk3P XcQ5nQ7dKQHseZ7GPZCyqWAuCquIcJX9NUMrNqU6PQyFJate8k/B4X85h8ue5xi/ P7XkqkJ6FSc8rsFC6qyN0hANEVCQsbKeo4D3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUfg7mHGtLtil2WyprsbsP8S/RBvAwHwYDVR0jBBgwFoAUCrb1KIZSkuGY+Yto ty2Y0TCvUy4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk2 Ny9DcmIxS0laU2t1R1ktWXRvdHkyWTBUQ3ZVeTQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0NyYjFLSVpTa3VHWS1ZdG90eTJZMFRDdlV5NC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5NjcvZmc3bUhHdEx0aWwy V3lwcnNic1A4U19SQnZBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeWgjANBgkqhkiG9w0BAQsFAAOCAQEAlhnJ5JHAXmk0wqPbMQFGdA4l65ff wp1+Vydp5WrunE7mpeTpJxGQTLMInTSd9AJuJoL6HOHx2UHJhbtN3nwQzsqHl1Qt zPiABvFjCBEYc41+jhdlbXY53T+BU5GfKBzJHMPaF/2/6U2TNp0Mrj2CH7Hf87CU 4TwWbR+5mK7hSuwAGFWFgBLCkWwU/Mj0oi4DXQwWAjpNVgf7l6UNUbXt/49hlvxZ HimRYhrePm4VDWp1kub61tq/JS8Ex2Q5D257nWSoG2RueKuBjLoAHzNq+4QrU/Fa zwvz7GW+A73itQXce7uYMr3OOHp82XlwygXTEMeU0X8cVhyJBOrQOSawrw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:35 2025 by rpki-client