$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/5VxcwIzNajDMHEYME1Yi6C_m-58.roa File: 5VxcwIzNajDMHEYME1Yi6C_m-58.roa (raw, json) Hash identifier: dDLOAOOftWIbv5I88SwAUdDrKySq1imBz6NTsUXSYc8= Subject key identifier: E5:5C:5C:C0:8C:CD:6A:30:CC:1C:46:0C:13:56:22:E8:2F:E6:FB:9F Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 21E0 Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/5VxcwIzNajDMHEYME1Yi6C_m-58.roa Signing time: Fri 17 Jan 2025 01:28:46 +0000 ROA not before: Fri 17 Jan 2025 01:28:46 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139139 IP address blocks: 103.152.186.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:09:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8672 (0x21e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Jan 17 01:28:46 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=E55C5CC08CCD6A30CC1C460C135622E82FE6FB9F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ca:87:1b:4e:ea:1c:2a:b9:1a:e1:5b:af:0b: 96:e2:65:ff:07:56:26:33:46:ce:62:60:ce:be:07: 13:18:0b:7b:90:e8:8e:2e:7e:ac:91:16:99:80:76: e5:54:c9:77:f5:6b:dd:6b:5b:75:58:02:a7:a7:4c: aa:b6:3f:9f:0f:66:9e:c8:ba:23:d2:99:d7:01:48: 48:f8:5d:06:47:09:92:d0:84:c1:2e:0d:62:2b:ca: f2:d8:69:98:b9:86:b8:0a:56:00:e3:1e:ed:0e:40: bf:e5:33:92:8f:0f:50:e0:0a:2b:11:8b:23:ca:92: c9:a4:35:5d:7c:82:ab:7e:03:57:38:04:bf:4b:8f: 35:16:8e:3f:6b:37:5e:76:e3:44:7c:9c:ab:5d:45: 01:42:b0:a4:03:d8:6b:d1:4b:f8:ed:5c:72:6c:ee: 3b:33:27:de:94:12:ee:9d:5d:43:37:92:ec:78:0a: be:6e:d0:32:29:1e:84:27:fa:76:4f:92:e8:2c:fd: c7:21:7a:04:e2:6a:02:8b:5c:86:2a:a1:20:5e:07: a4:0f:b1:ae:a7:ff:49:a6:59:d8:16:e5:5f:ab:62: cf:65:3b:82:c9:f6:50:34:e0:78:86:b8:23:47:99: 5f:3e:f6:24:69:83:7f:0c:b7:15:52:14:f7:3e:ee: 69:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:5C:5C:C0:8C:CD:6A:30:CC:1C:46:0C:13:56:22:E8:2F:E6:FB:9F X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/5VxcwIzNajDMHEYME1Yi6C_m-58.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.186.0/23 Signature Algorithm: sha256WithRSAEncryption 64:d5:8f:1c:84:d9:3e:fe:f0:f3:86:bc:fb:30:ac:aa:f5:31: 0a:31:2a:c0:75:6f:92:bc:0a:73:dc:92:12:9b:7f:52:d7:a9: b5:6f:79:d3:d8:70:b6:49:9f:62:b4:96:a4:6c:fd:5d:b8:2b: fb:70:df:44:37:03:fe:99:1d:05:a7:a2:c2:bd:f5:bb:41:df: 39:37:19:1b:85:85:46:76:37:15:10:0a:e5:07:89:0b:ce:5f: 9f:1b:55:f1:67:0c:0d:47:fc:b5:61:32:7a:1a:35:cf:24:c8: b2:9a:98:b0:cf:af:0a:69:bc:f6:c1:34:17:17:a4:58:c7:2e: 3d:dd:40:c7:59:8d:50:82:6e:53:a5:f4:76:84:06:b2:57:3c: 1d:ed:7d:89:27:ad:e1:d9:3a:41:a1:ac:e9:ca:fe:9c:a1:50: a7:40:84:fc:8e:93:b8:10:49:3a:77:34:65:63:3b:8e:37:d0: a9:21:37:3e:a1:9f:38:2f:32:4e:09:9e:b9:9e:06:e8:af:69: 55:a9:90:b3:d3:01:d3:f5:37:59:70:11:18:fc:a9:5f:07:ca: ba:99:10:9e:9e:32:16:0f:1f:ac:53:1a:8f:08:3c:3f:f3:bc: 86:34:26:20:57:69:00:e2:f9:6b:ee:9e:b8:e8:5c:c5:5e:3c: 66:3f:42:7e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIeAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNTAxMTcw MTI4NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU1NUM1Q0MwOENDRDZB MzBDQzFDNDYwQzEzNTYyMkU4MkZFNkZCOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVyocbTuocKrka4VuvC5biZf8HViYzRs5iYM6+BxMYC3uQ6I4u fqyRFpmAduVUyXf1a91rW3VYAqenTKq2P58PZp7IuiPSmdcBSEj4XQZHCZLQhMEu DWIryvLYaZi5hrgKVgDjHu0OQL/lM5KPD1DgCisRiyPKksmkNV18gqt+A1c4BL9L jzUWjj9rN15240R8nKtdRQFCsKQD2GvRS/jtXHJs7jszJ96UEu6dXUM3kux4Cr5u 0DIpHoQn+nZPkugs/cchegTiagKLXIYqoSBeB6QPsa6n/0mmWdgW5V+rYs9lO4LJ 9lA04HiGuCNHmV8+9iRpg38MtxVSFPc+7mmdAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU5VxcwIzNajDMHEYME1Yi6C/m+58wHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvNVZ4Y3dJek5hakRN SEVZTUUxWWk2Q19tLTU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAZNWPHITZPv7w84a8+zCsqvUxCjEq wHVvkrwKc9ySEpt/UteptW9509hwtkmfYrSWpGz9Xbgr+3DfRDcD/pkdBaeiwr31 u0HfOTcZG4WFRnY3FRAK5QeJC85fnxtV8WcMDUf8tWEyeho1zyTIspqYsM+vCmm8 9sE0FxekWMcuPd1Ax1mNUIJuU6X0doQGslc8He19iSet4dk6QaGs6cr+nKFQp0CE /I6TuBBJOnc0ZWM7jjfQqSE3PqGfOC8yTgmeuZ4G6K9pVamQs9MB0/U3WXARGPyp XwfKupkQnp4yFg8frFMajwg8P/O8hjQmIFdpAOL5a+6euOhcxV48Zj9Cfg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:45:03 2025 by rpki-client