$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2994/lK4-oeFtUHF3mLUrePlLBIigGdY.roa File: lK4-oeFtUHF3mLUrePlLBIigGdY.roa (raw, json) Hash identifier: aRbdXVoiAdr31won1vJ0j6ZH5WVSIeE8Zz3myefySLI= Subject key identifier: 94:AE:3E:A1:E1:6D:50:71:77:98:B5:2B:78:F9:4B:04:88:A0:19:D6 Certificate issuer: /CN=17599D99A531F81B15D7BD9EF2D4689831F0D85D Certificate serial: 03AC Authority key identifier: 17:59:9D:99:A5:31:F8:1B:15:D7:BD:9E:F2:D4:68:98:31:F0:D8:5D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/lK4-oeFtUHF3mLUrePlLBIigGdY.roa Signing time: Fri 21 Mar 2025 03:30:43 +0000 ROA not before: Fri 21 Mar 2025 03:30:43 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 152475 IP address blocks: 103.152.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 15 Apr 2025 14:37:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 940 (0x3ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17599D99A531F81B15D7BD9EF2D4689831F0D85D Validity Not Before: Mar 21 03:30:43 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=94AE3EA1E16D50717798B52B78F94B0488A019D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:01:cd:10:0d:12:77:cc:34:6e:6b:5a:7f:e3: 08:3f:2b:47:4c:a2:25:cd:9b:4c:de:5d:ec:8a:ac: 15:26:ad:76:ec:dd:3b:03:14:3c:9e:27:0d:a1:26: 0a:a3:3e:aa:3f:6c:ac:6a:35:6b:e3:9a:9f:43:d2: b7:0a:e1:47:6d:a6:9c:5f:fa:e2:99:fb:dd:d5:30: 84:51:96:e0:63:c9:c2:52:fa:b7:62:b6:fc:07:9b: 9e:49:df:95:68:f8:7f:4c:26:00:13:9d:16:8c:d5: 31:7f:23:e1:35:34:2a:95:32:34:d0:a5:ee:a1:52: da:9c:a3:15:7d:71:5c:38:48:31:e4:3c:f6:97:d3: 37:8d:d5:5c:72:08:57:9b:92:51:03:82:73:ed:29: 4e:61:d9:a8:94:42:33:cd:d8:22:cd:fa:75:c2:77: a3:38:64:b1:ed:bd:e7:b1:79:8c:01:9e:7a:e4:4c: 3d:2e:af:fb:0e:3d:1c:f9:9f:75:08:ba:ee:f5:39: 16:47:38:3d:c6:41:93:a4:d5:ba:3d:38:a1:81:ce: ef:be:34:12:4b:a5:62:8f:b2:2f:1b:a3:73:d0:9c: 79:4f:b8:7d:09:43:d4:c1:73:81:11:8a:19:06:94: 11:54:6a:a5:97:79:4f:b1:1c:d8:97:06:1d:52:d2: 7d:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:AE:3E:A1:E1:6D:50:71:77:98:B5:2B:78:F9:4B:04:88:A0:19:D6 X509v3 Authority Key Identifier: keyid:17:59:9D:99:A5:31:F8:1B:15:D7:BD:9E:F2:D4:68:98:31:F0:D8:5D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F1mdmaUx-BsV172e8tRomDHw2F0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F1mdmaUx-BsV172e8tRomDHw2F0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/lK4-oeFtUHF3mLUrePlLBIigGdY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.247.0/24 Signature Algorithm: sha256WithRSAEncryption 3e:cd:f1:b5:37:77:01:0d:fa:27:d5:84:dd:23:7d:92:f4:e7: e5:19:d8:76:56:79:cb:cf:70:e4:4d:b7:fa:9b:bd:44:34:10: 0f:e8:dc:97:93:5c:7e:e8:04:e2:6d:fc:22:65:00:bf:b9:13: 7e:6f:de:db:d4:34:6e:89:23:82:74:88:aa:1d:36:a5:c6:cc: 10:8c:f6:fa:29:e5:3e:76:f2:52:42:a3:81:85:06:64:b5:48: 49:09:52:02:22:e9:ae:03:d2:a5:15:da:40:ac:cc:0c:d5:10: 20:0f:eb:1c:02:b4:e9:73:c0:70:ca:43:84:e0:0a:01:97:35: 5f:0a:f8:22:7b:59:8d:7d:ba:ba:a0:bb:76:0c:1d:16:dd:16: df:fa:37:4d:71:45:d6:bd:25:57:4d:a5:40:af:60:b4:0b:3f: 24:6d:81:65:18:50:f8:d3:14:ee:64:0d:94:3c:fa:5b:cc:20: 13:67:55:86:02:db:83:3a:d3:60:fa:d7:16:96:08:fd:97:51: f0:c5:c7:b1:cc:e2:73:34:b2:f1:e2:1c:8a:5c:ca:74:a2:21: da:df:33:5a:5b:61:3f:9e:a5:48:21:03:70:8a:80:93:5d:1a: 23:27:b8:e4:0e:27:5c:bb:a6:e9:ed:25:ae:90:3a:1e:e3:4d: 36:fb:cb:04 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICA6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTc1 OTlEOTlBNTMxRjgxQjE1RDdCRDlFRjJENDY4OTgzMUYwRDg1RDAeFw0yNTAzMjEw MzMwNDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk0QUUzRUExRTE2RDUw NzE3Nzk4QjUyQjc4Rjk0QjA0ODhBMDE5RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfAc0QDRJ3zDRua1p/4wg/K0dMoiXNm0zeXeyKrBUmrXbs3TsD FDyeJw2hJgqjPqo/bKxqNWvjmp9D0rcK4Udtppxf+uKZ+93VMIRRluBjycJS+rdi tvwHm55J35Vo+H9MJgATnRaM1TF/I+E1NCqVMjTQpe6hUtqcoxV9cVw4SDHkPPaX 0zeN1VxyCFebklEDgnPtKU5h2aiUQjPN2CLN+nXCd6M4ZLHtveexeYwBnnrkTD0u r/sOPRz5n3UIuu71ORZHOD3GQZOk1bo9OKGBzu++NBJLpWKPsi8bo3PQnHlPuH0J Q9TBc4ERihkGlBFUaqWXeU+xHNiXBh1S0n3BAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUlK4+oeFtUHF3mLUrePlLBIigGdYwHwYDVR0jBBgwFoAUF1mdmaUx+BsV172e 8tRomDHw2F0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk5 NC9GMW1kbWFVeC1Cc1YxNzJlOHRSb21ESHcyRjAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0YxbWRtYVV4LUJzVjE3MmU4dFJvbURIdzJGMC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5OTQvbEs0LW9lRnRVSEYz bUxVcmVQbExCSWlnR2RZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGeY9zANBgkqhkiG9w0BAQsFAAOCAQEAPs3xtTd3AQ36J9WE3SN9kvTn5RnY dlZ5y89w5E23+pu9RDQQD+jcl5NcfugE4m38ImUAv7kTfm/e29Q0bokjgnSIqh02 pcbMEIz2+inlPnbyUkKjgYUGZLVISQlSAiLprgPSpRXaQKzMDNUQIA/rHAK06XPA cMpDhOAKAZc1Xwr4IntZjX26uqC7dgwdFt0W3/o3TXFF1r0lV02lQK9gtAs/JG2B ZRhQ+NMU7mQNlDz6W8wgE2dVhgLbgzrTYPrXFpYI/ZdR8MXHscziczSy8eIcilzK dKIh2t8zWlthP56lSCEDcIqAk10aIye45A4nXLum6e0lrpA6HuNNNvvLBA== -----END CERTIFICATE-----Generated at Tue Apr 15 13:26:39 2025 by rpki-client