$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/0-8debMYACIqhZmiB4ti6NxvSqM.roa File: 0-8debMYACIqhZmiB4ti6NxvSqM.roa (raw, json) Hash identifier: FmkghrQPl+lV3iUA+0tb1/YJ8rEo9UhfZExu0TuqynI= Subject key identifier: D3:EF:1D:79:B3:18:00:22:2A:85:99:A2:07:8B:62:E8:DC:6F:4A:A3 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CBC Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/0-8debMYACIqhZmiB4ti6NxvSqM.roa Signing time: Thu 02 Jan 2025 13:58:24 +0000 ROA not before: Thu 02 Jan 2025 13:58:24 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4808 IP address blocks: 180.184.56.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 10:39:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7356 (0x1cbc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:24 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D3EF1D79B31800222A8599A2078B62E8DC6F4AA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:c7:2e:ee:ef:4b:2a:c9:72:3b:b2:0d:ec:c9: f4:a4:fc:40:65:d7:a3:81:d1:16:43:22:fb:50:2d: ca:b2:19:e1:46:be:8e:8c:68:c2:ae:76:e1:cd:02: 23:2f:4f:6c:4a:f3:c4:58:0d:6c:35:11:3e:18:40: 55:cb:a5:c3:07:25:cf:a7:f3:fc:0f:23:fd:b5:90: 9e:26:4a:6b:0b:26:aa:30:19:fa:13:39:d8:56:3d: f1:48:21:66:47:7b:79:fd:59:88:c2:e4:df:61:b7: 78:f6:4b:45:1a:ee:ea:d7:2d:ab:75:5f:b4:f8:56: e4:6e:66:63:91:2b:3f:c3:69:6a:24:a3:49:bc:04: df:31:0c:c2:d7:e2:81:2f:7c:71:33:b6:d3:95:2c: e2:79:66:6a:95:c9:43:0f:30:cd:87:63:28:09:73: 8e:14:2d:a7:77:b1:11:e2:76:f4:74:92:99:d8:e5: cd:a3:2b:aa:00:13:24:8b:9b:e5:c8:df:4b:15:d4: 91:bb:65:00:e9:dc:13:74:4b:72:75:90:8f:c8:aa: ab:5e:92:ac:05:4f:51:be:ba:08:38:13:8b:7e:a9: 66:98:fa:53:e5:af:26:1c:ff:b3:26:3b:18:e8:39: d8:4a:ad:21:76:7b:e9:93:b4:a7:1a:11:0f:ed:7c: 4e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:EF:1D:79:B3:18:00:22:2A:85:99:A2:07:8B:62:E8:DC:6F:4A:A3 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/0-8debMYACIqhZmiB4ti6NxvSqM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.56.0/21 Signature Algorithm: sha256WithRSAEncryption 4f:9a:18:12:72:ef:56:c1:82:68:2d:f7:59:14:de:4c:c6:3d: 89:8d:ee:a1:f6:4b:11:52:ea:8f:6e:06:5f:10:25:3d:8d:17: 39:f4:41:13:48:b9:71:62:fb:38:ea:4e:1b:57:56:a0:71:53: 42:35:26:ca:d4:36:78:7c:f5:bb:90:a4:9f:65:54:f2:d2:76: 9b:ec:c7:49:59:59:d0:05:c1:8b:e5:e2:e2:59:8a:67:68:55: 72:be:89:07:1b:a3:5c:c3:ed:6d:cf:b9:c0:ea:cc:d5:fb:14: cb:50:48:a8:08:cd:33:36:33:cf:c2:fe:6d:78:2f:81:1d:64: 9d:30:be:a6:d3:21:50:e2:c0:e5:9d:a9:89:3b:2a:dd:a8:3e: ae:da:a9:0c:d2:95:6d:d7:82:8e:eb:94:59:c5:d6:c6:ba:d0: 09:4b:0e:b0:cc:1b:99:b9:f1:d9:01:29:35:ac:e5:bf:09:5a: 1e:df:a4:78:bf:93:21:3e:0d:c0:32:7a:9e:68:81:99:bb:07: 5d:9a:95:af:ab:05:62:7b:35:5d:f1:f5:04:20:10:ff:6d:a9: de:7f:c0:d5:4a:cb:e8:33:37:6e:35:36:0c:44:54:48:4f:ba: f1:cc:f4:6c:5f:3f:7a:c5:04:c9:c1:13:4d:db:bf:af:b0:47: 89:b1:ea:96 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHLwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQzRUYxRDc5QjMxODAw MjIyQTg1OTlBMjA3OEI2MkU4REM2RjRBQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmxy7u70sqyXI7sg3syfSk/EBl16OB0RZDIvtQLcqyGeFGvo6M aMKuduHNAiMvT2xK88RYDWw1ET4YQFXLpcMHJc+n8/wPI/21kJ4mSmsLJqowGfoT OdhWPfFIIWZHe3n9WYjC5N9ht3j2S0Ua7urXLat1X7T4VuRuZmORKz/DaWoko0m8 BN8xDMLX4oEvfHEzttOVLOJ5ZmqVyUMPMM2HYygJc44ULad3sRHidvR0kpnY5c2j K6oAEySLm+XI30sV1JG7ZQDp3BN0S3J1kI/IqqtekqwFT1G+ugg4E4t+qWaY+lPl ryYc/7MmOxjoOdhKrSF2e+mTtKcaEQ/tfE4hAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU0+8debMYACIqhZmiB4ti6NxvSqMwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvMC04ZGViTVlBQ0lx aFptaUI0dGk2Tnh2U3FNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4ODANBgkqhkiG9w0BAQsFAAOCAQEAT5oYEnLvVsGCaC33WRTeTMY9iY3u ofZLEVLqj24GXxAlPY0XOfRBE0i5cWL7OOpOG1dWoHFTQjUmytQ2eHz1u5Ckn2VU 8tJ2m+zHSVlZ0AXBi+Xi4lmKZ2hVcr6JBxujXMPtbc+5wOrM1fsUy1BIqAjNMzYz z8L+bXgvgR1knTC+ptMhUOLA5Z2piTsq3ag+rtqpDNKVbdeCjuuUWcXWxrrQCUsO sMwbmbnx2QEpNazlvwlaHt+keL+TIT4NwDJ6nmiBmbsHXZqVr6sFYns1XfH1BCAQ /22p3n/A1UrL6DM3bjU2DERUSE+68cz0bF8/esUEycETTdu/r7BHibHqlg== -----END CERTIFICATE-----Generated at Sat Apr 5 08:27:32 2025 by rpki-client