$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/C4ExfFzXWxPGshzIAqdKqUCvSzo.roa File: C4ExfFzXWxPGshzIAqdKqUCvSzo.roa (raw, json) Hash identifier: GCkCVHTJ7uNuKPQsyUDKfw5IVDHC25E8+kopHfPQs+M= Subject key identifier: 0B:81:31:7C:5C:D7:5B:13:C6:B2:1C:C8:02:A7:4A:A9:40:AF:4B:3A Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CCA Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/C4ExfFzXWxPGshzIAqdKqUCvSzo.roa Signing time: Thu 02 Jan 2025 13:58:27 +0000 ROA not before: Thu 02 Jan 2025 13:58:27 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 14.103.8.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7370 (0x1cca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:27 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0B81317C5CD75B13C6B21CC802A74AA940AF4B3A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:69:13:b4:a5:42:e8:8e:20:2a:63:23:15:4b: 41:1d:d7:10:f5:b4:13:e5:46:c5:73:d7:51:3c:f0: d6:11:26:2a:ce:ff:25:85:14:8c:ae:3c:f0:25:32: 48:54:3c:7d:f7:44:96:42:9f:74:1b:93:41:d5:44: 66:13:db:dc:c3:4f:ef:47:32:d2:e3:0e:6b:94:be: 82:2f:0f:97:d5:51:9c:56:17:d0:bb:76:63:ee:35: 17:f5:81:62:6a:ed:fc:a8:67:e7:ca:d9:c5:23:87: ec:03:ff:f8:fe:84:1a:b6:d9:42:6c:fc:ce:8c:29: b7:bf:83:9d:b1:15:2b:d5:74:fd:5c:a1:ac:b3:54: d8:84:2c:a0:ae:82:a1:d4:5f:56:bb:10:8a:fe:20: 16:a8:30:1d:fd:4b:50:d4:7c:a3:ad:3d:98:93:b4: 74:4d:33:c6:63:fc:a2:3a:99:e5:1b:4e:97:b7:08: 28:71:19:74:c9:c1:e0:e9:bb:27:e3:7b:a3:c7:67: 96:64:3f:3b:b7:12:0f:3f:f3:ac:fb:2e:ab:a1:64: aa:93:52:40:49:6d:79:39:9c:e7:44:19:01:8a:6e: c1:ad:8f:4f:c5:fc:e1:30:f9:b5:c4:08:12:37:34: 62:a3:20:7c:0a:35:0b:b2:33:96:9b:91:8b:7d:3b: 8f:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:81:31:7C:5C:D7:5B:13:C6:B2:1C:C8:02:A7:4A:A9:40:AF:4B:3A X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/C4ExfFzXWxPGshzIAqdKqUCvSzo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.8.0/21 Signature Algorithm: sha256WithRSAEncryption 10:32:8c:20:cf:63:05:40:c2:48:f4:1e:5e:13:00:e1:4b:ea: 4d:b0:12:2e:b6:c6:a8:e7:15:fa:e6:5f:d6:49:5c:fe:7e:7e: 1e:7f:fe:bc:7e:ef:e4:db:d2:b4:4a:04:f5:15:bf:02:ab:bd: 82:5d:c3:3c:20:64:f8:e8:6a:0e:0d:f9:6f:07:b1:5b:d0:61: a5:17:3a:02:de:bf:79:a2:fd:69:0c:5f:48:21:be:2c:59:48: 8c:ad:c1:3e:08:ae:c9:7d:f3:bb:c1:32:a9:f4:a0:a9:2d:e6: 78:fd:bf:a0:15:a4:8a:35:b2:4f:a0:9a:9d:d2:97:f7:dc:dc: b2:1b:77:dd:cf:8b:e3:d6:44:a2:e4:c3:bd:57:71:aa:20:45: 18:2d:93:d1:d6:a2:3a:57:4d:63:ac:ab:53:f1:4a:9a:43:b4: 4e:50:f5:bc:df:57:95:e7:d0:a2:75:70:d3:28:ad:1c:db:54: 32:e6:51:9d:a4:10:20:97:b0:aa:bb:1b:2a:c5:f0:19:2c:81: 97:6e:a0:b3:a2:0b:59:38:f1:83:d1:0c:3a:8d:eb:39:d0:03: 91:08:f4:f3:2b:d0:2a:78:9a:b1:2b:c9:91:7a:42:4a:58:8e: f4:23:2a:ce:43:fd:d8:72:2e:87:38:4a:22:e2:f1:a5:20:d0: 6d:01:ec:ce -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHMowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBCODEzMTdDNUNENzVC MTNDNkIyMUNDODAyQTc0QUE5NDBBRjRCM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCnaRO0pULojiAqYyMVS0Ed1xD1tBPlRsVz11E88NYRJirO/yWF FIyuPPAlMkhUPH33RJZCn3Qbk0HVRGYT29zDT+9HMtLjDmuUvoIvD5fVUZxWF9C7 dmPuNRf1gWJq7fyoZ+fK2cUjh+wD//j+hBq22UJs/M6MKbe/g52xFSvVdP1coayz VNiELKCugqHUX1a7EIr+IBaoMB39S1DUfKOtPZiTtHRNM8Zj/KI6meUbTpe3CChx GXTJweDpuyfje6PHZ5ZkPzu3Eg8/86z7LquhZKqTUkBJbXk5nOdEGQGKbsGtj0/F /OEw+bXECBI3NGKjIHwKNQuyM5abkYt9O49hAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUC4ExfFzXWxPGshzIAqdKqUCvSzowHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvQzRFeGZGelhXeFBH c2h6SUFxZEtxVUN2U3pvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nCDANBgkqhkiG9w0BAQsFAAOCAQEAEDKMIM9jBUDCSPQeXhMA4UvqTbAS LrbGqOcV+uZf1klc/n5+Hn/+vH7v5NvStEoE9RW/Aqu9gl3DPCBk+OhqDg35bwex W9BhpRc6At6/eaL9aQxfSCG+LFlIjK3BPgiuyX3zu8EyqfSgqS3meP2/oBWkijWy T6CandKX99zcsht33c+L49ZEouTDvVdxqiBFGC2T0daiOldNY6yrU/FKmkO0TlD1 vN9XlefQonVw0yitHNtUMuZRnaQQIJewqrsbKsXwGSyBl26gs6ILWTjxg9EMOo3r OdADkQj08yvQKniasSvJkXpCSliO9CMqzkP92HIuhzhKIuLxpSDQbQHszg== -----END CERTIFICATE-----Generated at Sat Apr 5 07:24:24 2025 by rpki-client