$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/JtKB1_isXD8v87cTzUnRL0snKIM.roa File: JtKB1_isXD8v87cTzUnRL0snKIM.roa (raw, json) Hash identifier: sF0Z6jv11DK/nHpkXBaHyU1Q22agEdMHomvBX7gTDsw= Subject key identifier: 26:D2:81:D7:F8:AC:5C:3F:2F:F3:B7:13:CD:49:D1:2F:4B:27:28:83 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CA8 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/JtKB1_isXD8v87cTzUnRL0snKIM.roa Signing time: Thu 02 Jan 2025 13:58:18 +0000 ROA not before: Thu 02 Jan 2025 13:58:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 180.184.184.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7336 (0x1ca8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:18 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=26D281D7F8AC5C3F2FF3B713CD49D12F4B272883 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:6c:ac:3d:47:d0:5c:a6:30:7a:5f:d2:9c:0a: e7:79:aa:83:42:41:61:7a:25:e0:c1:65:c7:41:b9: 44:bb:0b:fd:31:95:f2:ca:4c:a5:af:71:b4:94:d6: 24:67:39:7c:8a:fc:25:64:13:88:9c:9d:31:3d:46: 19:c6:10:f2:c5:eb:3f:f9:7e:d1:51:2f:1e:5d:70: 33:1f:32:88:e0:50:ff:a7:00:57:dd:d9:d0:28:7d: 68:f1:32:86:c6:d9:f8:5d:47:ee:3c:b9:1d:43:f8: 54:dc:b5:5b:51:19:02:e4:0d:81:88:44:4f:21:21: 1d:19:7f:ba:81:17:61:5b:e1:e2:26:45:80:fb:a2: 0d:1f:58:04:cf:c1:b3:8f:a8:09:5b:bc:3b:82:08: c0:aa:e9:1e:58:e3:f8:e5:d8:a2:c1:81:da:d2:72: ef:0f:a8:03:00:89:bd:b1:03:dd:3b:0b:a8:25:f6: 81:f7:0a:01:b8:a4:cc:59:49:40:8c:c7:cb:23:89: 2f:ab:e3:45:e4:10:46:57:4c:d1:dd:42:be:d8:e7: 57:9c:c3:bb:c2:f2:b9:d4:e1:5e:a8:8e:5d:c2:83: f1:45:fb:55:ae:2b:0c:f0:7f:c3:08:83:f1:ad:af: 4a:aa:0a:53:64:3f:29:13:3a:de:d2:01:39:8b:20: 2d:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:D2:81:D7:F8:AC:5C:3F:2F:F3:B7:13:CD:49:D1:2F:4B:27:28:83 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/JtKB1_isXD8v87cTzUnRL0snKIM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.184.0/22 Signature Algorithm: sha256WithRSAEncryption 07:9d:cd:5f:96:ee:01:a8:7f:bd:53:4a:8c:c3:25:91:ee:5f: c7:69:40:2f:29:ae:6d:0b:64:f8:fd:38:b9:e7:1c:77:7c:d7: 49:4b:d3:58:d0:09:93:e3:8b:dd:84:19:77:e9:c2:18:6a:63: 21:9d:5c:f6:2b:04:cf:6f:0c:43:61:e5:d3:9a:4d:ed:44:8e: 49:c3:4d:0b:62:a7:8c:a5:c3:c1:18:90:4a:dc:cd:8b:b4:68: 41:81:26:23:10:7e:e1:ed:5b:ff:b2:c8:20:7d:4f:88:e6:dd: d9:5b:72:43:61:1f:d3:52:8c:b2:91:63:07:cb:d8:2d:4a:ac: d2:29:f6:62:e5:37:17:28:b8:98:63:28:d4:2b:12:b2:c8:43: b9:6b:d0:38:0a:6b:f8:b9:d5:16:97:29:e4:b8:b2:8a:d1:5d: f1:e1:fe:5d:91:b1:29:1e:7f:0d:20:e1:a2:7b:aa:8b:10:87: 1a:bd:68:94:97:4b:ce:96:f6:80:66:27:25:76:82:30:36:e9: b8:f9:0d:3a:82:9f:03:39:2d:7a:b2:54:4b:05:7f:2a:f4:76: 42:2d:b8:4b:70:4b:7e:88:41:72:49:29:52:1e:49:73:8b:ef: d3:7c:c6:88:fc:5a:61:83:1d:a5:0a:86:01:4f:1f:21:4a:4b: 09:6f:c2:b7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI2RDI4MUQ3RjhBQzVD M0YyRkYzQjcxM0NENDlEMTJGNEIyNzI4ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQbKw9R9BcpjB6X9KcCud5qoNCQWF6JeDBZcdBuUS7C/0xlfLK TKWvcbSU1iRnOXyK/CVkE4icnTE9RhnGEPLF6z/5ftFRLx5dcDMfMojgUP+nAFfd 2dAofWjxMobG2fhdR+48uR1D+FTctVtRGQLkDYGIRE8hIR0Zf7qBF2Fb4eImRYD7 og0fWATPwbOPqAlbvDuCCMCq6R5Y4/jl2KLBgdrScu8PqAMAib2xA907C6gl9oH3 CgG4pMxZSUCMx8sjiS+r40XkEEZXTNHdQr7Y51ecw7vC8rnU4V6ojl3Cg/FF+1Wu Kwzwf8MIg/Gtr0qqClNkPykTOt7SATmLIC3HAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUJtKB1/isXD8v87cTzUnRL0snKIMwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvSnRLQjFfaXNYRDh2 ODdjVHpVblJMMHNuS0lNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArS4uDANBgkqhkiG9w0BAQsFAAOCAQEAB53NX5buAah/vVNKjMMlke5fx2lA LymubQtk+P04ueccd3zXSUvTWNAJk+OL3YQZd+nCGGpjIZ1c9isEz28MQ2Hl05pN 7USOScNNC2KnjKXDwRiQStzNi7RoQYEmIxB+4e1b/7LIIH1PiObd2VtyQ2Ef01KM spFjB8vYLUqs0in2YuU3Fyi4mGMo1CsSsshDuWvQOApr+LnVFpcp5LiyitFd8eH+ XZGxKR5/DSDhonuqixCHGr1olJdLzpb2gGYnJXaCMDbpuPkNOoKfAzkterJUSwV/ KvR2Qi24S3BLfohBckkpUh5Jc4vv03zGiPxaYYMdpQqGAU8fIUpLCW/Ctw== -----END CERTIFICATE-----Generated at Sat Apr 5 07:14:48 2025 by rpki-client