$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/PyaDEUX3UYK68uji1PH0NrhGA4w.roa File: PyaDEUX3UYK68uji1PH0NrhGA4w.roa (raw, json) Hash identifier: LP5Ie6DQh3pioVE+jmaE0LWv8jsfKfHNUPTnbydT0QE= Subject key identifier: 3F:26:83:11:45:F7:51:82:BA:F2:E8:E2:D4:F1:F4:36:B8:46:03:8C Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CAA Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/PyaDEUX3UYK68uji1PH0NrhGA4w.roa Signing time: Thu 02 Jan 2025 13:58:19 +0000 ROA not before: Thu 02 Jan 2025 13:58:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 14.103.32.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7338 (0x1caa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:19 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3F26831145F75182BAF2E8E2D4F1F436B846038C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:91:59:86:8d:6f:04:ca:4d:27:3d:ba:e2:ee: 24:ba:be:21:c5:49:dd:d4:4c:62:48:07:ae:47:cc: c1:e9:53:f9:8b:28:68:77:fe:dd:9b:61:ea:90:9c: d3:ac:e0:8d:a1:52:64:46:8b:f0:18:2f:bc:ae:ab: d1:36:b1:7a:39:8b:3a:e1:50:83:95:85:01:ea:84: 1e:7b:ae:a3:41:c5:d4:83:0a:52:fb:28:09:0a:64: b8:bd:03:a7:04:7d:45:16:95:91:f3:17:04:c1:9e: 5c:86:68:05:1b:4a:ff:f5:d9:3d:e4:4a:8d:45:7e: 56:db:20:16:6e:d0:d3:f2:83:44:2c:5f:50:92:ad: 8c:d7:c3:ee:83:2e:7f:87:b4:a9:d9:75:6d:13:3c: e0:d3:7a:45:e0:e2:d0:dd:de:da:70:ac:71:bb:77: d2:23:62:e9:3e:4d:c9:25:15:ef:87:b5:69:ed:6a: 70:7b:d2:27:d1:af:69:27:68:9e:05:76:66:12:af: bc:cf:51:7d:36:95:bc:18:39:fe:d4:dd:87:fb:38: 52:df:2d:c3:e4:ec:19:6e:aa:19:da:9b:55:c5:63: 3f:57:8e:54:cc:e5:2e:5b:89:49:e5:6b:8f:a9:f1: 8b:a1:f5:bb:1c:41:9d:21:14:29:4c:fe:3d:eb:c0: 1e:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:26:83:11:45:F7:51:82:BA:F2:E8:E2:D4:F1:F4:36:B8:46:03:8C X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/PyaDEUX3UYK68uji1PH0NrhGA4w.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.32.0/21 Signature Algorithm: sha256WithRSAEncryption 04:a5:ca:c9:b9:a1:a9:7f:da:f4:bc:54:52:14:90:73:59:91: 72:8d:39:b6:99:13:67:88:bf:14:92:ef:29:39:e0:27:e5:08: 89:7f:13:b1:a2:04:90:7b:12:a2:76:fd:34:fd:0b:f7:c6:a9: aa:ab:81:a0:0e:16:1e:f2:f3:cf:6f:ab:ff:aa:84:26:5e:ad: d8:94:4c:e5:f4:fa:6b:f3:a1:7b:a6:29:16:c5:93:b8:c6:36: 7c:57:69:92:de:8c:cf:bb:7c:4e:41:9e:7d:1d:fe:94:21:da: cf:ae:d2:55:a9:ec:be:3f:f2:13:a8:cd:ad:4e:03:6a:a5:43: 9e:58:77:60:4d:0a:d1:a9:b3:12:41:c0:85:fa:22:5b:9c:2f: 2e:18:3d:0b:73:4d:f2:aa:01:16:24:82:f6:06:38:4a:36:99: 94:10:53:41:42:96:c0:f7:ac:5f:45:04:d5:3b:d1:d6:01:8c: ab:9f:3a:77:eb:53:bc:0c:4f:89:ae:56:cf:4c:87:03:a2:95: 9e:45:62:14:4e:c1:54:91:6b:d1:9a:30:d9:92:15:7e:87:47: a5:e7:f5:73:29:c8:bf:20:6d:d1:62:27:e3:db:b0:f4:b2:d7: 76:51:8b:a8:50:71:de:0e:d4:ec:57:46:c8:b9:be:51:27:a7: c4:cf:f1:87 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNGMjY4MzExNDVGNzUx ODJCQUYyRThFMkQ0RjFGNDM2Qjg0NjAzOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqkVmGjW8Eyk0nPbri7iS6viHFSd3UTGJIB65HzMHpU/mLKGh3 /t2bYeqQnNOs4I2hUmRGi/AYL7yuq9E2sXo5izrhUIOVhQHqhB57rqNBxdSDClL7 KAkKZLi9A6cEfUUWlZHzFwTBnlyGaAUbSv/12T3kSo1FflbbIBZu0NPyg0QsX1CS rYzXw+6DLn+HtKnZdW0TPODTekXg4tDd3tpwrHG7d9IjYuk+TcklFe+HtWntanB7 0ifRr2knaJ4FdmYSr7zPUX02lbwYOf7U3Yf7OFLfLcPk7Bluqhnam1XFYz9XjlTM 5S5biUnla4+p8Yuh9bscQZ0hFClM/j3rwB7RAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUPyaDEUX3UYK68uji1PH0NrhGA4wwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvUHlhREVVWDNVWUs2 OHVqaTFQSDBOcmhHQTR3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nIDANBgkqhkiG9w0BAQsFAAOCAQEABKXKybmhqX/a9LxUUhSQc1mRco05 tpkTZ4i/FJLvKTngJ+UIiX8TsaIEkHsSonb9NP0L98apqquBoA4WHvLzz2+r/6qE Jl6t2JRM5fT6a/Ohe6YpFsWTuMY2fFdpkt6Mz7t8TkGefR3+lCHaz67SVansvj/y E6jNrU4DaqVDnlh3YE0K0amzEkHAhfoiW5wvLhg9C3NN8qoBFiSC9gY4SjaZlBBT QUKWwPesX0UE1TvR1gGMq586d+tTvAxPia5Wz0yHA6KVnkViFE7BVJFr0Zow2ZIV fodHpef1cynIvyBt0WIn49uw9LLXdlGLqFBx3g7U7FdGyLm+USenxM/xhw== -----END CERTIFICATE-----Generated at Sat Apr 5 07:19:42 2025 by rpki-client