$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/T70JM1dsEdyEagg2AiRA_INIVBQ.roa File: T70JM1dsEdyEagg2AiRA_INIVBQ.roa (raw, json) Hash identifier: MYiNG1aRIKGA8T4VpvslE4c9z9Bl3IPVFFEV/sDOVYI= Subject key identifier: 4F:BD:09:33:57:6C:11:DC:84:6A:08:36:02:24:40:FC:83:48:54:14 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CB2 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/T70JM1dsEdyEagg2AiRA_INIVBQ.roa Signing time: Thu 02 Jan 2025 13:58:21 +0000 ROA not before: Thu 02 Jan 2025 13:58:21 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 23724 IP address blocks: 180.184.56.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 10:39:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7346 (0x1cb2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:21 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4FBD0933576C11DC846A0836022440FC83485414 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:5b:57:57:93:0c:59:37:1f:20:65:d1:5b:5e: c9:d0:a9:4c:d0:2b:83:18:86:96:7b:72:c2:4c:b1: bd:24:c9:36:49:4f:e7:07:9c:4c:1c:18:70:cf:2b: 80:94:e8:f6:83:44:ae:76:5d:8b:ef:c6:90:63:0c: f5:2a:35:33:be:30:2b:a6:f1:20:64:95:32:76:5b: 16:e5:82:46:77:07:34:e7:f8:3c:83:47:a0:33:9c: 26:01:cf:9b:c2:49:20:d0:dc:25:1f:9f:fd:e3:e3: 97:3c:ee:c9:7d:7c:a8:19:be:47:e7:45:52:58:af: 9f:f2:08:c1:a1:47:2a:29:95:e1:33:cc:10:3e:63: 27:44:90:72:22:bf:94:4c:10:58:dc:51:95:ad:05: 4d:d4:b3:2f:64:b5:c1:38:c4:17:cf:05:cc:d2:c8: eb:6f:ec:40:b1:ff:57:98:b6:50:56:75:a2:dd:51: 74:54:ba:37:9c:5d:f7:ff:1d:1f:01:19:cd:cf:49: de:04:02:1d:22:03:b5:48:7b:2f:0c:70:07:35:8b: 6c:7d:a3:73:6a:a5:26:5e:ce:aa:31:2f:dc:64:5e: fe:2a:95:2a:80:b8:f2:fd:7c:19:f2:33:dc:c7:20: a5:6a:8c:62:42:6a:86:8e:00:c1:eb:05:29:15:8d: ff:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:BD:09:33:57:6C:11:DC:84:6A:08:36:02:24:40:FC:83:48:54:14 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/T70JM1dsEdyEagg2AiRA_INIVBQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.56.0/21 Signature Algorithm: sha256WithRSAEncryption 95:0f:83:b0:6f:94:95:b9:fc:4f:1c:e0:48:66:b3:f7:8b:e8: 3c:e8:03:46:9d:bf:dc:03:98:46:11:18:58:50:17:f8:69:4d: 82:b5:fe:9c:9c:71:56:9c:58:86:68:cc:d8:0a:25:10:61:63: 84:82:f0:bf:c9:3c:5f:14:9f:b7:aa:ab:6b:28:7a:7f:c5:0e: 65:2f:9a:02:1c:5d:67:bc:95:52:0c:e8:e1:82:8d:79:12:b6: 22:f7:ce:a3:2a:34:1d:87:d8:0d:74:39:52:29:7b:77:b1:52: 18:d5:af:f4:bd:12:b8:7a:03:2b:b3:56:3c:05:5a:90:bf:63: d2:2d:0d:56:e7:ff:57:f6:35:b7:28:a1:22:04:04:99:20:a1: ed:31:42:6a:5c:b8:d3:a1:b0:3a:b1:76:b4:8f:97:40:be:7c: 80:9d:17:a6:59:c5:5a:d7:b4:4e:e4:fb:1b:02:75:a5:4a:7d: 18:1c:e9:91:d4:29:ae:cf:9d:29:81:88:f0:0f:69:d6:e0:82: bc:3c:ed:8a:96:23:20:f9:bc:09:be:23:9a:0b:c1:f3:3d:b8: 5d:36:b8:07:49:31:77:3e:4d:07:c4:d4:49:0f:52:f6:65:f0: fa:ef:33:b8:84:1c:52:63:e0:d2:9f:c0:e4:ab:dd:59:df:ee: cf:7e:75:73 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHLIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRGQkQwOTMzNTc2QzEx REM4NDZBMDgzNjAyMjQ0MEZDODM0ODU0MTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLW1dXkwxZNx8gZdFbXsnQqUzQK4MYhpZ7csJMsb0kyTZJT+cH nEwcGHDPK4CU6PaDRK52XYvvxpBjDPUqNTO+MCum8SBklTJ2WxblgkZ3BzTn+DyD R6AznCYBz5vCSSDQ3CUfn/3j45c87sl9fKgZvkfnRVJYr5/yCMGhRyopleEzzBA+ YydEkHIiv5RMEFjcUZWtBU3Usy9ktcE4xBfPBczSyOtv7ECx/1eYtlBWdaLdUXRU ujecXff/HR8BGc3PSd4EAh0iA7VIey8McAc1i2x9o3NqpSZezqoxL9xkXv4qlSqA uPL9fBnyM9zHIKVqjGJCaoaOAMHrBSkVjf9rAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUT70JM1dsEdyEagg2AiRA/INIVBQwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvVDcwSk0xZHNFZHlF YWdnMkFpUkFfSU5JVkJRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4ODANBgkqhkiG9w0BAQsFAAOCAQEAlQ+DsG+Ulbn8TxzgSGaz94voPOgD Rp2/3AOYRhEYWFAX+GlNgrX+nJxxVpxYhmjM2AolEGFjhILwv8k8XxSft6qrayh6 f8UOZS+aAhxdZ7yVUgzo4YKNeRK2IvfOoyo0HYfYDXQ5Uil7d7FSGNWv9L0SuHoD K7NWPAVakL9j0i0NVuf/V/Y1tyihIgQEmSCh7TFCaly406GwOrF2tI+XQL58gJ0X plnFWte0TuT7GwJ1pUp9GBzpkdQprs+dKYGI8A9p1uCCvDztipYjIPm8Cb4jmgvB 8z24XTa4B0kxdz5NB8TUSQ9S9mXw+u8zuIQcUmPg0p/A5KvdWd/uz351cw== -----END CERTIFICATE-----Generated at Sat Apr 5 08:25:07 2025 by rpki-client