$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/XNKoyejBViRIgL87tCmEKS9Uxok.roa File: XNKoyejBViRIgL87tCmEKS9Uxok.roa (raw, json) Hash identifier: IcGDguJle7febbgIlB/Wm+o1KMQy6OkBxwY3Xu5KP7o= Subject key identifier: 5C:D2:A8:C9:E8:C1:56:24:48:80:BF:3B:B4:29:84:29:2F:54:C6:89 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CA6 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/XNKoyejBViRIgL87tCmEKS9Uxok.roa Signing time: Thu 02 Jan 2025 13:58:17 +0000 ROA not before: Thu 02 Jan 2025 13:58:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 14.103.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7334 (0x1ca6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:17 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5CD2A8C9E8C156244880BF3BB42984292F54C689 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:fb:0a:fd:43:1a:a5:48:fd:48:7b:9d:ed:94: c5:97:64:37:99:2e:0a:e1:c4:1c:4f:07:0d:69:ec: 76:1e:94:89:98:62:33:d9:02:79:59:be:2a:be:ec: 81:48:1b:d7:fb:d7:6b:26:ff:7b:3f:ec:66:45:0b: 8a:c6:25:0a:84:d0:33:24:87:df:ab:2e:99:09:a6: e1:8e:b1:76:6a:a5:9b:8d:64:c0:e4:14:c5:aa:69: 9a:98:35:b2:12:91:5f:99:06:cc:fa:fd:bc:f0:2c: 61:58:4b:ce:3b:99:8a:51:0b:04:12:85:c7:05:96: 81:aa:3a:27:77:15:a9:9b:24:4d:16:bf:68:c7:f3: 3b:f9:49:97:4f:97:c2:21:6d:a7:f1:86:31:54:d4: d0:f4:8c:ec:fd:d7:e9:25:bc:c7:20:73:a4:9a:47: 72:e1:f6:c0:ce:59:59:b5:82:cb:4f:7a:cd:d2:05: ad:03:ae:b4:ad:93:28:90:7b:c0:ff:f0:38:bc:72: 51:16:6d:44:57:f7:76:4b:bd:60:6f:95:9d:7c:1f: 7a:35:fe:07:a2:e3:f4:e5:95:61:2a:77:67:cd:94: 36:43:60:80:af:61:c0:0e:e4:84:ac:35:9d:e2:c0: b3:05:52:e1:57:b0:6f:87:3c:92:42:39:82:1a:78: a4:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:D2:A8:C9:E8:C1:56:24:48:80:BF:3B:B4:29:84:29:2F:54:C6:89 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/XNKoyejBViRIgL87tCmEKS9Uxok.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.104.0/21 Signature Algorithm: sha256WithRSAEncryption 8e:35:88:a7:41:b6:4a:8d:9f:90:5d:2a:ef:8d:a3:fa:61:b3: 23:0b:36:46:75:32:ae:db:86:93:51:4f:f0:6e:bf:f5:81:0c: 93:9e:0a:9e:a3:c2:eb:bd:20:18:c6:62:ea:88:2f:da:f8:d3: d8:37:ae:8f:d0:5a:78:8f:e0:83:d8:4b:85:e2:c6:c0:e5:9a: 6c:60:50:c7:7e:46:4e:05:fc:b1:87:9c:2f:f4:ec:9d:ca:e6: d9:92:2e:97:d5:b0:7a:a0:dc:4f:e6:21:71:17:97:f5:6b:5a: 5a:d6:06:de:c4:8e:f4:d3:c7:c0:0e:39:b3:6e:5c:bd:59:2a: 8f:2c:e1:c6:4d:37:8f:1b:10:b1:d0:d2:cf:53:b6:bb:f7:41: 04:eb:0b:7e:32:8a:dc:64:57:2f:5d:c5:02:c2:b6:95:0f:23: 59:30:60:b1:24:bc:53:0c:39:2c:75:b9:2d:8e:d5:3c:30:94: fc:56:8d:89:db:bb:9c:ea:ef:6f:25:97:cf:40:36:74:15:c0: 69:41:d4:ab:d2:aa:bd:ed:30:c1:e3:46:8c:f1:5f:fb:b5:4a: a5:9c:5e:50:1e:dd:3a:94:ed:df:68:fc:47:6c:67:5e:9c:f4: fd:59:cb:b7:61:2b:c0:6c:0b:aa:bf:2c:77:28:f6:13:b9:f4: 69:c5:60:03 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVDRDJBOEM5RThDMTU2 MjQ0ODgwQkYzQkI0Mjk4NDI5MkY1NEM2ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDi+wr9QxqlSP1Ie53tlMWXZDeZLgrhxBxPBw1p7HYelImYYjPZ AnlZviq+7IFIG9f712sm/3s/7GZFC4rGJQqE0DMkh9+rLpkJpuGOsXZqpZuNZMDk FMWqaZqYNbISkV+ZBsz6/bzwLGFYS847mYpRCwQShccFloGqOid3FambJE0Wv2jH 8zv5SZdPl8IhbafxhjFU1ND0jOz91+klvMcgc6SaR3Lh9sDOWVm1gstPes3SBa0D rrStkyiQe8D/8Di8clEWbURX93ZLvWBvlZ18H3o1/gei4/TllWEqd2fNlDZDYICv YcAO5ISsNZ3iwLMFUuFXsG+HPJJCOYIaeKTlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXNKoyejBViRIgL87tCmEKS9UxokwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvWE5Lb3llakJWaVJJ Z0w4N3RDbUVLUzlVeG9rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5naDANBgkqhkiG9w0BAQsFAAOCAQEAjjWIp0G2So2fkF0q742j+mGzIws2 RnUyrtuGk1FP8G6/9YEMk54KnqPC670gGMZi6ogv2vjT2Deuj9BaeI/gg9hLheLG wOWabGBQx35GTgX8sYecL/Tsncrm2ZIul9WweqDcT+YhcReX9WtaWtYG3sSO9NPH wA45s25cvVkqjyzhxk03jxsQsdDSz1O2u/dBBOsLfjKK3GRXL13FAsK2lQ8jWTBg sSS8Uww5LHW5LY7VPDCU/FaNidu7nOrvbyWXz0A2dBXAaUHUq9Kqve0wweNGjPFf +7VKpZxeUB7dOpTt32j8R2xnXpz0/VnLt2ErwGwLqr8sdyj2E7n0acVgAw== -----END CERTIFICATE-----Generated at Sat Apr 5 07:21:28 2025 by rpki-client