$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/Zy2_ijF9MhZWSCBZGdXW5qEx600.roa File: Zy2_ijF9MhZWSCBZGdXW5qEx600.roa (raw, json) Hash identifier: A3hsZLa/W8GcuMM4ZW9yurYGaKSxRAvk2xvJmdxH6J4= Subject key identifier: 67:2D:BF:8A:31:7D:32:16:56:48:20:59:19:D5:D6:E6:A1:31:EB:4D Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CD6 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/Zy2_ijF9MhZWSCBZGdXW5qEx600.roa Signing time: Thu 02 Jan 2025 15:30:24 +0000 ROA not before: Thu 02 Jan 2025 15:30:24 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 101.126.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7382 (0x1cd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 15:30:24 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=672DBF8A317D32165648205919D5D6E6A131EB4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ff:8a:ed:ad:d3:f0:d6:ec:15:bb:38:e8:b7: a0:f0:a8:32:6b:7c:96:d8:44:b7:4c:56:b2:c3:ee: 3b:27:c8:b0:f4:0e:02:cb:db:94:33:5f:1b:cb:f8: 9f:35:75:fb:7b:d1:23:cc:42:f1:21:4c:63:3a:c5: d1:e2:6f:37:28:03:0d:d5:e8:5a:20:57:29:de:5b: f9:d8:74:cb:19:84:7d:2e:c1:c1:7a:fb:b5:55:9d: 26:e0:55:04:71:63:65:38:63:d1:45:fb:21:bf:7d: 6b:f2:3d:8c:7c:ed:59:00:ca:d8:c3:65:2c:74:a6: 0b:84:ca:c4:db:a9:f5:d7:9a:17:f7:b8:ab:56:a0: bd:c4:51:3e:a9:ee:84:96:8f:b7:f4:74:f5:1b:6c: 8c:16:56:b0:6b:c4:d8:5a:da:90:28:62:4c:e2:3a: 2c:ea:1f:48:91:08:4c:3a:b1:ae:42:38:77:2c:97: cc:e1:31:5b:60:29:a6:f4:03:78:6e:df:28:bf:ca: e0:79:1d:c0:34:c8:ac:68:de:87:b8:2e:44:02:23: 4e:76:77:bf:31:ab:0c:45:be:33:20:3e:18:bc:56: 97:90:ce:fc:25:58:44:29:bd:b7:1a:59:5c:70:09: 94:bb:17:7e:b6:62:c7:fd:9f:c9:69:00:1a:b6:dc: f8:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:2D:BF:8A:31:7D:32:16:56:48:20:59:19:D5:D6:E6:A1:31:EB:4D X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/Zy2_ijF9MhZWSCBZGdXW5qEx600.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.126.0.0/16 Signature Algorithm: sha256WithRSAEncryption 65:a2:d6:5b:cc:d9:e8:a0:f2:45:fe:c9:99:d1:df:59:b5:71: 8c:77:d7:df:f7:ad:28:f8:e8:bd:0e:d8:7f:cb:c3:22:a9:c9: de:44:4d:1e:05:e4:b4:15:03:a3:4d:76:79:81:4d:a7:f8:39: c4:89:d9:0a:50:f6:5b:7f:eb:3f:49:fe:8c:02:fc:8c:94:57: ff:5e:05:3f:4e:c4:7c:f3:94:24:6e:2e:1a:af:f4:b3:ec:d2: 1a:c2:77:26:31:d4:1a:e2:6d:2a:be:25:92:3f:1b:dc:7a:b2: 6c:d2:ab:c6:53:05:7d:a7:52:48:2c:1a:ca:75:aa:06:fb:73: dc:35:44:1f:51:15:ef:c2:1b:05:78:a0:43:fd:d0:a3:58:96: b3:d8:50:e8:01:9e:4d:a3:04:76:b3:c2:44:7a:cd:44:2c:aa: 84:01:c9:14:89:07:04:09:cb:c2:4e:e3:09:b7:93:fe:e2:15: b3:1c:e8:fb:d8:c5:77:79:ce:42:a2:c3:88:ef:0e:69:c7:2f: 0a:d0:fc:67:ac:52:6c:89:05:80:6c:af:86:f0:f9:88:94:72: 15:d0:26:6e:19:39:28:61:06:bc:9e:41:38:65:e6:ba:c7:d9: 58:dc:bf:c7:72:f3:2a:91:73:12:cf:9a:a5:ea:e2:63:47:20: 60:32:92:83 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICHNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx NTMwMjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY3MkRCRjhBMzE3RDMy MTY1NjQ4MjA1OTE5RDVENkU2QTEzMUVCNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF/4rtrdPw1uwVuzjot6DwqDJrfJbYRLdMVrLD7jsnyLD0DgLL 25QzXxvL+J81dft70SPMQvEhTGM6xdHibzcoAw3V6FogVyneW/nYdMsZhH0uwcF6 +7VVnSbgVQRxY2U4Y9FF+yG/fWvyPYx87VkAytjDZSx0pguEysTbqfXXmhf3uKtW oL3EUT6p7oSWj7f0dPUbbIwWVrBrxNha2pAoYkziOizqH0iRCEw6sa5COHcsl8zh MVtgKab0A3hu3yi/yuB5HcA0yKxo3oe4LkQCI052d78xqwxFvjMgPhi8VpeQzvwl WEQpvbcaWVxwCZS7F362Ysf9n8lpABq23PipAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUZy2/ijF9MhZWSCBZGdXW5qEx600wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvWnkyX2lqRjlNaFpX U0NCWkdkWFc1cUV4NjAwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAGV+MA0GCSqGSIb3DQEBCwUAA4IBAQBlotZbzNnooPJF/smZ0d9ZtXGMd9ff 960o+Oi9Dth/y8MiqcneRE0eBeS0FQOjTXZ5gU2n+DnEidkKUPZbf+s/Sf6MAvyM lFf/XgU/TsR885Qkbi4ar/Sz7NIawncmMdQa4m0qviWSPxvcerJs0qvGUwV9p1JI LBrKdaoG+3PcNUQfURXvwhsFeKBD/dCjWJaz2FDoAZ5NowR2s8JEes1ELKqEAckU iQcECcvCTuMJt5P+4hWzHOj72MV3ec5CosOI7w5pxy8K0PxnrFJsiQWAbK+G8PmI lHIV0CZuGTkoYQa8nkE4Zea6x9lY3L/HcvMqkXMSz5ql6uJjRyBgMpKD -----END CERTIFICATE-----Generated at Sat Apr 5 07:14:37 2025 by rpki-client