$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/eQrSBdvHvcAd3uNF5zItMbln6eM.roa File: eQrSBdvHvcAd3uNF5zItMbln6eM.roa (raw, json) Hash identifier: u05z8aH+OJPUjgdWyhQdVbYLiuu1IsqL2sKsvq3njnU= Subject key identifier: 79:0A:D2:05:DB:C7:BD:C0:1D:DE:E3:45:E7:32:2D:31:B9:67:E9:E3 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CCD Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/eQrSBdvHvcAd3uNF5zItMbln6eM.roa Signing time: Thu 02 Jan 2025 13:58:28 +0000 ROA not before: Thu 02 Jan 2025 13:58:28 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 14.103.40.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7373 (0x1ccd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:28 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=790AD205DBC7BDC01DDEE345E7322D31B967E9E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1e:47:b1:db:dd:0e:28:af:f9:0a:a5:ca:c2: ca:a2:f9:1e:fc:30:55:8e:c2:86:13:70:de:d0:02: 3f:38:58:f1:9c:8b:a4:a4:ba:ff:dc:d4:fc:38:51: 4a:33:bb:a7:a4:24:a5:a9:29:86:8e:da:0f:98:86: de:f2:61:ed:2a:72:62:be:83:ad:14:26:c2:f1:88: 78:a6:fb:92:1d:bd:61:49:6d:23:ac:bb:d6:de:2c: e5:d0:0a:c1:a4:e7:5c:e9:c6:0b:c0:37:ad:3d:1b: db:7e:25:1f:b8:57:a6:5a:be:49:0f:d0:69:6f:57: b7:66:61:b9:92:cd:b6:62:fb:16:ba:cc:8c:31:b1: 8f:ce:aa:93:74:c2:dd:24:18:80:31:bc:64:c9:b5: 6c:7f:60:94:e2:25:1b:28:37:73:ce:20:b6:2c:8f: f5:a4:49:d9:f5:87:45:3e:57:f6:67:30:1d:2f:20: d7:7a:c4:81:4b:ba:3c:47:b0:ef:f8:6d:25:d5:a7: 87:11:d3:dd:d3:17:c9:69:a2:ef:6c:f2:bb:95:5a: c8:4f:ae:59:18:7d:2a:ce:a8:13:5f:cc:8b:72:24: 14:76:e6:b4:24:75:ef:98:98:41:8e:12:5d:81:cc: 34:9b:17:6a:a3:98:b6:0c:73:26:86:40:f3:d2:e4: 05:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:0A:D2:05:DB:C7:BD:C0:1D:DE:E3:45:E7:32:2D:31:B9:67:E9:E3 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/eQrSBdvHvcAd3uNF5zItMbln6eM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.40.0/21 Signature Algorithm: sha256WithRSAEncryption c5:1b:86:66:3a:eb:83:5a:eb:61:e8:d3:5e:d1:3f:2e:2f:f3: f8:ce:91:2f:ee:1e:bf:ce:70:2d:59:99:e8:e0:98:55:63:30: 17:71:0a:10:ec:58:3d:de:c8:6e:f4:a9:9a:c2:24:46:29:40: 66:9b:40:10:1a:64:2d:00:d7:10:ef:2e:1c:bd:8a:3e:6d:a6: ed:3f:22:0d:ba:e6:59:7d:a5:24:ad:98:20:bf:a6:79:0f:f9: 4b:61:1a:d3:ea:71:6c:61:7f:ac:8a:0f:ea:98:5e:9c:2e:4e: 25:58:37:1c:40:d9:56:41:1a:0d:83:7c:e1:6d:49:5c:0b:a3: 23:21:68:d5:7b:2f:8c:2e:76:c8:05:39:90:03:8e:7c:b1:57: 1c:1b:6d:cb:ac:d9:48:76:00:02:9d:14:54:f6:b4:95:96:23: c0:19:d2:22:67:38:b8:4b:ae:53:75:47:05:34:91:9b:bd:58: d1:24:71:cd:0d:dc:66:a7:a4:5f:0e:fc:d7:da:86:66:ce:45: 75:b0:72:aa:04:84:b3:2c:75:31:5a:d9:11:8b:ec:c1:cb:2f: e2:59:5b:f9:25:bb:ee:f4:0b:68:2d:a2:86:4c:de:8e:50:8c: 11:fc:8f:65:95:96:42:3d:c6:31:25:98:61:9b:45:36:d7:7b: ae:0a:eb:1a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc5MEFEMjA1REJDN0JE QzAxRERFRTM0NUU3MzIyRDMxQjk2N0U5RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOHkex290OKK/5CqXKwsqi+R78MFWOwoYTcN7QAj84WPGci6Sk uv/c1Pw4UUozu6ekJKWpKYaO2g+Yht7yYe0qcmK+g60UJsLxiHim+5IdvWFJbSOs u9beLOXQCsGk51zpxgvAN609G9t+JR+4V6ZavkkP0GlvV7dmYbmSzbZi+xa6zIwx sY/OqpN0wt0kGIAxvGTJtWx/YJTiJRsoN3POILYsj/WkSdn1h0U+V/ZnMB0vINd6 xIFLujxHsO/4bSXVp4cR093TF8lpou9s8ruVWshPrlkYfSrOqBNfzItyJBR25rQk de+YmEGOEl2BzDSbF2qjmLYMcyaGQPPS5AW1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUeQrSBdvHvcAd3uNF5zItMbln6eMwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvZVFyU0Jkdkh2Y0Fk M3VORjV6SXRNYmxuNmVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nKDANBgkqhkiG9w0BAQsFAAOCAQEAxRuGZjrrg1rrYejTXtE/Li/z+M6R L+4ev85wLVmZ6OCYVWMwF3EKEOxYPd7IbvSpmsIkRilAZptAEBpkLQDXEO8uHL2K Pm2m7T8iDbrmWX2lJK2YIL+meQ/5S2Ea0+pxbGF/rIoP6phenC5OJVg3HEDZVkEa DYN84W1JXAujIyFo1XsvjC52yAU5kAOOfLFXHBtty6zZSHYAAp0UVPa0lZYjwBnS Imc4uEuuU3VHBTSRm71Y0SRxzQ3cZqekXw7819qGZs5FdbByqgSEsyx1MVrZEYvs wcsv4llb+SW77vQLaC2ihkzejlCMEfyPZZWWQj3GMSWYYZtFNtd7rgrrGg== -----END CERTIFICATE-----Generated at Sat Apr 5 07:23:04 2025 by rpki-client