$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/iKhz5lKomsG5jbv73xkgcfLdy0U.roa File: iKhz5lKomsG5jbv73xkgcfLdy0U.roa (raw, json) Hash identifier: FYii//NbVRPfcseMrH0o9NKWHE/w0D1zp9HrGhWhTco= Subject key identifier: 88:A8:73:E6:52:A8:9A:C1:B9:8D:BB:FB:DF:19:20:71:F2:DD:CB:45 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CCB Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/iKhz5lKomsG5jbv73xkgcfLdy0U.roa Signing time: Thu 02 Jan 2025 13:58:28 +0000 ROA not before: Thu 02 Jan 2025 13:58:28 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 180.184.176.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7371 (0x1ccb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:28 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=88A873E652A89AC1B98DBBFBDF192071F2DDCB45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:17:87:95:ed:e5:52:3c:b0:ea:cc:f7:8f:40: 2c:a2:22:eb:d7:25:49:1e:3f:80:4c:25:50:ed:07: 6a:b5:d5:a3:92:da:31:46:69:9b:35:36:78:08:50: d6:0f:d1:5f:2b:ac:d2:f3:d6:02:c0:18:ad:92:2c: e6:d2:91:18:65:76:86:7f:e2:fa:65:a5:83:11:64: 97:36:66:d7:48:01:76:4f:71:62:8b:89:80:b7:d7: 1a:68:da:01:e5:2e:3c:45:19:7f:bb:27:3e:e1:d0: 70:17:16:e9:a5:28:c5:61:73:e9:12:56:79:1d:9b: ba:68:19:80:e1:c6:d2:6e:2e:f4:2c:06:e1:07:24: e9:a1:c7:fa:28:32:6e:44:fc:c3:6b:70:bd:34:d8: 03:3a:22:85:e4:4e:8e:a6:f4:9d:4a:cb:53:05:9f: e5:da:c6:40:39:f5:0b:eb:86:6b:03:d0:f4:35:a2: 3f:3b:37:33:29:4d:fe:3a:31:56:93:74:54:51:11: 5a:30:96:4e:bc:8f:ec:76:5b:1c:02:b6:2d:19:ea: ad:51:95:50:2b:5c:ac:e2:f3:dd:25:6d:38:ac:f8: 7a:82:06:08:37:dd:7c:b5:df:45:d6:08:01:43:18: a2:b0:4c:c3:c8:03:de:ee:d0:38:4a:03:1b:e5:be: ba:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:A8:73:E6:52:A8:9A:C1:B9:8D:BB:FB:DF:19:20:71:F2:DD:CB:45 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/iKhz5lKomsG5jbv73xkgcfLdy0U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.176.0/21 Signature Algorithm: sha256WithRSAEncryption 5b:1b:0b:d3:60:58:a9:57:0e:80:91:21:32:d2:c9:2e:25:02: 12:7c:a5:06:8b:14:23:7e:9b:51:27:87:56:b6:f1:23:77:2b: a7:ad:c1:c8:14:82:cd:eb:47:b4:5b:90:20:48:e9:61:63:c4: ea:6f:4b:ee:5d:7a:37:5b:36:9c:60:e8:a2:9c:2b:67:64:f9: d5:85:b2:21:15:86:b1:ba:49:68:2c:cc:0f:95:79:2b:d0:f3: 27:39:32:ea:93:82:d4:2e:fe:9c:d2:48:ef:fd:98:04:2b:08: c7:c9:29:bc:3e:66:b6:52:3a:c4:74:94:23:b0:09:f3:9d:2c: ed:bd:07:c2:f7:58:f7:57:2a:73:22:0b:11:73:e5:c2:59:61: 2e:a5:fa:5b:49:7c:2e:a6:e0:65:21:ad:56:2a:87:ce:7f:00: b8:8b:2c:4f:8e:f4:75:c1:c0:00:51:5a:e7:7d:0f:a9:1d:de: 61:79:c5:97:69:aa:35:db:aa:5b:60:ec:f9:39:e9:85:7d:ad: 74:f1:a7:09:51:12:ac:56:b2:06:2c:39:0b:c1:f9:c6:54:d4: 44:13:89:95:3d:26:a5:ba:13:b1:c8:c7:06:1b:e2:eb:2f:65: a3:5d:49:65:ea:0a:b2:1f:72:b4:de:67:f9:d5:34:09:40:bf: f0:cf:59:67 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHMswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg4QTg3M0U2NTJBODlB QzFCOThEQkJGQkRGMTkyMDcxRjJERENCNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqF4eV7eVSPLDqzPePQCyiIuvXJUkeP4BMJVDtB2q11aOS2jFG aZs1NngIUNYP0V8rrNLz1gLAGK2SLObSkRhldoZ/4vplpYMRZJc2ZtdIAXZPcWKL iYC31xpo2gHlLjxFGX+7Jz7h0HAXFumlKMVhc+kSVnkdm7poGYDhxtJuLvQsBuEH JOmhx/ooMm5E/MNrcL002AM6IoXkTo6m9J1Ky1MFn+XaxkA59QvrhmsD0PQ1oj87 NzMpTf46MVaTdFRREVowlk68j+x2WxwCti0Z6q1RlVArXKzi890lbTis+HqCBgg3 3Xy130XWCAFDGKKwTMPIA97u0DhKAxvlvro5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUiKhz5lKomsG5jbv73xkgcfLdy0UwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvaUtoejVsS29tc0c1 amJ2NzN4a2djZkxkeTBVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4sDANBgkqhkiG9w0BAQsFAAOCAQEAWxsL02BYqVcOgJEhMtLJLiUCEnyl BosUI36bUSeHVrbxI3crp63ByBSCzetHtFuQIEjpYWPE6m9L7l16N1s2nGDoopwr Z2T51YWyIRWGsbpJaCzMD5V5K9DzJzky6pOC1C7+nNJI7/2YBCsIx8kpvD5mtlI6 xHSUI7AJ850s7b0HwvdY91cqcyILEXPlwllhLqX6W0l8LqbgZSGtViqHzn8AuIss T470dcHAAFFa530PqR3eYXnFl2mqNduqW2Ds+TnphX2tdPGnCVESrFayBiw5C8H5 xlTURBOJlT0mpboTscjHBhvi6y9lo11JZeoKsh9ytN5n+dU0CUC/8M9ZZw== -----END CERTIFICATE-----Generated at Sat Apr 5 07:24:24 2025 by rpki-client