$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/jPyeujDdJLCsm8RQz3fhynOJ3D0.roa File: jPyeujDdJLCsm8RQz3fhynOJ3D0.roa (raw, json) Hash identifier: XWwJH3zM4vubFmY1hasr3Tyn8xtTljuoY8sZoWagBkk= Subject key identifier: 8C:FC:9E:BA:30:DD:24:B0:AC:9B:C4:50:CF:77:E1:CA:73:89:DC:3D Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CAE Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/jPyeujDdJLCsm8RQz3fhynOJ3D0.roa Signing time: Thu 02 Jan 2025 13:58:20 +0000 ROA not before: Thu 02 Jan 2025 13:58:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 14.103.96.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7342 (0x1cae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:20 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8CFC9EBA30DD24B0AC9BC450CF77E1CA7389DC3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:02:b5:ad:2a:e6:1c:3a:30:bb:31:10:df:63: 3e:f8:c5:de:49:a4:ca:e5:ac:de:2f:bc:f9:d6:f0: 2f:91:8e:be:74:a3:37:b8:fb:fe:fa:cd:11:cc:c5: c6:97:67:c7:89:a0:cf:fb:e5:39:d6:36:cd:e4:26: 29:e8:ae:39:0f:30:d9:45:dc:7c:c5:24:a9:3d:d2: 29:b1:95:0f:30:95:8d:db:a6:ba:11:da:77:98:e0: cf:a2:2b:21:ed:d9:c4:2f:04:49:37:7d:ce:6d:f9: 83:6e:49:27:6f:04:01:8f:48:34:e9:7a:04:fa:90: d9:ec:a2:25:ea:5d:ec:40:d5:f9:cd:f1:28:ab:54: 04:71:a3:db:ef:70:6c:a7:c5:30:5b:47:44:c8:7c: 36:23:86:89:35:be:c0:26:47:84:49:51:95:b4:59: c9:a1:57:87:a6:a3:78:af:4a:bb:1b:4a:93:f2:3f: 7c:a9:d9:48:49:11:60:ab:18:81:19:ba:2f:55:73: 0a:e2:b5:df:fa:93:82:fd:51:48:d1:7f:90:50:0f: fc:50:0a:33:50:39:d9:ab:c9:c4:13:40:cc:53:4c: df:2d:92:af:ec:cd:3c:cb:63:41:8f:34:34:e0:23: ab:c9:cd:e9:2a:3c:7f:3f:15:b7:69:17:12:b5:4e: cb:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:FC:9E:BA:30:DD:24:B0:AC:9B:C4:50:CF:77:E1:CA:73:89:DC:3D X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/jPyeujDdJLCsm8RQz3fhynOJ3D0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.96.0/21 Signature Algorithm: sha256WithRSAEncryption 9e:e3:50:16:dc:12:d2:d4:5f:96:c9:14:1e:71:18:6b:30:23: ea:3a:49:9a:e2:30:66:6d:9b:8d:a4:72:e8:b0:95:1c:5f:a5: 70:35:52:bc:08:3b:89:11:fb:bc:25:7e:f2:11:bc:81:18:cd: b6:41:27:6b:6c:2e:30:ad:ab:93:17:8d:f7:fd:9c:89:fb:56: bb:e9:1b:d0:e6:5c:8f:53:ca:eb:2a:0a:cd:3f:59:88:dd:ba: 93:40:1d:07:93:4d:cd:8b:d4:8b:95:f9:90:12:3d:38:31:fb: 55:31:52:fb:f9:ba:f4:60:e2:7d:c9:1e:78:e2:04:14:0e:a7: 63:ef:55:08:51:ad:c3:9e:e0:60:89:a2:26:c5:93:1c:a3:16: fb:2e:0d:ce:0c:4f:58:b4:fc:e4:06:ff:58:6f:22:f0:2d:f2: fc:60:47:3e:ea:c9:1b:e8:1f:78:36:d1:c7:1b:01:8e:5d:39: 91:1a:63:d8:6b:59:a0:60:44:c6:88:9c:4d:ba:91:a1:6b:93: 80:e7:71:24:9c:61:de:1f:63:7d:4b:49:b1:f2:67:b0:d0:84: 8f:35:fd:62:23:ad:07:7b:09:e6:88:90:1f:45:cc:16:8e:d3: a2:3f:27:af:70:ac:92:3b:8e:78:92:e8:18:b5:3d:37:97:b7: 2d:c0:ef:53 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHK4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhDRkM5RUJBMzBERDI0 QjBBQzlCQzQ1MENGNzdFMUNBNzM4OURDM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOArWtKuYcOjC7MRDfYz74xd5JpMrlrN4vvPnW8C+Rjr50oze4 +/76zRHMxcaXZ8eJoM/75TnWNs3kJinorjkPMNlF3HzFJKk90imxlQ8wlY3bproR 2neY4M+iKyHt2cQvBEk3fc5t+YNuSSdvBAGPSDTpegT6kNnsoiXqXexA1fnN8Sir VARxo9vvcGynxTBbR0TIfDYjhok1vsAmR4RJUZW0WcmhV4emo3ivSrsbSpPyP3yp 2UhJEWCrGIEZui9Vcwritd/6k4L9UUjRf5BQD/xQCjNQOdmrycQTQMxTTN8tkq/s zTzLY0GPNDTgI6vJzekqPH8/FbdpFxK1TstbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUjPyeujDdJLCsm8RQz3fhynOJ3D0wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvalB5ZXVqRGRKTENz bThSUXozZmh5bk9KM0QwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nYDANBgkqhkiG9w0BAQsFAAOCAQEAnuNQFtwS0tRflskUHnEYazAj6jpJ muIwZm2bjaRy6LCVHF+lcDVSvAg7iRH7vCV+8hG8gRjNtkEna2wuMK2rkxeN9/2c iftWu+kb0OZcj1PK6yoKzT9ZiN26k0AdB5NNzYvUi5X5kBI9ODH7VTFS+/m69GDi fckeeOIEFA6nY+9VCFGtw57gYImiJsWTHKMW+y4NzgxPWLT85Ab/WG8i8C3y/GBH PurJG+gfeDbRxxsBjl05kRpj2GtZoGBExoicTbqRoWuTgOdxJJxh3h9jfUtJsfJn sNCEjzX9YiOtB3sJ5oiQH0XMFo7Toj8nr3CskjuOeJLoGLU9N5e3LcDvUw== -----END CERTIFICATE-----Generated at Sat Apr 5 07:10:40 2025 by rpki-client