$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/knG3g1GBFXMV_TCfnvLJ-72k9xI.roa File: knG3g1GBFXMV_TCfnvLJ-72k9xI.roa (raw, json) Hash identifier: 20FUjDsJjI6NZ5IC1Ulzav0e2+9fm/A9tSSH6goKlB0= Subject key identifier: 92:71:B7:83:51:81:15:73:15:FD:30:9F:9E:F2:C9:FB:BD:A4:F7:12 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CD8 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/knG3g1GBFXMV_TCfnvLJ-72k9xI.roa Signing time: Thu 02 Jan 2025 15:56:53 +0000 ROA not before: Thu 02 Jan 2025 15:56:53 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 180.184.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7384 (0x1cd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 15:56:53 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9271B7835181157315FD309F9EF2C9FBBDA4F712 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c7:08:f1:e9:90:c0:64:8e:08:7a:26:ac:d9: 4e:b9:28:12:73:e7:30:dc:1b:82:86:c7:ff:20:47: 11:d0:d1:51:76:f2:d1:58:9f:f5:a5:42:52:1c:1f: be:aa:8b:00:24:dc:38:a1:46:9e:c5:a6:f0:f6:bb: b9:ab:92:c0:57:fd:ee:25:fb:18:ab:a5:6a:80:e1: 9b:4b:7f:66:4d:ba:e1:10:a3:eb:41:92:33:b0:d1: 5a:7b:56:d3:4e:6a:63:a5:4f:44:23:49:33:84:8f: f6:10:79:dc:90:81:58:7b:86:d1:54:18:fb:e5:1f: 94:a4:73:03:66:62:12:74:31:67:1e:83:9d:83:20: 20:8b:ac:6e:7e:6a:5b:77:0d:c7:1a:7f:1b:62:22: b2:24:ee:75:7f:1f:d8:93:99:55:de:95:f7:e0:1f: 06:62:95:39:b1:24:fb:75:c8:cb:1b:98:2f:7d:35: a7:8c:01:a4:72:71:42:45:44:36:ec:d4:3e:e4:b2: ce:75:cb:3f:80:a1:88:a7:a4:8d:1f:16:19:8c:52: 72:0d:7b:da:ca:91:c7:7d:25:21:75:88:d3:53:69: 45:1c:67:df:23:a7:6c:4d:c7:ba:5d:dd:d3:a5:45: 41:63:83:0e:87:61:97:99:e2:8b:fb:be:7a:99:26: d0:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:71:B7:83:51:81:15:73:15:FD:30:9F:9E:F2:C9:FB:BD:A4:F7:12 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/knG3g1GBFXMV_TCfnvLJ-72k9xI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.0.0/16 Signature Algorithm: sha256WithRSAEncryption 5c:34:46:28:d6:31:f5:5b:20:e6:69:59:e8:35:3b:88:03:95: 3a:c3:ee:3a:4e:1d:55:db:89:b7:b1:c8:1f:aa:9e:3e:c6:5f: 1a:6b:05:75:52:82:ac:c5:94:ab:ca:e4:f4:64:76:b0:4f:b2: 1b:c2:01:87:82:b5:08:bf:05:84:b5:cf:9e:1b:96:a1:34:69: c0:14:ce:5b:ed:8b:ef:17:2c:52:21:98:69:c4:69:86:c1:60: 86:0e:ad:d4:72:ab:4a:9f:b1:a7:76:79:50:54:fd:8e:3a:64: a3:57:c2:2d:37:0b:6d:68:d4:26:08:f1:46:61:be:90:88:67: 1c:e1:e7:e9:f0:46:f3:70:19:f0:c8:b9:ed:ee:75:ce:00:40: 34:97:dc:a6:31:b3:41:64:f4:d1:f1:fd:6c:de:4d:91:62:ce: 87:d8:4b:0d:4e:a0:79:44:1e:57:92:13:ea:ec:19:02:93:eb: 01:8c:a8:f8:98:39:79:9c:a0:03:6e:7b:ba:b9:83:3f:4e:c4: d3:e3:f3:77:24:3d:39:52:f1:5e:c1:a4:41:ff:c1:dc:cf:71: 04:97:83:c5:4a:a1:f3:7a:fa:93:c8:9b:b3:04:cb:0d:d1:e8: 09:70:87:db:b9:ed:76:3f:77:ae:04:b9:5c:45:97:d4:7f:75: 39:36:98:ec -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICHNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx NTU2NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkyNzFCNzgzNTE4MTE1 NzMxNUZEMzA5RjlFRjJDOUZCQkRBNEY3MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIxwjx6ZDAZI4Ieias2U65KBJz5zDcG4KGx/8gRxHQ0VF28tFY n/WlQlIcH76qiwAk3DihRp7FpvD2u7mrksBX/e4l+xirpWqA4ZtLf2ZNuuEQo+tB kjOw0Vp7VtNOamOlT0QjSTOEj/YQedyQgVh7htFUGPvlH5SkcwNmYhJ0MWceg52D ICCLrG5+alt3DccafxtiIrIk7nV/H9iTmVXelffgHwZilTmxJPt1yMsbmC99NaeM AaRycUJFRDbs1D7kss51yz+AoYinpI0fFhmMUnINe9rKkcd9JSF1iNNTaUUcZ98j p2xNx7pd3dOlRUFjgw6HYZeZ4ov7vnqZJtB3AgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUknG3g1GBFXMV/TCfnvLJ+72k9xIwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQva25HM2cxR0JGWE1W X1RDZm52TEotNzJrOXhJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDALS4MA0GCSqGSIb3DQEBCwUAA4IBAQBcNEYo1jH1WyDmaVnoNTuIA5U6w+46 Th1V24m3scgfqp4+xl8aawV1UoKsxZSryuT0ZHawT7IbwgGHgrUIvwWEtc+eG5ah NGnAFM5b7YvvFyxSIZhpxGmGwWCGDq3UcqtKn7GndnlQVP2OOmSjV8ItNwttaNQm CPFGYb6QiGcc4efp8EbzcBnwyLnt7nXOAEA0l9ymMbNBZPTR8f1s3k2RYs6H2EsN TqB5RB5XkhPq7BkCk+sBjKj4mDl5nKADbnu6uYM/TsTT4/N3JD05UvFewaRB/8Hc z3EEl4PFSqHzevqTyJuzBMsN0egJcIfbue12P3euBLlcRZfUf3U5Npjs -----END CERTIFICATE-----Generated at Sat Apr 5 07:22:53 2025 by rpki-client