$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/ugLBHAruDo-HLfV3MPDsSLfPrDQ.roa File: ugLBHAruDo-HLfV3MPDsSLfPrDQ.roa (raw, json) Hash identifier: GgpbtMXk+DJHRtZr7NYYV2eywP2kSc/r1HHxxECEh40= Subject key identifier: BA:02:C1:1C:0A:EE:0E:8F:87:2D:F5:77:30:F0:EC:48:B7:CF:AC:34 Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CC3 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/ugLBHAruDo-HLfV3MPDsSLfPrDQ.roa Signing time: Thu 02 Jan 2025 13:58:25 +0000 ROA not before: Thu 02 Jan 2025 13:58:25 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 14.103.80.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7363 (0x1cc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:25 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=BA02C11C0AEE0E8F872DF57730F0EC48B7CFAC34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d2:2c:5e:3a:18:45:2a:bf:36:f7:fc:3c:19: a3:c3:54:f6:63:11:8c:a5:5f:19:ca:86:bc:14:cd: 02:75:bd:3b:a0:8e:45:c9:d0:c9:cc:e8:af:77:c0: 61:fc:15:c7:3c:ec:35:1b:7b:ae:cf:ad:be:66:91: bd:88:ce:07:20:bf:02:02:5c:bc:45:c0:16:0f:14: 10:4c:b1:e0:88:f7:ac:f4:7a:ab:17:72:d7:10:9c: b9:df:6f:b2:c3:20:93:90:55:c7:81:86:8e:63:09: 72:15:04:d8:e0:ff:b2:3d:a4:c1:54:47:1d:56:f7: 87:37:57:0d:7b:c2:ea:3e:65:62:14:9b:a0:e7:85: c2:ca:60:dd:cb:ff:61:f4:8b:15:f5:db:e1:b8:d1: e3:a2:9c:dd:ec:dd:3b:3b:a1:eb:77:a6:97:9d:a2: f7:05:63:c4:dd:c8:35:81:08:40:20:2c:b3:41:92: 1e:4c:87:0e:2e:75:a2:47:47:bf:38:38:7b:1d:01: e9:97:16:c8:2d:bd:b3:30:8e:a5:9e:c9:5c:1c:23: 7c:15:c5:1f:bc:74:09:07:8e:d1:49:cf:5e:bd:2a: 89:38:06:73:3c:b1:96:91:66:e1:0a:03:71:f0:90: 6a:f1:2b:82:78:c8:ce:23:b2:2c:47:63:8d:94:2f: d2:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:02:C1:1C:0A:EE:0E:8F:87:2D:F5:77:30:F0:EC:48:B7:CF:AC:34 X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/ugLBHAruDo-HLfV3MPDsSLfPrDQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 14.103.80.0/21 Signature Algorithm: sha256WithRSAEncryption 7a:a4:ea:4d:86:8c:87:a8:54:98:b4:43:2b:b7:d9:09:bc:47: 85:84:6e:a6:d6:54:a0:9a:01:97:f8:7e:f5:97:87:55:ed:c2: 0f:38:8e:4b:8e:8d:7c:f7:9e:75:56:e6:bf:a3:2f:26:94:2f: 39:52:59:fa:13:be:24:7a:ce:2c:93:82:59:24:af:05:75:39: e7:cb:ab:34:4b:5c:ec:42:78:f5:73:bd:f6:14:fd:78:57:31: fc:7a:bc:f6:b8:cf:cd:44:0f:8f:0e:3d:62:26:3f:c1:01:de: f5:70:62:48:4a:46:60:55:a6:3e:19:b9:27:af:96:3f:06:2f: 49:fd:db:d7:1d:1c:d9:35:96:d7:9a:a1:70:1e:c8:57:01:e3: 6d:9b:67:d7:66:ae:5e:ff:0b:1d:c4:d3:a7:a1:c6:e8:e4:7d: 6f:a8:40:c8:e3:50:61:10:38:b2:94:94:9b:00:04:64:8f:b4: 8e:6f:63:68:d5:da:62:a1:88:9f:49:25:9c:a5:af:aa:cf:fb: 1b:08:17:ca:2e:63:43:b5:f1:f7:d9:cf:7d:7e:f0:7b:02:10: 45:8e:78:30:e5:f8:dd:ae:6d:d6:f1:64:06:6e:f1:14:df:0b: 01:3b:72:c2:11:3f:19:be:1d:1d:ab:e6:0d:ce:c2:fa:aa:76: 48:9a:35:4e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJBMDJDMTFDMEFFRTBF OEY4NzJERjU3NzMwRjBFQzQ4QjdDRkFDMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJ0ixeOhhFKr829/w8GaPDVPZjEYylXxnKhrwUzQJ1vTugjkXJ 0MnM6K93wGH8Fcc87DUbe67Prb5mkb2IzgcgvwICXLxFwBYPFBBMseCI96z0eqsX ctcQnLnfb7LDIJOQVceBho5jCXIVBNjg/7I9pMFURx1W94c3Vw17wuo+ZWIUm6Dn hcLKYN3L/2H0ixX12+G40eOinN3s3Ts7oet3ppedovcFY8TdyDWBCEAgLLNBkh5M hw4udaJHR784OHsdAemXFsgtvbMwjqWeyVwcI3wVxR+8dAkHjtFJz169Kok4BnM8 sZaRZuEKA3HwkGrxK4J4yM4jsixHY42UL9KHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUugLBHAruDo+HLfV3MPDsSLfPrDQwHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvdWdMQkhBcnVEby1I TGZWM01QRHNTTGZQckRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAw5nUDANBgkqhkiG9w0BAQsFAAOCAQEAeqTqTYaMh6hUmLRDK7fZCbxHhYRu ptZUoJoBl/h+9ZeHVe3CDziOS46NfPeedVbmv6MvJpQvOVJZ+hO+JHrOLJOCWSSv BXU558urNEtc7EJ49XO99hT9eFcx/Hq89rjPzUQPjw49YiY/wQHe9XBiSEpGYFWm Phm5J6+WPwYvSf3b1x0c2TWW15qhcB7IVwHjbZtn12auXv8LHcTTp6HG6OR9b6hA yONQYRA4spSUmwAEZI+0jm9jaNXaYqGIn0klnKWvqs/7GwgXyi5jQ7Xx99nPfX7w ewIQRY54MOX43a5t1vFkBm7xFN8LATtywhE/Gb4dHavmDc7C+qp2SJo1Tg== -----END CERTIFICATE-----Generated at Sat Apr 5 07:18:11 2025 by rpki-client