$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/wyyhYmhsRlOedYv8Pp8ptWluHEs.roa File: wyyhYmhsRlOedYv8Pp8ptWluHEs.roa (raw, json) Hash identifier: SV/9o/A+bqrb9GxRr+S83K6dIdxMimol1vcqw9oOuYA= Subject key identifier: C3:2C:A1:62:68:6C:46:53:9E:75:8B:FC:3E:9F:29:B5:69:6E:1C:4B Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CAF Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/wyyhYmhsRlOedYv8Pp8ptWluHEs.roa Signing time: Thu 02 Jan 2025 13:58:20 +0000 ROA not before: Thu 02 Jan 2025 13:58:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 23724 IP address blocks: 180.184.24.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 10:39:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7343 (0x1caf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:20 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C32CA162686C46539E758BFC3E9F29B5696E1C4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ef:3e:69:ae:bd:5c:d2:fc:14:16:ee:99:0a: 32:2a:dd:92:7a:39:e1:ca:63:6e:1f:13:21:ac:9a: b3:ae:e3:05:0f:8d:b8:73:15:54:db:49:1a:38:68: 0c:ef:ec:66:b8:0f:0a:65:ab:d8:ce:c5:2a:13:fc: 10:0f:83:07:74:09:21:c6:7a:21:ad:e9:e4:78:eb: 9e:b5:86:ac:63:67:5d:b8:83:35:b0:36:e5:0f:57: a8:d7:2b:52:d9:b6:e4:a8:f4:11:2b:e6:75:a0:ce: 44:7f:55:03:98:9a:b6:42:52:2b:54:87:c8:2c:7f: 65:0a:0b:18:fb:4a:13:1d:8e:9f:f5:90:cc:d4:c1: 03:24:b1:8d:61:13:7b:d4:be:8b:cd:ed:79:d5:f7: bb:a3:c9:d1:4b:be:6f:f2:df:c8:f3:73:27:6b:7f: 8b:05:66:d5:de:e2:30:16:2a:cf:76:af:93:88:7d: ce:be:11:b7:a5:f4:c0:e3:90:99:63:bd:b5:c1:a0: 26:6e:3a:6d:1f:ea:fe:63:7c:37:a7:13:b7:d7:64: c7:7f:7c:1a:db:02:d0:f5:52:bb:53:9e:4c:93:01: 6f:d6:46:4a:80:38:ae:53:ac:b2:71:55:57:1f:df: a7:28:0c:e9:be:b1:a1:b2:fc:5d:3a:d3:52:83:fb: 51:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:2C:A1:62:68:6C:46:53:9E:75:8B:FC:3E:9F:29:B5:69:6E:1C:4B X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/wyyhYmhsRlOedYv8Pp8ptWluHEs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.184.24.0/21 Signature Algorithm: sha256WithRSAEncryption 94:1c:6a:a4:72:6c:ef:2d:89:df:58:94:94:3b:a1:d1:ad:9c: 38:e1:c4:97:a8:a7:cc:2a:1d:3c:67:e3:64:02:72:08:47:34: 47:a3:28:cc:92:1f:ee:2f:ed:be:a8:6c:db:99:52:73:39:d3: bc:00:08:a7:bb:1c:3b:3b:cc:5f:d1:ed:a8:a5:f8:4c:33:91: 36:0d:a8:0d:62:e4:94:ed:f4:be:b0:08:12:65:32:cc:35:a8: 48:44:8b:df:ba:1a:f9:74:b6:f9:4a:81:f1:23:62:06:12:75: d7:99:1c:4b:52:1c:6e:11:90:16:01:28:73:48:f6:42:c7:b4: 6f:81:e8:29:0f:b9:80:aa:a1:1f:12:c8:df:33:54:d1:52:a8: 4b:1e:41:ab:fa:87:73:93:b1:58:13:79:30:0e:14:7b:d8:e6: 6d:ed:3f:ed:a7:98:49:6e:6b:05:84:1e:fa:78:d2:b7:8f:0d: 0c:46:05:cc:8a:54:a5:40:87:12:38:66:9e:b9:9e:8e:49:9f: f4:84:bc:e5:67:41:5f:60:39:52:bd:af:f6:4f:1a:f3:c7:68: 45:88:b0:aa:6a:74:0a:85:ee:71:48:e5:df:95:bc:e0:7a:36: 41:41:ca:71:67:47:b1:07:8e:b8:6b:9d:d9:c1:c4:81:e1:06: d6:aa:ee:8d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEMzMkNBMTYyNjg2QzQ2 NTM5RTc1OEJGQzNFOUYyOUI1Njk2RTFDNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF7z5prr1c0vwUFu6ZCjIq3ZJ6OeHKY24fEyGsmrOu4wUPjbhz FVTbSRo4aAzv7Ga4Dwplq9jOxSoT/BAPgwd0CSHGeiGt6eR46561hqxjZ124gzWw NuUPV6jXK1LZtuSo9BEr5nWgzkR/VQOYmrZCUitUh8gsf2UKCxj7ShMdjp/1kMzU wQMksY1hE3vUvovN7XnV97ujydFLvm/y38jzcydrf4sFZtXe4jAWKs92r5OIfc6+ Ebel9MDjkJljvbXBoCZuOm0f6v5jfDenE7fXZMd/fBrbAtD1UrtTnkyTAW/WRkqA OK5TrLJxVVcf36coDOm+saGy/F0601KD+1GLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUwyyhYmhsRlOedYv8Pp8ptWluHEswHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvd3l5aFltaHNSbE9l ZFl2OFBwOHB0V2x1SEVzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7S4GDANBgkqhkiG9w0BAQsFAAOCAQEAlBxqpHJs7y2J31iUlDuh0a2cOOHE l6inzCodPGfjZAJyCEc0R6MozJIf7i/tvqhs25lScznTvAAIp7scOzvMX9HtqKX4 TDORNg2oDWLklO30vrAIEmUyzDWoSESL37oa+XS2+UqB8SNiBhJ115kcS1IcbhGQ FgEoc0j2Qse0b4HoKQ+5gKqhHxLI3zNU0VKoSx5Bq/qHc5OxWBN5MA4Ue9jmbe0/ 7aeYSW5rBYQe+njSt48NDEYFzIpUpUCHEjhmnrmejkmf9IS85WdBX2A5Ur2v9k8a 88doRYiwqmp0CoXucUjl35W84Ho2QUHKcWdHsQeOuGud2cHEgeEG1qrujQ== -----END CERTIFICATE-----Generated at Sat Apr 5 08:14:19 2025 by rpki-client