$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/xwiKXyfZT7rcFyVbef0xEvxGtIs.roa File: xwiKXyfZT7rcFyVbef0xEvxGtIs.roa (raw, json) Hash identifier: ch/yLdyqsy7u+6k7xBc39ccMtqVoHeMr4eHlczum8QU= Subject key identifier: C7:08:8A:5F:27:D9:4F:BA:DC:17:25:5B:79:FD:31:12:FC:46:B4:8B Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CD1 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/xwiKXyfZT7rcFyVbef0xEvxGtIs.roa Signing time: Thu 02 Jan 2025 13:58:30 +0000 ROA not before: Thu 02 Jan 2025 13:58:30 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4811 IP address blocks: 115.190.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 07:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7377 (0x1cd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:30 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C7088A5F27D94FBADC17255B79FD3112FC46B48B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d5:a4:80:d7:9f:8c:70:7d:a2:7d:b1:bc:f0: ad:2d:51:99:40:99:3d:30:0d:4d:d4:b4:d4:82:15: 35:5f:bc:8a:c0:18:e6:f1:32:db:89:dd:53:4c:9a: ce:0a:07:e1:60:68:cb:5b:73:fd:fc:2d:68:d1:9a: fa:72:30:b3:b1:af:4c:ba:b8:4e:42:07:a8:e6:d1: 46:9f:54:b4:8a:57:a8:0f:f0:9f:1c:ca:22:3f:87: a4:bf:4c:f3:da:9b:2a:47:fc:6a:87:d9:e8:12:11: 4f:80:60:3d:b4:3d:07:63:1f:7f:ab:a0:bf:82:e3: 70:04:07:09:1a:fe:71:7e:31:32:4c:dc:55:c8:d1: 2b:4a:04:11:52:de:5c:a0:56:19:f8:51:21:7b:46: 84:02:d2:aa:19:2c:d7:0f:d1:63:dd:e5:2f:13:be: 03:37:27:0f:b6:8b:15:42:07:ca:14:59:9a:81:1b: 52:6d:bd:de:97:c8:59:c7:a6:b0:b5:fc:06:98:7f: f4:4f:ad:bd:91:d0:1d:e9:2f:9c:d9:a7:d3:d3:0c: 72:f5:c6:28:e9:c4:3e:64:df:4b:8b:ba:91:9e:2c: 8f:ee:ef:58:d2:ff:da:d3:16:29:fd:01:01:ed:c9: ca:50:f8:c3:e3:ce:19:b2:5f:94:fe:08:6c:e9:14: 18:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:08:8A:5F:27:D9:4F:BA:DC:17:25:5B:79:FD:31:12:FC:46:B4:8B X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/xwiKXyfZT7rcFyVbef0xEvxGtIs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.190.0.0/15 Signature Algorithm: sha256WithRSAEncryption 58:11:d1:cd:a0:50:46:61:02:be:9f:71:da:1f:f0:d8:f4:2d: bf:fb:6c:61:f2:f5:f8:f7:c1:66:58:3a:8c:91:86:f3:8e:31: 31:ca:9a:c0:c7:2a:a1:fe:61:2b:65:43:af:aa:f5:9f:fd:fa: c7:59:ed:81:00:14:8f:9a:5a:82:4b:dd:9d:d1:97:f4:37:6d: ef:16:d9:7d:3d:e8:30:5d:4c:e3:cd:5b:0d:50:8c:4a:34:dd: c9:bb:36:5f:ff:be:fe:38:35:0d:f9:b9:cf:37:2c:ac:0a:e3: 63:65:9c:60:ce:4c:41:a8:97:3b:ce:d3:8d:26:af:67:f0:25: d9:ab:94:cb:12:a1:fe:52:d3:f8:b0:58:5e:45:8b:d2:ac:e3: 4f:88:ff:2e:ea:f9:d3:c2:fc:b2:e0:42:f3:72:20:42:c7:cd: bf:62:a1:f6:8f:d7:e8:e9:f9:ac:f9:98:1e:3a:29:54:44:c0: 49:e8:c2:5d:44:31:13:a2:0c:28:9e:6c:82:4b:f4:72:6f:a3: 9b:ac:ec:94:23:04:ab:44:69:ae:8a:d1:48:ec:f0:41:01:b1: 92:81:45:8b:bd:4a:5b:40:2c:51:94:2d:e4:4e:3d:e8:cd:5a: 0c:55:11:e7:be:61:f4:b3:e9:8a:d8:cd:d4:bf:85:c0:92:e6: 0d:cc:2f:9e -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICHNEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MzBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM3MDg4QTVGMjdEOTRG QkFEQzE3MjU1Qjc5RkQzMTEyRkM0NkI0OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDA1aSA15+McH2ifbG88K0tUZlAmT0wDU3UtNSCFTVfvIrAGObx MtuJ3VNMms4KB+FgaMtbc/38LWjRmvpyMLOxr0y6uE5CB6jm0UafVLSKV6gP8J8c yiI/h6S/TPPamypH/GqH2egSEU+AYD20PQdjH3+roL+C43AEBwka/nF+MTJM3FXI 0StKBBFS3lygVhn4USF7RoQC0qoZLNcP0WPd5S8TvgM3Jw+2ixVCB8oUWZqBG1Jt vd6XyFnHprC1/AaYf/RPrb2R0B3pL5zZp9PTDHL1xijpxD5k30uLupGeLI/u71jS /9rTFin9AQHtycpQ+MPjzhmyX5T+CGzpFBjhAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUxwiKXyfZT7rcFyVbef0xEvxGtIswHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQveHdpS1h5ZlpUN3Jj RnlWYmVmMHhFdnhHdElzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAXO+MA0GCSqGSIb3DQEBCwUAA4IBAQBYEdHNoFBGYQK+n3HaH/DY9C2/+2xh 8vX498FmWDqMkYbzjjExyprAxyqh/mErZUOvqvWf/frHWe2BABSPmlqCS92d0Zf0 N23vFtl9PegwXUzjzVsNUIxKNN3JuzZf/77+ODUN+bnPNyysCuNjZZxgzkxBqJc7 ztONJq9n8CXZq5TLEqH+UtP4sFheRYvSrONPiP8u6vnTwvyy4ELzciBCx82/YqH2 j9fo6fms+ZgeOilURMBJ6MJdRDETogwonmyCS/Ryb6ObrOyUIwSrRGmuitFI7PBB AbGSgUWLvUpbQCxRlC3kTj3ozVoMVRHnvmH0s+mK2M3Uv4XAkuYNzC+e -----END CERTIFICATE-----Generated at Sat Apr 5 07:10:40 2025 by rpki-client