$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3072/f7F658GZgwJQmKNjc9IUkRgeQxs.roa File: f7F658GZgwJQmKNjc9IUkRgeQxs.roa (raw, json) Hash identifier: bqTDrEMemYcjj7lU8xTLyr0llJzWuflkz0SiNMGKF6c= Subject key identifier: 7F:B1:7A:E7:C1:99:83:02:50:98:A3:63:73:D2:14:91:18:1E:43:1B Certificate issuer: /CN=C2BFB235F570652A8BCB0416F6FCC4443F658CA1 Certificate serial: 1BD7 Authority key identifier: C2:BF:B2:35:F5:70:65:2A:8B:CB:04:16:F6:FC:C4:44:3F:65:8C:A1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wr-yNfVwZSqLywQW9vzERD9ljKE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/f7F658GZgwJQmKNjc9IUkRgeQxs.roa Signing time: Fri 20 Dec 2024 01:55:06 +0000 ROA not before: Fri 20 Dec 2024 01:55:06 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 58563 IP address blocks: 103.163.180.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/wr-yNfVwZSqLywQW9vzERD9ljKE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/wr-yNfVwZSqLywQW9vzERD9ljKE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wr-yNfVwZSqLywQW9vzERD9ljKE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7127 (0x1bd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C2BFB235F570652A8BCB0416F6FCC4443F658CA1 Validity Not Before: Dec 20 01:55:06 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=7FB17AE7C19983025098A36373D21491181E431B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:37:ec:2e:ab:7d:a4:71:65:ab:00:75:9f:1c: bb:7c:ff:ea:12:37:88:8b:89:b4:85:bb:b4:98:6a: e2:6c:55:4c:be:51:d8:ae:a6:e4:52:38:73:d0:dd: d3:a3:51:ed:3b:d5:9b:a1:6d:86:f4:5a:01:83:e1: 5d:9f:2c:6d:29:eb:c3:00:40:f8:56:05:cd:56:40: ee:b4:ad:0a:08:67:e1:d8:f9:17:c7:02:ce:b6:fe: d3:e9:33:59:4e:4b:6a:32:b8:cb:1d:db:94:76:71: 48:12:89:b7:a2:03:55:bb:aa:d8:c0:be:3a:6d:84: 90:f9:99:11:09:0e:cd:08:32:61:55:c2:c4:4e:14: 32:67:8e:18:b4:b0:56:f1:a3:dc:1c:43:df:1f:81: 91:42:5a:b5:75:92:68:f3:a7:f5:2a:50:85:25:f6: cc:b3:71:8d:da:56:89:77:ce:8e:9f:b1:d1:01:23: ba:44:a6:1d:19:e8:11:4c:5e:c6:bf:35:31:db:ce: e1:9e:82:fb:8c:a6:cb:76:cd:b6:47:8f:74:9a:6d: d0:17:e4:23:0e:c4:f9:ba:e8:39:0c:a9:3a:f3:40: 9f:a3:b3:21:62:2a:ef:c9:c1:6a:89:72:2e:13:0d: 92:54:ba:28:0c:6b:bc:7d:14:28:df:2e:bb:04:e9: 59:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:B1:7A:E7:C1:99:83:02:50:98:A3:63:73:D2:14:91:18:1E:43:1B X509v3 Authority Key Identifier: keyid:C2:BF:B2:35:F5:70:65:2A:8B:CB:04:16:F6:FC:C4:44:3F:65:8C:A1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/wr-yNfVwZSqLywQW9vzERD9ljKE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wr-yNfVwZSqLywQW9vzERD9ljKE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3072/f7F658GZgwJQmKNjc9IUkRgeQxs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.163.180.0/24 Signature Algorithm: sha256WithRSAEncryption 61:0c:8a:3b:7c:98:20:3a:82:45:fa:87:db:35:fd:99:2a:b3: 25:3f:ea:45:32:d8:28:bf:6a:0c:66:f7:75:a2:b3:cf:3e:61: 64:ee:58:86:59:53:6d:6f:64:11:ed:20:fb:99:b0:a0:bb:a7: 3c:f8:dd:b4:ca:2b:d4:88:19:38:ec:e7:90:b6:a4:ea:a7:c6: 73:32:43:f6:5f:d4:f7:53:f0:d6:54:cf:cc:43:3d:3d:7e:f6: a9:ce:bb:26:50:c4:34:e7:98:43:3a:97:8c:4c:ea:ed:04:fc: 47:4c:63:b9:b6:bd:c8:fd:20:96:80:34:9d:75:cc:73:d3:ee: cc:81:16:4e:23:84:ce:0f:6b:20:4a:95:d4:27:92:10:48:b4: 62:ac:3a:70:bc:6e:a8:96:31:d6:b9:e6:73:f2:71:c9:6f:c5: 2a:f0:2a:2e:bd:39:73:f1:a0:31:b9:3d:fb:39:73:75:70:84: 59:a9:7f:20:f1:b7:90:72:de:91:6f:9b:25:e7:7d:86:66:92: b0:d3:4c:76:88:f8:b5:e8:8c:f9:99:04:16:93:f4:87:07:f9: 8c:61:64:3b:cb:d1:ec:84:99:98:87:ac:9c:cf:8c:73:4a:e5: d2:0e:bc:20:12:d1:72:3b:1f:13:fe:d6:87:2d:7e:92:5d:da: 1c:44:df:b1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG9cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzJC RkIyMzVGNTcwNjUyQThCQ0IwNDE2RjZGQ0M0NDQzRjY1OENBMTAeFw0yNDEyMjAw MTU1MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdGQjE3QUU3QzE5OTgz MDI1MDk4QTM2MzczRDIxNDkxMTgxRTQzMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXN+wuq32kcWWrAHWfHLt8/+oSN4iLibSFu7SYauJsVUy+Udiu puRSOHPQ3dOjUe071ZuhbYb0WgGD4V2fLG0p68MAQPhWBc1WQO60rQoIZ+HY+RfH As62/tPpM1lOS2oyuMsd25R2cUgSibeiA1W7qtjAvjpthJD5mREJDs0IMmFVwsRO FDJnjhi0sFbxo9wcQ98fgZFCWrV1kmjzp/UqUIUl9syzcY3aVol3zo6fsdEBI7pE ph0Z6BFMXsa/NTHbzuGegvuMpst2zbZHj3SabdAX5CMOxPm66DkMqTrzQJ+jsyFi Ku/JwWqJci4TDZJUuigMa7x9FCjfLrsE6VkvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUf7F658GZgwJQmKNjc9IUkRgeQxswHwYDVR0jBBgwFoAUwr+yNfVwZSqLywQW 9vzERD9ljKEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3 Mi93ci15TmZWd1pTcUx5d1FXOXZ6RVJEOWxqS0UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dyLXlOZlZ3WlNxTHl3UVc5dnpFUkQ5bGpLRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNzIvZjdGNjU4R1pnd0pR bUtOamM5SVVrUmdlUXhzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGejtDANBgkqhkiG9w0BAQsFAAOCAQEAYQyKO3yYIDqCRfqH2zX9mSqzJT/q RTLYKL9qDGb3daKzzz5hZO5YhllTbW9kEe0g+5mwoLunPPjdtMor1IgZOOznkLak 6qfGczJD9l/U91Pw1lTPzEM9PX72qc67JlDENOeYQzqXjEzq7QT8R0xjuba9yP0g loA0nXXMc9PuzIEWTiOEzg9rIEqV1CeSEEi0Yqw6cLxuqJYx1rnmc/JxyW/FKvAq Lr05c/GgMbk9+zlzdXCEWal/IPG3kHLekW+bJed9hmaSsNNMdoj4teiM+ZkEFpP0 hwf5jGFkO8vR7ISZmIesnM+Mc0rl0g68IBLRcjsfE/7Why1+kl3aHETfsQ== -----END CERTIFICATE-----Generated at Fri Apr 4 18:48:21 2025 by rpki-client