$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/2HOU41wf-RNx3ns6fUrUfDuRc6U.roa File: 2HOU41wf-RNx3ns6fUrUfDuRc6U.roa (raw, json) Hash identifier: b3lr36MN4jCPuHOJb0pCCMEylOVXJG558DXiQogiClM= Subject key identifier: D8:73:94:E3:5C:1F:F9:13:71:DE:7B:3A:7D:4A:D4:7C:3B:91:73:A5 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 195A Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/2HOU41wf-RNx3ns6fUrUfDuRc6U.roa Signing time: Fri 17 Jan 2025 01:23:49 +0000 ROA not before: Fri 17 Jan 2025 01:23:49 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4812 IP address blocks: 103.169.50.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:11:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6490 (0x195a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jan 17 01:23:49 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D87394E35C1FF91371DE7B3A7D4AD47C3B9173A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:25:56:e3:90:1d:5a:9c:b0:11:9a:42:0a:2d: ca:17:3f:19:29:3c:94:e4:ce:44:c2:6d:3d:69:f6: 70:31:dc:76:62:a7:f2:53:97:eb:ae:a3:af:b5:4b: 31:9e:7a:b0:ca:20:51:47:f7:01:18:b6:3e:2a:c7: c7:86:32:d1:80:51:07:70:88:8f:d9:ae:0f:07:63: e1:3e:84:ee:24:e6:07:69:36:8c:dc:1d:bc:4f:63: fe:6f:a4:5c:76:bb:e4:5c:2a:d7:75:3f:9a:48:5b: 1d:26:3f:05:e5:5c:cf:62:d6:47:13:2d:ea:1c:6e: 42:e1:85:44:33:83:5c:e9:4c:0b:cb:9c:66:e7:02: ac:c3:30:6b:22:41:57:ad:4e:a5:bd:20:8d:40:0d: cc:b9:16:a9:53:5f:39:b7:8e:1c:22:74:65:03:a4: f7:79:bb:c7:f7:89:33:e4:c3:ef:56:e1:86:66:1c: ff:1f:90:18:86:73:90:80:28:2e:e4:ad:de:d5:09: 65:78:c9:c4:6e:ea:78:80:7b:04:50:3f:94:02:8e: 8f:4e:bb:f2:13:5f:bd:1b:da:14:de:91:f5:de:78: ea:c6:f2:06:db:b2:b2:25:98:0b:39:68:5c:46:ed: 02:99:98:d2:51:b3:e5:cb:75:87:a2:29:57:be:50: a8:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:73:94:E3:5C:1F:F9:13:71:DE:7B:3A:7D:4A:D4:7C:3B:91:73:A5 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/2HOU41wf-RNx3ns6fUrUfDuRc6U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.169.50.0/23 Signature Algorithm: sha256WithRSAEncryption b0:e3:1d:19:b5:99:c3:4c:e4:80:41:8e:3d:ae:f9:9f:60:81: 22:e5:6f:53:4d:f1:5b:18:80:2b:94:cd:1e:48:c3:af:ab:28: d4:84:80:7d:9b:43:7c:ac:20:ef:a7:ca:8e:c9:9f:93:c2:d5: 24:bb:d1:c7:ad:76:99:ee:41:fc:bb:ef:20:a8:d9:90:32:96: 2d:2f:ef:64:33:d0:9a:1d:21:2d:91:1c:c0:49:95:73:17:1b: 60:19:38:8d:fd:25:09:d8:42:e7:5c:8d:2d:7e:2d:fb:cb:b1: 2c:61:bb:bf:98:2d:24:a4:f7:4b:ea:c4:d4:54:8d:45:18:59: 0b:45:cf:1b:39:4b:b7:84:3c:33:69:b6:d9:41:85:a1:1e:99: fe:0f:bb:b0:ec:29:4e:f5:4d:5e:b3:a4:27:4f:05:e6:78:34: e8:6f:93:a8:ad:78:51:ec:ed:d9:ad:1d:81:aa:30:6a:fe:67: 93:cf:7b:4f:45:78:8e:69:87:24:f5:96:f7:f6:c5:2e:e5:78: 08:ae:6c:74:78:58:d2:25:5c:48:f9:5d:78:65:a6:82:4d:9a: e1:7e:89:ee:60:8f:c3:03:0a:8e:ca:23:56:af:bc:89:3f:04: 11:e9:79:c5:b5:5c:f2:b1:a5:81:54:e4:d3:3d:25:2f:b8:5f: 8f:48:75:6d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTAxMTcw MTIzNDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ4NzM5NEUzNUMxRkY5 MTM3MURFN0IzQTdENEFENDdDM0I5MTczQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOJVbjkB1anLARmkIKLcoXPxkpPJTkzkTCbT1p9nAx3HZip/JT l+uuo6+1SzGeerDKIFFH9wEYtj4qx8eGMtGAUQdwiI/Zrg8HY+E+hO4k5gdpNozc HbxPY/5vpFx2u+RcKtd1P5pIWx0mPwXlXM9i1kcTLeocbkLhhUQzg1zpTAvLnGbn AqzDMGsiQVetTqW9II1ADcy5FqlTXzm3jhwidGUDpPd5u8f3iTPkw+9W4YZmHP8f kBiGc5CAKC7krd7VCWV4ycRu6niAewRQP5QCjo9Ou/ITX70b2hTekfXeeOrG8gbb srIlmAs5aFxG7QKZmNJRs+XLdYeiKVe+UKhxAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2HOU41wf+RNx3ns6fUrUfDuRc6UwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvMkhPVTQxd2YtUk54 M25zNmZVclVmRHVSYzZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWepMjANBgkqhkiG9w0BAQsFAAOCAQEAsOMdGbWZw0zkgEGOPa75n2CBIuVv U03xWxiAK5TNHkjDr6so1ISAfZtDfKwg76fKjsmfk8LVJLvRx612me5B/LvvIKjZ kDKWLS/vZDPQmh0hLZEcwEmVcxcbYBk4jf0lCdhC51yNLX4t+8uxLGG7v5gtJKT3 S+rE1FSNRRhZC0XPGzlLt4Q8M2m22UGFoR6Z/g+7sOwpTvVNXrOkJ08F5ng06G+T qK14Uezt2a0dgaowav5nk897T0V4jmmHJPWW9/bFLuV4CK5sdHhY0iVcSPldeGWm gk2a4X6J7mCPwwMKjsojVq+8iT8EEel5xbVc8rGlgVTk0z0lL7hfj0h1bQ== -----END CERTIFICATE-----Generated at Fri Jun 6 17:34:12 2025 by rpki-client