$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/-JpPRPkC50VRFz4L0Zpvt20tRMU.roa File: -JpPRPkC50VRFz4L0Zpvt20tRMU.roa (raw, json) Hash identifier: 9rfih7+QZkLz7OS3dSxR5R1PzFdc2SvO4EOeIqDpxCk= Subject key identifier: F8:9A:4F:44:F9:02:E7:45:51:17:3E:0B:D1:9A:6F:B7:6D:2D:44:C5 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1620 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/-JpPRPkC50VRFz4L0Zpvt20tRMU.roa Signing time: Sun 16 Feb 2025 03:29:01 +0000 ROA not before: Sun 16 Feb 2025 03:29:01 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 10103 IP address blocks: 180.223.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5664 (0x1620) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Feb 16 03:29:01 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=F89A4F44F902E74551173E0BD19A6FB76D2D44C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:00:04:af:de:e6:2f:38:1c:c3:30:48:40:5f: 45:a1:df:33:7a:9f:7d:fd:4a:45:5a:b2:35:a9:b6: ae:77:4a:ac:20:3e:1c:54:20:bf:ed:26:f5:fb:c8: 31:d2:23:50:61:ce:e0:6d:4a:96:b0:80:f5:82:ab: db:e7:42:36:b0:91:61:93:7d:04:f4:a4:37:26:b5: 63:59:fe:b6:47:b7:5f:55:65:a7:9f:b3:ac:dc:38: ca:c6:dd:95:76:83:82:f1:65:f0:15:9e:af:76:94: b0:e3:76:21:fe:8e:3e:a1:3d:ea:47:35:d6:af:1a: 38:57:ac:22:1c:1a:24:a1:ab:cd:9e:45:4a:b4:48: 02:c4:93:6f:c7:4d:a7:71:00:d7:1e:e0:20:b9:aa: 8d:de:ed:8d:5e:f2:08:d3:bc:1a:79:ac:c4:89:3f: 90:c8:34:e7:8f:d6:94:d2:c5:97:5d:7e:25:78:dd: 27:fb:72:d6:8c:84:da:d3:8b:23:f4:cc:36:4b:2f: 52:69:e2:60:9a:11:02:d6:2d:00:8a:55:d5:92:d0: af:f3:cb:2b:e8:54:0a:2f:e6:09:4c:c9:4c:24:19: 40:7a:0c:79:db:ee:90:8f:86:c3:46:7f:28:07:5d: ef:f8:8a:c5:0e:cc:a2:48:bf:ad:c9:30:19:af:b6: 14:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:9A:4F:44:F9:02:E7:45:51:17:3E:0B:D1:9A:6F:B7:6D:2D:44:C5 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/-JpPRPkC50VRFz4L0Zpvt20tRMU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.232.0/21 Signature Algorithm: sha256WithRSAEncryption cf:68:07:e2:59:bb:b9:96:8d:8c:bd:9f:b0:d4:c0:1a:3c:7d: fe:a2:6b:e9:71:66:ac:44:16:70:9b:52:ac:31:41:57:84:2e: 4a:b5:14:73:ab:2b:7d:8f:63:28:cb:64:93:21:03:d2:ae:36: 61:b2:01:84:10:66:d1:b8:5e:5f:46:f2:ac:22:80:d6:1f:bf: 8f:52:d5:59:62:86:2e:9f:74:97:27:bf:73:d4:23:2d:d3:f2: 2f:2a:bd:1f:7c:54:f3:4b:cd:e4:c7:69:e2:c1:11:2f:ab:12: 56:86:b4:eb:2b:f0:8e:77:ce:6a:f5:86:07:9c:b1:89:e8:ba: aa:1d:44:76:0c:44:bd:12:99:c2:6a:c8:1f:7e:0f:ab:06:36: c4:71:82:4a:4d:a0:45:d3:31:72:3d:d7:b4:2f:92:bf:f7:ee: 56:6e:61:d8:8a:51:80:f9:f1:1b:da:e5:08:f8:99:32:d0:02: 2d:78:c1:67:e1:d9:d4:6e:7e:9e:67:09:a2:f4:b5:4b:f9:6e: e5:6c:68:cb:2b:e2:b3:54:e4:a0:74:29:8c:a0:28:99:d4:f2: 07:9f:ec:cf:be:de:96:26:1d:a9:a3:c9:d0:0c:b9:ca:31:ae: e2:7a:7e:ea:71:0e:d2:47:e3:07:45:ad:31:1f:97:bc:91:14: d7:cd:a6:c6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTYw MzI5MDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY4OUE0RjQ0RjkwMkU3 NDU1MTE3M0UwQkQxOUE2RkI3NkQyRDQ0QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjAASv3uYvOBzDMEhAX0Wh3zN6n339SkVasjWptq53SqwgPhxU IL/tJvX7yDHSI1BhzuBtSpawgPWCq9vnQjawkWGTfQT0pDcmtWNZ/rZHt19VZaef s6zcOMrG3ZV2g4LxZfAVnq92lLDjdiH+jj6hPepHNdavGjhXrCIcGiShq82eRUq0 SALEk2/HTadxANce4CC5qo3e7Y1e8gjTvBp5rMSJP5DINOeP1pTSxZddfiV43Sf7 ctaMhNrTiyP0zDZLL1Jp4mCaEQLWLQCKVdWS0K/zyyvoVAov5glMyUwkGUB6DHnb 7pCPhsNGfygHXe/4isUOzKJIv63JMBmvthTlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU+JpPRPkC50VRFz4L0Zpvt20tRMUwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvLUpwUFJQa0M1MFZS Rno0TDBacHZ0MjB0Uk1VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAz2gH4lm7uZaNjL2fsNTAGjx9/qJr 6XFmrEQWcJtSrDFBV4QuSrUUc6srfY9jKMtkkyED0q42YbIBhBBm0bheX0byrCKA 1h+/j1LVWWKGLp90lye/c9QjLdPyLyq9H3xU80vN5Mdp4sERL6sSVoa06yvwjnfO avWGB5yxiei6qh1EdgxEvRKZwmrIH34PqwY2xHGCSk2gRdMxcj3XtC+Sv/fuVm5h 2IpRgPnxG9rlCPiZMtACLXjBZ+HZ1G5+nmcJovS1S/lu5Wxoyyvis1TkoHQpjKAo mdTyB5/sz77eliYdqaPJ0Ay5yjGu4np+6nEO0kfjB0WtMR+XvJEU182mxg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:20 2025 by rpki-client