$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/5tV6dC-gXAh8QWva5HkpHlUJql0.roa File: 5tV6dC-gXAh8QWva5HkpHlUJql0.roa (raw, json) Hash identifier: S+kAWPyyr2EgwCy2Gd7goOUuFbKTT3AYM8G/yr1gVuk= Subject key identifier: E6:D5:7A:74:2F:A0:5C:08:7C:41:6B:DA:E4:79:29:1E:55:09:AA:5D Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 156E Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/5tV6dC-gXAh8QWva5HkpHlUJql0.roa Signing time: Fri 17 Jan 2025 01:27:44 +0000 ROA not before: Fri 17 Jan 2025 01:27:44 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 180.223.96.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5486 (0x156e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jan 17 01:27:44 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=E6D57A742FA05C087C416BDAE479291E5509AA5D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:2e:10:d5:39:fd:d4:e4:1f:98:c1:46:3c:74: 38:78:1f:fe:63:ec:46:46:92:34:f3:50:d0:dd:6d: 52:ae:14:04:75:d9:89:9b:cd:ea:64:9e:a1:09:f3: 15:12:3e:43:08:7e:48:ca:80:eb:80:05:6b:26:dd: c1:a6:bf:c0:5d:d0:b3:a1:29:ee:bc:f1:fc:e3:74: f5:13:16:d6:a1:6b:c4:89:0c:1d:a0:9e:d3:af:7a: 7c:55:c3:b0:03:ea:90:be:b9:3b:2f:d4:ab:49:f5: 77:35:65:0a:26:7a:30:b8:72:1f:11:da:9b:5a:4e: f1:fe:07:10:da:8a:a2:c5:73:25:21:93:7c:46:5b: 76:c9:e2:11:ba:db:03:e3:02:18:ab:d8:47:fd:59: 6d:51:85:68:a4:5e:4e:5e:89:99:26:a8:d1:fb:e3: fd:d3:74:27:26:51:3f:72:ac:49:98:33:21:9c:80: 69:15:a9:6c:86:4d:38:a3:c5:40:0c:c8:ea:4d:47: 32:8a:a8:9a:27:de:1a:ff:04:c0:4a:63:4a:72:5c: 7c:e5:11:1b:0f:f0:89:8c:9a:b7:a9:ca:17:7f:b5: 95:77:7c:84:e5:6c:e4:dc:fd:5c:50:29:23:ef:c0: b3:cb:6c:80:27:ef:8d:97:5c:60:06:0b:78:a8:84: fd:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:D5:7A:74:2F:A0:5C:08:7C:41:6B:DA:E4:79:29:1E:55:09:AA:5D X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/5tV6dC-gXAh8QWva5HkpHlUJql0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.96.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:d1:91:c0:54:03:e0:b1:82:23:59:ee:af:e6:94:ed:2b:5e: 55:f9:4f:15:9d:eb:93:83:db:d2:1c:d5:4e:c0:b9:e2:d4:29: 7b:17:e8:0f:a2:a3:0f:bf:2d:37:13:d9:a7:29:0f:d5:07:0a: ff:11:9b:81:cd:1c:9e:1c:eb:35:1d:c8:c2:20:44:51:54:d5: 3c:cf:05:fe:c1:0d:67:b8:4c:38:d3:54:70:b4:46:69:a4:00: 51:dc:0b:59:a8:26:c2:4e:fc:98:46:a8:88:b2:b0:26:ed:38: ec:b3:39:8b:14:d7:41:f0:d0:ff:2d:b4:53:ab:02:0a:fc:02: a8:be:bc:eb:eb:bb:9f:f0:ac:70:92:48:d7:d4:c7:85:4e:d9: f0:2a:3b:ba:a7:60:f8:1d:6d:8e:a8:45:5b:13:79:d6:7d:4c: 13:8e:3b:70:59:bf:51:67:3e:de:96:4b:29:02:db:b0:99:92: 8a:72:7c:61:fe:56:fe:65:88:26:75:10:5d:15:cb:e7:62:52: d5:b7:82:8e:bf:c5:01:a6:1d:a1:52:87:56:e1:d0:f2:16:63: cb:52:26:5e:2f:ff:24:d0:2c:79:6a:95:4e:e5:2e:5e:ba:b5: dc:1a:45:38:8a:1d:8e:14:07:9c:ee:08:d0:83:3c:1f:85:6e: d2:93:b1:1d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAxMTcw MTI3NDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU2RDU3QTc0MkZBMDVD MDg3QzQxNkJEQUU0NzkyOTFFNTUwOUFBNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9LhDVOf3U5B+YwUY8dDh4H/5j7EZGkjTzUNDdbVKuFAR12Ymb zepknqEJ8xUSPkMIfkjKgOuABWsm3cGmv8Bd0LOhKe688fzjdPUTFtaha8SJDB2g ntOvenxVw7AD6pC+uTsv1KtJ9Xc1ZQomejC4ch8R2ptaTvH+BxDaiqLFcyUhk3xG W3bJ4hG62wPjAhir2Ef9WW1RhWikXk5eiZkmqNH74/3TdCcmUT9yrEmYMyGcgGkV qWyGTTijxUAMyOpNRzKKqJon3hr/BMBKY0pyXHzlERsP8ImMmrepyhd/tZV3fITl bOTc/VxQKSPvwLPLbIAn742XXGAGC3iohP3RAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU5tV6dC+gXAh8QWva5HkpHlUJql0wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvNXRWNmRDLWdYQWg4 UVd2YTVIa3BIbFVKcWwwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfYDANBgkqhkiG9w0BAQsFAAOCAQEALtGRwFQD4LGCI1nur+aU7SteVflP FZ3rk4Pb0hzVTsC54tQpexfoD6KjD78tNxPZpykP1QcK/xGbgc0cnhzrNR3IwiBE UVTVPM8F/sENZ7hMONNUcLRGaaQAUdwLWagmwk78mEaoiLKwJu047LM5ixTXQfDQ /y20U6sCCvwCqL686+u7n/CscJJI19THhU7Z8Co7uqdg+B1tjqhFWxN51n1ME447 cFm/UWc+3pZLKQLbsJmSinJ8Yf5W/mWIJnUQXRXL52JS1beCjr/FAaYdoVKHVuHQ 8hZjy1ImXi//JNAseWqVTuUuXrq13BpFOIodjhQHnO4I0IM8H4Vu0pOxHQ== -----END CERTIFICATE-----Generated at Fri Apr 4 22:01:00 2025 by rpki-client