$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/79DnNuvcCQcDn0Oqioz6Bijow24.roa File: 79DnNuvcCQcDn0Oqioz6Bijow24.roa (raw, json) Hash identifier: LGo2sy7RiElYgzdIEDKL693hbVRXBIEveuee7BJ2kNU= Subject key identifier: EF:D0:E7:36:EB:DC:09:07:03:9F:43:AA:8A:8C:FA:06:28:E8:C3:6E Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 161C Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/79DnNuvcCQcDn0Oqioz6Bijow24.roa Signing time: Sun 16 Feb 2025 03:24:12 +0000 ROA not before: Sun 16 Feb 2025 03:24:12 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 7018 IP address blocks: 180.223.124.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5660 (0x161c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Feb 16 03:24:12 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=EFD0E736EBDC0907039F43AA8A8CFA0628E8C36E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:f3:a5:50:a4:bc:81:8b:42:e1:04:3a:50:02: 47:c0:6a:ab:fe:dc:f2:73:d1:20:20:5c:c3:f5:c2: 01:85:27:d8:d7:6f:1f:11:eb:9a:0e:8b:25:b6:77: e5:f3:c2:b0:9c:71:f5:3d:f1:5a:c0:e3:95:fc:f3: 2d:bd:70:cd:a1:f8:b0:62:e2:00:b7:a4:b8:9a:2f: 7e:ad:de:b1:3a:7d:2f:0c:02:14:77:92:f1:f4:64: 18:34:93:58:e2:a1:cf:45:19:0c:83:80:de:5c:48: bd:85:e3:a5:63:e0:08:39:78:65:16:1d:ba:6f:11: cf:7d:9b:1e:de:dc:68:c8:94:5f:fc:98:4e:ba:92: 28:af:08:66:90:fa:eb:7a:15:cb:96:fd:59:9d:f3: ec:17:f2:ee:97:13:4d:7d:f3:3e:f6:15:48:93:f9: eb:1b:25:79:8b:46:7f:7d:f9:73:49:9a:d3:50:0d: 24:1b:92:65:a5:cc:82:ec:36:a4:88:6c:5f:ce:5c: c1:3b:45:76:e2:db:40:05:ee:8b:2e:37:4f:05:6d: 69:92:c5:63:22:b3:8d:d2:ad:04:c1:7e:99:5d:bd: 62:25:ce:c4:e7:a3:7d:b6:02:f8:c1:76:70:90:ef: b6:03:c0:81:18:e6:2d:46:a6:07:9d:13:8f:d0:11: f9:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:D0:E7:36:EB:DC:09:07:03:9F:43:AA:8A:8C:FA:06:28:E8:C3:6E X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/79DnNuvcCQcDn0Oqioz6Bijow24.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.124.0/22 Signature Algorithm: sha256WithRSAEncryption 7a:e2:a5:89:c7:be:cd:bb:73:02:6d:68:fa:12:d1:67:3b:20: 18:ec:97:b6:fa:a2:14:f4:8b:14:1d:37:6c:7e:3a:9f:ae:cb: b5:83:22:e6:7f:c1:b5:a1:10:a3:49:a7:3b:9e:d2:9b:c1:47: ac:ac:f4:70:0d:31:13:46:e6:48:44:0c:b6:7a:bf:54:67:de: 89:0a:af:96:6f:58:87:c5:40:9c:a6:dd:84:e0:d9:a6:3d:9f: e8:71:6e:b5:61:19:5e:b0:37:93:f5:56:3d:3a:ad:5a:4e:e9: d6:c3:e7:74:0c:73:ec:98:f3:6e:46:eb:50:ef:12:39:85:de: 69:e8:f6:a0:a8:04:5b:4f:20:95:96:1c:0e:0d:ba:37:3c:1b: bf:e8:31:eb:92:15:eb:44:c0:ca:4e:36:42:59:cd:79:bc:ef: 1f:ff:74:c1:0d:5f:e9:b4:88:1f:2b:17:07:36:6e:3f:4f:d5: 1f:78:13:26:68:4b:35:4b:16:37:51:4f:e1:07:d2:48:46:6d: 7b:dd:1b:35:26:b2:78:bc:bb:92:17:e2:3e:9c:55:69:ca:a7: e9:6b:8b:c7:ad:09:e8:77:f1:e7:91:6e:12:00:d6:fe:58:1a: 64:d4:f8:41:96:db:cf:83:82:e5:25:d3:c5:96:d6:88:ad:49: 94:47:89:74 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFhwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTYw MzI0MTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVGRDBFNzM2RUJEQzA5 MDcwMzlGNDNBQThBOENGQTA2MjhFOEMzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDl86VQpLyBi0LhBDpQAkfAaqv+3PJz0SAgXMP1wgGFJ9jXbx8R 65oOiyW2d+XzwrCccfU98VrA45X88y29cM2h+LBi4gC3pLiaL36t3rE6fS8MAhR3 kvH0ZBg0k1jioc9FGQyDgN5cSL2F46Vj4Ag5eGUWHbpvEc99mx7e3GjIlF/8mE66 kiivCGaQ+ut6FcuW/Vmd8+wX8u6XE0198z72FUiT+esbJXmLRn99+XNJmtNQDSQb kmWlzILsNqSIbF/OXME7RXbi20AF7osuN08FbWmSxWMis43SrQTBfpldvWIlzsTn o322AvjBdnCQ77YDwIEY5i1GpgedE4/QEfljAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU79DnNuvcCQcDn0Oqioz6Bijow24wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvNzlEbk51dmNDUWNE bjBPcWlvejZCaWpvdzI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTffDANBgkqhkiG9w0BAQsFAAOCAQEAeuKlice+zbtzAm1o+hLRZzsgGOyX tvqiFPSLFB03bH46n67LtYMi5n/BtaEQo0mnO57Sm8FHrKz0cA0xE0bmSEQMtnq/ VGfeiQqvlm9Yh8VAnKbdhODZpj2f6HFutWEZXrA3k/VWPTqtWk7p1sPndAxz7Jjz bkbrUO8SOYXeaej2oKgEW08glZYcDg26Nzwbv+gx65IV60TAyk42QlnNebzvH/90 wQ1f6bSIHysXBzZuP0/VH3gTJmhLNUsWN1FP4QfSSEZte90bNSayeLy7khfiPpxV acqn6WuLx60J6Hfx55FuEgDW/lgaZNT4QZbbz4OC5SXTxZbWiK1JlEeJdA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:35:04 2025 by rpki-client