$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/OvQXa97D5xeMVn6aG0OWKi3atYI.roa File: OvQXa97D5xeMVn6aG0OWKi3atYI.roa (raw, json) Hash identifier: tQ7JI4o5W+MbjDg7a8aWqxsmrb0B0GLcP2GHH0vPcKU= Subject key identifier: 3A:F4:17:6B:DE:C3:E7:17:8C:56:7E:9A:1B:43:96:2A:2D:DA:B5:82 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1623 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/OvQXa97D5xeMVn6aG0OWKi3atYI.roa Signing time: Sun 16 Feb 2025 03:29:02 +0000 ROA not before: Sun 16 Feb 2025 03:29:02 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 18811 IP address blocks: 180.223.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5667 (0x1623) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Feb 16 03:29:02 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3AF4176BDEC3E7178C567E9A1B43962A2DDAB582 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:66:6b:74:66:75:73:67:63:58:22:8e:74:a8: dc:5d:c8:c1:d6:ed:fc:71:82:4a:72:79:43:87:b9: 48:96:21:d5:97:65:73:a5:f0:e9:99:ad:e0:10:84: 82:10:24:43:09:2d:e2:e1:b2:17:bd:0d:e4:f2:70: 7b:e9:fc:00:ea:52:f2:a5:41:ba:72:e4:12:ec:c1: 90:42:40:7e:8f:e5:4a:f5:8a:73:70:ca:c1:f3:1d: c5:62:7d:de:dd:c3:ce:8a:9e:6f:22:c4:69:48:cf: 71:3b:12:37:c4:92:39:48:cf:cc:07:53:0a:c6:8f: d8:e4:d5:6a:3d:b5:0d:6a:d1:30:92:8c:eb:42:20: 8b:5c:f9:5a:30:2c:b5:c8:6f:aa:a6:61:09:4f:3b: 9f:5d:0b:bc:bc:be:04:17:e7:54:47:8b:79:bb:2c: d5:b5:d7:e9:e0:b2:ae:97:41:46:ed:46:4b:7c:a8: f5:62:0f:7a:de:47:45:dc:be:5c:53:52:51:51:fd: c9:91:10:9f:16:85:2e:fa:ca:f9:a8:8e:2f:2a:3f: 2a:8c:8e:44:c5:52:45:77:50:66:08:cb:b4:9d:ec: 00:99:83:98:56:52:6e:a5:52:4a:74:fb:27:9a:93: 50:07:20:b9:95:42:1a:8c:1e:63:79:61:1e:e6:07: 33:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:F4:17:6B:DE:C3:E7:17:8C:56:7E:9A:1B:43:96:2A:2D:DA:B5:82 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/OvQXa97D5xeMVn6aG0OWKi3atYI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.232.0/21 Signature Algorithm: sha256WithRSAEncryption 62:bc:c9:3d:a6:ad:55:6a:29:d2:b2:a1:b0:2b:39:cf:74:85: fb:4f:5e:42:91:1e:9f:4d:87:62:ec:55:19:c4:e3:72:e9:a3: 96:42:46:0f:ca:f8:fb:c9:4e:ee:34:58:34:5b:de:96:24:fa: 93:32:a1:0e:05:9f:4c:3c:ea:88:c1:74:e3:47:32:8e:d2:ff: 5d:88:19:0a:2e:e3:fa:00:24:4b:45:78:7a:e5:e1:09:f9:3d: 35:19:1a:8d:e4:1c:75:88:dc:73:a3:19:58:d1:60:5c:a1:52: ca:b7:f4:ac:91:20:5d:14:c9:01:fa:03:3a:4e:a8:fa:f8:43: 3a:b9:34:6e:70:31:57:71:9a:6c:ba:3b:19:18:2b:ae:a7:31: bc:d9:07:2e:11:0d:4c:07:b2:07:14:7f:03:27:f8:6f:e9:9b: e3:4c:9b:eb:2e:97:e9:aa:b2:16:a1:bc:a9:1d:87:ef:4f:81: cc:16:f1:73:1b:a4:1e:14:0e:9e:b5:48:86:8a:64:21:12:40: 37:86:5b:35:87:44:b5:45:5b:02:9c:ab:08:d1:cd:34:26:3b: 35:8a:00:0e:0d:37:58:76:9b:fe:70:f5:15:0b:ee:67:0a:ba: df:96:53:ce:4e:20:32:6b:3a:5c:0e:46:6c:dd:4d:ab:61:34: be:99:c8:55 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFiMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTYw MzI5MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNBRjQxNzZCREVDM0U3 MTc4QzU2N0U5QTFCNDM5NjJBMkREQUI1ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHZmt0ZnVzZ2NYIo50qNxdyMHW7fxxgkpyeUOHuUiWIdWXZXOl 8OmZreAQhIIQJEMJLeLhshe9DeTycHvp/ADqUvKlQbpy5BLswZBCQH6P5Ur1inNw ysHzHcVifd7dw86Knm8ixGlIz3E7EjfEkjlIz8wHUwrGj9jk1Wo9tQ1q0TCSjOtC IItc+VowLLXIb6qmYQlPO59dC7y8vgQX51RHi3m7LNW11+ngsq6XQUbtRkt8qPVi D3reR0XcvlxTUlFR/cmREJ8WhS76yvmoji8qPyqMjkTFUkV3UGYIy7Sd7ACZg5hW Um6lUkp0+yeak1AHILmVQhqMHmN5YR7mBzMxAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOvQXa97D5xeMVn6aG0OWKi3atYIwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvT3ZRWGE5N0Q1eGVN Vm42YUcwT1dLaTNhdFlJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAYrzJPaatVWop0rKhsCs5z3SF+09e QpEen02HYuxVGcTjcumjlkJGD8r4+8lO7jRYNFveliT6kzKhDgWfTDzqiMF040cy jtL/XYgZCi7j+gAkS0V4euXhCfk9NRkajeQcdYjcc6MZWNFgXKFSyrf0rJEgXRTJ AfoDOk6o+vhDOrk0bnAxV3GabLo7GRgrrqcxvNkHLhENTAeyBxR/Ayf4b+mb40yb 6y6X6aqyFqG8qR2H70+BzBbxcxukHhQOnrVIhopkIRJAN4ZbNYdEtUVbApyrCNHN NCY7NYoADg03WHab/nD1FQvuZwq635ZTzk4gMms6XA5GbN1Nq2E0vpnIVQ== -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:25 2025 by rpki-client