$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/TzQ7qv0EPlFgedsQrDSlNzC68-A.roa File: TzQ7qv0EPlFgedsQrDSlNzC68-A.roa (raw, json) Hash identifier: XcIA5EHEY/V32QCUwOnmaoJTqFu7PT2r2Ug/rIgrQ60= Subject key identifier: 4F:34:3B:AA:FD:04:3E:51:60:79:DB:10:AC:34:A5:37:30:BA:F3:E0 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1638 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TzQ7qv0EPlFgedsQrDSlNzC68-A.roa Signing time: Tue 18 Feb 2025 00:53:21 +0000 ROA not before: Tue 18 Feb 2025 00:53:21 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 180.223.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5688 (0x1638) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Feb 18 00:53:21 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4F343BAAFD043E516079DB10AC34A53730BAF3E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:52:23:07:6a:da:e8:dd:98:77:25:5d:a7:cf: 6b:c1:aa:da:be:de:f1:8a:21:4a:c5:bc:89:a3:3b: e7:f9:1b:2a:c6:a3:fe:0f:e1:36:3b:a7:6d:77:84: 35:7e:db:04:35:2e:b6:e7:8d:9d:91:98:58:97:87: d6:45:2f:c2:82:6c:fa:cf:d7:9b:35:05:1f:b5:25: d4:f9:65:21:41:21:19:61:cf:b1:36:15:0a:08:12: 65:83:8d:5d:59:2f:c5:82:e0:ea:a5:3a:22:14:27: 7b:74:c8:52:78:e9:96:94:12:52:07:78:52:b1:16: 10:b3:19:25:6d:63:d4:0e:b2:d1:c7:37:59:63:c5: dd:96:6d:4d:ae:46:a4:a9:3d:87:d6:85:3c:41:93: f9:e6:8f:51:50:76:9d:58:30:bc:24:76:69:71:84: b3:f1:f6:4f:93:63:62:f0:bb:47:d8:70:97:e4:a9: 77:65:95:0a:c3:fb:c1:fb:22:09:43:91:26:8a:32: a7:85:d2:18:e4:92:01:b9:89:db:51:f0:a9:ce:0b: 07:be:ff:91:8e:aa:25:b6:9f:14:20:de:2f:3e:10: 41:c5:1e:96:59:02:a1:fa:93:0e:82:53:da:4d:43: 95:bb:6d:22:d3:f3:2f:62:ad:aa:9c:55:c9:6c:ec: cc:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:34:3B:AA:FD:04:3E:51:60:79:DB:10:AC:34:A5:37:30:BA:F3:E0 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TzQ7qv0EPlFgedsQrDSlNzC68-A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.232.0/21 Signature Algorithm: sha256WithRSAEncryption 7b:1d:99:a3:49:d7:f4:21:01:54:6b:73:c7:05:c6:58:9c:84: 79:00:55:f3:0b:c2:28:e4:6c:fe:69:85:5b:a4:66:8c:f1:ae: 28:c1:7e:3f:b5:37:80:36:b4:e3:a6:7c:5d:8e:1b:28:37:7f: d4:5c:35:b0:48:a3:c6:b4:09:cd:39:3f:ef:9f:5b:89:4f:72: 5d:56:d7:d7:7b:ba:16:77:06:ae:b2:62:cc:92:36:c6:b3:0f: 16:49:c7:08:38:00:7b:af:a5:0b:94:b3:54:2b:94:71:cb:12: fd:c9:d7:a5:79:45:80:23:cb:82:8d:fa:01:a7:48:5e:e1:06: 19:c8:14:ca:e3:73:cb:80:01:20:31:77:86:76:3f:51:ec:0a: f4:4d:a3:ca:fb:0f:01:97:4b:d5:96:4c:b7:a6:a4:82:49:be: 08:bd:22:24:46:7c:88:5a:fd:c2:34:7f:6a:ef:9e:70:31:67: 2a:08:b9:bf:f8:66:de:f8:ed:b3:a7:ee:d6:6c:1e:9d:56:a1: 1d:1b:24:eb:0a:20:41:46:84:3b:ee:ff:dc:c3:34:31:c2:f8: 18:e8:c9:35:da:22:85:8b:a9:a6:d1:a7:73:30:b8:d4:a0:63: 94:8d:87:e1:0f:c6:e2:06:66:31:fb:57:aa:bc:18:07:75:61: 25:98:06:0b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFjgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTgw MDUzMjFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRGMzQzQkFBRkQwNDNF NTE2MDc5REIxMEFDMzRBNTM3MzBCQUYzRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCUiMHatro3Zh3JV2nz2vBqtq+3vGKIUrFvImjO+f5GyrGo/4P 4TY7p213hDV+2wQ1LrbnjZ2RmFiXh9ZFL8KCbPrP15s1BR+1JdT5ZSFBIRlhz7E2 FQoIEmWDjV1ZL8WC4OqlOiIUJ3t0yFJ46ZaUElIHeFKxFhCzGSVtY9QOstHHN1lj xd2WbU2uRqSpPYfWhTxBk/nmj1FQdp1YMLwkdmlxhLPx9k+TY2Lwu0fYcJfkqXdl lQrD+8H7IglDkSaKMqeF0hjkkgG5idtR8KnOCwe+/5GOqiW2nxQg3i8+EEHFHpZZ AqH6kw6CU9pNQ5W7bSLT8y9iraqcVcls7MxhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTzQ7qv0EPlFgedsQrDSlNzC68+AwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvVHpRN3F2MEVQbEZn ZWRzUXJEU2xOekM2OC1BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAex2Zo0nX9CEBVGtzxwXGWJyEeQBV 8wvCKORs/mmFW6RmjPGuKMF+P7U3gDa046Z8XY4bKDd/1Fw1sEijxrQJzTk/759b iU9yXVbX13u6FncGrrJizJI2xrMPFknHCDgAe6+lC5SzVCuUccsS/cnXpXlFgCPL go36AadIXuEGGcgUyuNzy4ABIDF3hnY/UewK9E2jyvsPAZdL1ZZMt6akgkm+CL0i JEZ8iFr9wjR/au+ecDFnKgi5v/hm3vjts6fu1mwenVahHRsk6wogQUaEO+7/3MM0 McL4GOjJNdoihYupptGnczC41KBjlI2H4Q/G4gZmMftXqrwYB3VhJZgGCw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:43:12 2025 by rpki-client