$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/Xg3QlDPaqBI1YqHoJQh_QTWxLy4.roa File: Xg3QlDPaqBI1YqHoJQh_QTWxLy4.roa (raw, json) Hash identifier: YMsqIMagBuAaeaS2ONYV7+S1uHiCeyIcexihPZTOzA8= Subject key identifier: 5E:0D:D0:94:33:DA:A8:12:35:62:A1:E8:25:08:7F:41:35:B1:2F:2E Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 156C Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Xg3QlDPaqBI1YqHoJQh_QTWxLy4.roa Signing time: Fri 17 Jan 2025 01:27:43 +0000 ROA not before: Fri 17 Jan 2025 01:27:43 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 7018 IP address blocks: 180.223.72.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5484 (0x156c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jan 17 01:27:43 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5E0DD09433DAA8123562A1E825087F4135B12F2E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a8:4f:78:a5:6e:f8:88:ad:fe:78:cc:d7:db: bc:f3:03:1d:a7:b3:2c:51:64:ad:a9:01:ca:d4:f3: 04:3b:6a:5b:e4:b3:7a:a6:93:31:b4:27:c9:18:a0: a6:58:cb:2d:47:16:8d:da:2f:d0:c5:31:71:9b:34: 73:06:b7:96:5e:1c:41:d5:22:a7:b8:8c:c7:4d:31: 77:4b:bf:11:51:04:47:42:97:e0:a2:39:e3:b5:6e: 86:96:b9:5a:fd:0d:1b:8b:f5:3c:22:f9:b6:8c:e0: 24:a2:66:e1:58:84:dd:de:c1:9d:9a:32:37:a4:08: 69:33:3f:10:0b:0f:83:2f:bd:4f:39:84:37:2e:c2: 70:3b:af:45:1b:3c:a3:04:92:f8:87:05:56:94:32: 20:7f:cf:06:9a:17:42:12:fe:14:fd:fd:e7:ab:cf: ed:0a:45:db:39:70:21:f6:a7:20:a6:a3:4a:5f:36: 71:67:47:c1:2e:7f:6d:5d:ed:0f:4e:a9:d8:df:da: 24:d2:8b:c4:b3:1a:07:6a:0f:67:b0:b9:bc:1c:40: 4d:d7:e7:10:1b:23:8c:35:64:1f:28:ec:83:db:a0: a0:c2:28:a9:0a:bc:4a:3f:91:17:c1:29:e4:6e:3c: 0a:e3:9c:8d:2a:37:d7:89:f0:17:23:1b:13:ca:28: e4:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:0D:D0:94:33:DA:A8:12:35:62:A1:E8:25:08:7F:41:35:B1:2F:2E X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Xg3QlDPaqBI1YqHoJQh_QTWxLy4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.72.0/21 Signature Algorithm: sha256WithRSAEncryption d2:26:67:7e:0b:1b:53:4a:42:e2:48:ea:4f:83:7d:53:1c:40: 1b:1d:4d:06:94:e0:ab:5b:9b:2d:a4:f6:29:e2:d4:2a:68:a2: 9a:a3:68:66:df:46:16:87:3b:a4:fc:26:d2:d7:cf:4c:a2:9c: df:22:d9:5e:18:4f:cc:c6:11:47:1f:4e:ee:e7:ee:61:93:70: 57:ff:3c:da:b0:4f:e8:c2:ab:52:3b:56:a8:31:b1:2a:02:4f: 2e:c3:1c:5c:68:a5:4e:ef:1a:f7:d3:b9:57:da:fe:27:62:58: 2e:f3:12:a7:a6:29:05:89:b6:71:33:00:bd:bd:b0:48:f8:d3: e2:dd:9a:70:c8:fc:95:42:78:e2:4d:22:0e:64:18:fc:45:14: 8d:43:51:e9:e7:4a:96:33:67:6c:09:35:83:62:f1:1c:0a:81: 9e:9d:24:ea:50:c0:fc:47:51:a0:c7:e1:73:8e:71:42:89:41: 29:fa:14:70:c1:f7:2e:07:06:70:d8:48:0e:d6:94:77:cb:cb: d0:16:b4:0b:37:92:b0:94:25:e3:f8:de:0c:9c:aa:fc:fd:87: 8c:1e:06:8c:6a:19:35:01:7c:5b:5a:1e:cf:cb:bf:22:c4:aa: 97:94:d5:6d:40:56:34:c1:05:1a:29:dd:df:fa:10:a3:a3:14: 8b:d2:fd:5e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFWwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAxMTcw MTI3NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVFMEREMDk0MzNEQUE4 MTIzNTYyQTFFODI1MDg3RjQxMzVCMTJGMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6qE94pW74iK3+eMzX27zzAx2nsyxRZK2pAcrU8wQ7alvks3qm kzG0J8kYoKZYyy1HFo3aL9DFMXGbNHMGt5ZeHEHVIqe4jMdNMXdLvxFRBEdCl+Ci OeO1boaWuVr9DRuL9Twi+baM4CSiZuFYhN3ewZ2aMjekCGkzPxALD4MvvU85hDcu wnA7r0UbPKMEkviHBVaUMiB/zwaaF0IS/hT9/eerz+0KRds5cCH2pyCmo0pfNnFn R8Euf21d7Q9Oqdjf2iTSi8SzGgdqD2ewubwcQE3X5xAbI4w1ZB8o7IPboKDCKKkK vEo/kRfBKeRuPArjnI0qN9eJ8BcjGxPKKORnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXg3QlDPaqBI1YqHoJQh/QTWxLy4wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvWGczUWxEUGFxQkkx WXFIb0pRaF9RVFd4THk0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7TfSDANBgkqhkiG9w0BAQsFAAOCAQEA0iZnfgsbU0pC4kjqT4N9UxxAGx1N BpTgq1ubLaT2KeLUKmiimqNoZt9GFoc7pPwm0tfPTKKc3yLZXhhPzMYRRx9O7ufu YZNwV/882rBP6MKrUjtWqDGxKgJPLsMcXGilTu8a99O5V9r+J2JYLvMSp6YpBYm2 cTMAvb2wSPjT4t2acMj8lUJ44k0iDmQY/EUUjUNR6edKljNnbAk1g2LxHAqBnp0k 6lDA/EdRoMfhc45xQolBKfoUcMH3LgcGcNhIDtaUd8vL0Ba0CzeSsJQl4/jeDJyq /P2HjB4GjGoZNQF8W1oez8u/IsSql5TVbUBWNMEFGind3/oQo6MUi9L9Xg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:30 2025 by rpki-client