$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/ZawpFm2QeyqKt-SuLdhHgEULp6o.roa File: ZawpFm2QeyqKt-SuLdhHgEULp6o.roa (raw, json) Hash identifier: KuvGk1zi/3SyRP9qaoqTrgBd1T35EToet8qpemxWz54= Subject key identifier: 65:AC:29:16:6D:90:7B:2A:8A:B7:E4:AE:2D:D8:47:80:45:0B:A7:AA Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 166B Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/ZawpFm2QeyqKt-SuLdhHgEULp6o.roa Signing time: Thu 27 Feb 2025 05:58:32 +0000 ROA not before: Thu 27 Feb 2025 05:58:32 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 10103 IP address blocks: 180.223.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 14:06:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5739 (0x166b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Feb 27 05:58:32 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=65AC29166D907B2A8AB7E4AE2DD84780450BA7AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7f:e5:21:ec:41:f1:b8:9b:9a:fb:6f:31:7d: 32:db:6d:61:00:34:75:9d:54:fd:cd:de:5f:51:59: 22:3f:ca:c6:31:f0:ee:df:69:97:5b:be:4a:c3:29: 5e:46:13:0a:9a:c6:f1:22:d2:c0:b9:2e:a1:0f:b3: d6:34:73:5d:4a:36:f4:db:4f:85:ab:b7:c3:89:a7: 13:88:1a:42:1e:87:53:a7:72:52:c9:16:ca:16:66: 59:ce:4b:f7:f2:f0:d3:65:a1:12:bf:61:c4:10:d3: a3:26:b9:5b:21:78:7f:a1:2f:e2:51:8e:ed:54:00: 6f:d7:48:cc:ef:9e:37:40:0a:1b:3d:e6:b6:1e:c3: ad:e0:49:a6:93:a4:a8:4e:66:87:e8:df:76:1f:5f: 86:57:5f:fc:42:b3:b7:08:ea:23:33:a0:46:a3:97: 51:1f:a9:c5:ae:f8:13:22:46:37:f4:36:51:53:cc: bc:cc:c1:94:00:31:e4:b7:64:c1:52:d4:7c:92:d5: 4a:6e:37:fd:73:5b:85:00:f8:f2:95:ab:52:61:a9: c6:3b:0c:ff:a7:c9:a4:42:df:48:6b:9c:cf:fc:f1: 85:a9:d0:3b:df:b4:21:8c:8b:1d:58:2d:bc:a8:fd: fd:fa:19:55:f6:ed:d3:94:ac:b0:a0:df:58:fe:87: 33:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:AC:29:16:6D:90:7B:2A:8A:B7:E4:AE:2D:D8:47:80:45:0B:A7:AA X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/ZawpFm2QeyqKt-SuLdhHgEULp6o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.208.0/22 Signature Algorithm: sha256WithRSAEncryption 82:32:d3:14:f4:f5:a7:84:ff:df:a1:79:39:87:b0:8a:8c:70: 96:a4:fe:e2:f1:d8:1c:24:a6:8b:51:51:32:e1:d7:10:d2:2a: fd:d1:cc:67:e4:b8:97:aa:6e:c5:7e:cf:6c:11:a6:ab:bc:14: 2a:04:f0:48:00:df:8a:8f:66:3f:f1:75:17:7f:bb:85:1d:4a: d9:62:b7:78:fd:7e:24:23:8a:43:ba:67:cb:0c:ce:31:c4:93: cd:e0:45:a8:22:d4:44:79:1b:1a:0e:64:42:8b:24:59:7d:48: b2:99:73:17:e7:92:da:2d:40:fe:31:41:73:7b:b2:60:3e:8f: 42:d4:f7:fb:a9:af:97:9c:3e:94:71:4a:da:7c:68:30:8f:dc: f1:36:11:19:c1:25:7a:b0:4e:59:2b:b9:e9:1d:85:df:df:c8: 96:4d:b9:31:f6:24:38:ec:0f:34:ac:c4:59:b4:b6:b4:85:c4: c9:17:5c:59:90:66:93:e9:ca:af:c1:e2:39:fd:1f:b2:ff:e4: b7:1b:38:1e:f8:3c:5a:33:fe:53:05:ed:69:65:65:bf:87:80: 99:42:93:96:61:33:00:1e:2d:4a:67:45:0a:a7:24:e3:ed:c2: 2c:21:f4:ce:ac:7c:65:f7:83:7c:ad:04:95:e6:4c:3e:c6:37: 3c:0d:34:45 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFmswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMjcw NTU4MzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY1QUMyOTE2NkQ5MDdC MkE4QUI3RTRBRTJERDg0NzgwNDUwQkE3QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYf+Uh7EHxuJua+28xfTLbbWEANHWdVP3N3l9RWSI/ysYx8O7f aZdbvkrDKV5GEwqaxvEi0sC5LqEPs9Y0c11KNvTbT4Wrt8OJpxOIGkIeh1OnclLJ FsoWZlnOS/fy8NNloRK/YcQQ06MmuVsheH+hL+JRju1UAG/XSMzvnjdAChs95rYe w63gSaaTpKhOZofo33YfX4ZXX/xCs7cI6iMzoEajl1EfqcWu+BMiRjf0NlFTzLzM wZQAMeS3ZMFS1HyS1UpuN/1zW4UA+PKVq1JhqcY7DP+nyaRC30hrnM/88YWp0Dvf tCGMix1YLbyo/f36GVX27dOUrLCg31j+hzMZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZawpFm2QeyqKt+SuLdhHgEULp6owHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvWmF3cEZtMlFleXFL dC1TdUxkaEhnRVVMcDZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf0DANBgkqhkiG9w0BAQsFAAOCAQEAgjLTFPT1p4T/36F5OYewioxwlqT+ 4vHYHCSmi1FRMuHXENIq/dHMZ+S4l6puxX7PbBGmq7wUKgTwSADfio9mP/F1F3+7 hR1K2WK3eP1+JCOKQ7pnywzOMcSTzeBFqCLURHkbGg5kQoskWX1IsplzF+eS2i1A /jFBc3uyYD6PQtT3+6mvl5w+lHFK2nxoMI/c8TYRGcElerBOWSu56R2F39/Ilk25 MfYkOOwPNKzEWbS2tIXEyRdcWZBmk+nKr8HiOf0fsv/ktxs4Hvg8WjP+UwXtaWVl v4eAmUKTlmEzAB4tSmdFCqck4+3CLCH0zqx8ZfeDfK0EleZMPsY3PA00RQ== -----END CERTIFICATE-----Generated at Mon Apr 14 13:41:35 2025 by rpki-client