$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/rWtf0GEtu7-dle5LbQBIdEumJeU.roa File: rWtf0GEtu7-dle5LbQBIdEumJeU.roa (raw, json) Hash identifier: B84gsvdCibU5REtU9B+o3lUN9nmTZbwGHdQuugYs/go= Subject key identifier: AD:6B:5F:D0:61:2D:BB:BF:9D:95:EE:4B:6D:00:48:74:4B:A6:25:E5 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1669 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/rWtf0GEtu7-dle5LbQBIdEumJeU.roa Signing time: Thu 27 Feb 2025 05:58:31 +0000 ROA not before: Thu 27 Feb 2025 05:58:31 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 18811 IP address blocks: 180.223.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5737 (0x1669) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Feb 27 05:58:31 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=AD6B5FD0612DBBBF9D95EE4B6D0048744BA625E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:71:fb:b1:6d:3a:75:75:d3:78:97:50:73:50: 1a:67:f6:7b:c9:0b:05:78:03:28:4e:0c:35:f2:86: 92:ec:3e:e5:aa:79:45:10:6e:9e:4d:11:d0:95:2b: 2f:69:b2:c7:dc:01:ea:35:f9:16:a7:cd:0e:76:a8: 12:ed:e9:93:d2:41:e4:2e:2a:bb:75:3b:a6:3a:ca: 17:d6:92:2f:b6:37:fc:de:f0:80:83:dc:d0:38:de: 23:ab:50:72:dd:12:d8:0b:99:b0:36:3e:9d:f1:42: a2:e5:14:72:2d:4e:db:60:7a:85:47:11:87:e0:d6: 5d:25:3b:6d:b6:05:2e:68:9c:6e:0c:18:e5:6f:e3: bf:52:85:89:82:d6:da:b5:60:9e:8d:0d:f8:20:58: 1d:d1:ab:e4:e3:d5:31:58:cf:1d:91:3b:24:cd:da: f8:f5:61:da:1f:ac:c0:ea:02:68:cb:a9:cb:11:84: fe:ea:52:00:2f:d6:cc:92:09:ad:81:0c:5c:a2:fa: e2:29:3e:c5:68:17:50:28:a8:3b:55:01:f4:bd:e3: 27:c2:f6:4b:e3:3b:3b:32:f3:5c:ee:ba:72:57:7c: 85:c2:75:04:99:60:c0:e0:a1:96:cc:d6:76:7f:32: 44:17:67:b1:da:19:60:db:8a:d5:75:25:6a:be:21: 52:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:6B:5F:D0:61:2D:BB:BF:9D:95:EE:4B:6D:00:48:74:4B:A6:25:E5 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/rWtf0GEtu7-dle5LbQBIdEumJeU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.208.0/22 Signature Algorithm: sha256WithRSAEncryption 58:8f:db:fa:24:78:84:58:83:e3:de:59:6c:4c:ed:e0:a5:ea: 43:73:9e:85:30:82:03:b5:cb:47:d1:b2:25:ba:45:a8:21:c5: 5d:27:5d:85:0e:8b:42:52:90:43:12:24:36:ac:c4:03:a2:e0: ed:7b:58:29:d8:87:35:e9:0b:d5:56:07:f2:c6:c6:ca:05:f6: 15:c7:a8:d0:47:74:8f:e1:c3:f5:77:8f:45:8c:07:fc:59:38: 73:03:ba:94:76:dd:43:5c:d8:13:20:90:26:49:3f:01:cc:2b: 2d:97:9c:e7:17:d3:fa:4a:d8:b5:d5:92:81:94:8b:5e:a7:99: 23:5c:f5:70:bd:20:fd:a6:73:86:05:2f:70:b9:63:db:a2:fe: 68:fe:29:00:b3:6a:d0:5f:0c:c6:bb:b2:3d:14:4a:02:0f:34: 66:a3:20:1d:e7:86:e9:10:16:7c:68:fb:ee:bf:ae:d9:75:88: 6a:00:b2:c1:d4:31:65:e7:ce:51:d5:99:5d:df:a5:c7:52:c4: b5:d5:4b:73:64:36:0c:70:10:70:fd:4f:66:61:79:82:b7:8f: e1:1a:76:98:10:7f:0f:6d:be:bb:8b:a9:30:b7:49:8f:7e:cf: 82:b1:26:d6:32:34:f1:0d:f9:8c:ca:03:0c:67:37:40:1a:27: 24:3a:c3:64 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFmkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMjcw NTU4MzFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFENkI1RkQwNjEyREJC QkY5RDk1RUU0QjZEMDA0ODc0NEJBNjI1RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLcfuxbTp1ddN4l1BzUBpn9nvJCwV4AyhODDXyhpLsPuWqeUUQ bp5NEdCVKy9pssfcAeo1+RanzQ52qBLt6ZPSQeQuKrt1O6Y6yhfWki+2N/ze8ICD 3NA43iOrUHLdEtgLmbA2Pp3xQqLlFHItTttgeoVHEYfg1l0lO222BS5onG4MGOVv 479ShYmC1tq1YJ6NDfggWB3Rq+Tj1TFYzx2ROyTN2vj1YdofrMDqAmjLqcsRhP7q UgAv1sySCa2BDFyi+uIpPsVoF1AoqDtVAfS94yfC9kvjOzsy81zuunJXfIXCdQSZ YMDgoZbM1nZ/MkQXZ7HaGWDbitV1JWq+IVLZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUrWtf0GEtu7+dle5LbQBIdEumJeUwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvcld0ZjBHRXR1Ny1k bGU1TGJRQklkRXVtSmVVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf0DANBgkqhkiG9w0BAQsFAAOCAQEAWI/b+iR4hFiD495ZbEzt4KXqQ3Oe hTCCA7XLR9GyJbpFqCHFXSddhQ6LQlKQQxIkNqzEA6Lg7XtYKdiHNekL1VYH8sbG ygX2Fceo0Ed0j+HD9XePRYwH/Fk4cwO6lHbdQ1zYEyCQJkk/AcwrLZec5xfT+krY tdWSgZSLXqeZI1z1cL0g/aZzhgUvcLlj26L+aP4pALNq0F8MxruyPRRKAg80ZqMg HeeG6RAWfGj77r+u2XWIagCywdQxZefOUdWZXd+lx1LEtdVLc2Q2DHAQcP1PZmF5 greP4Rp2mBB/D22+u4upMLdJj37PgrEm1jI08Q35jMoDDGc3QBonJDrDZA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:51 2025 by rpki-client