$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/zyhx-Q7_X1DNTdukcuC6VGiQM_s.roa File: zyhx-Q7_X1DNTdukcuC6VGiQM_s.roa (raw, json) Hash identifier: hdT/wQL5k+Ndk+hJkoxFl7BRsQraPH8NUUygj+JSqWI= Subject key identifier: CF:28:71:F9:0E:FF:5F:50:CD:4D:DB:A4:72:E0:BA:54:68:90:33:FB Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 162A Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/zyhx-Q7_X1DNTdukcuC6VGiQM_s.roa Signing time: Sun 16 Feb 2025 03:31:04 +0000 ROA not before: Sun 16 Feb 2025 03:31:04 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4766 IP address blocks: 180.223.248.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Mar 2025 10:57:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5674 (0x162a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Feb 16 03:31:04 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=CF2871F90EFF5F50CD4DDBA472E0BA54689033FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:2b:05:d3:5f:a0:7e:3f:75:dc:57:4c:f2:5c: 6d:aa:cb:a9:f4:a0:6f:03:e6:4c:c5:c2:16:2f:a4: 2a:43:24:b5:c0:4e:f2:fc:fd:2c:2a:7c:68:9f:a4: 71:fc:c7:59:7c:94:51:9b:7c:4f:a0:2b:dd:e1:66: ed:6e:b5:f9:67:35:06:07:97:2c:17:bf:8c:e7:22: 4f:6d:15:a8:74:89:dd:16:2c:49:f8:b1:b9:ea:bb: 0b:99:4d:11:0e:55:c7:d6:97:41:79:e0:11:e2:43: e1:b4:8b:eb:97:67:db:8a:f8:8c:d0:d6:49:a5:a0: 36:0c:5a:c3:b0:c9:c4:66:8e:85:9d:9b:28:2e:32: 56:0a:d4:e4:00:16:ef:db:2c:19:ee:b1:04:33:c6: 04:05:0a:34:e2:bd:7f:00:bd:bf:0d:c4:01:a8:c4: 14:f6:6a:a4:fb:5c:a4:28:ff:8e:30:00:01:a4:83: cb:aa:db:0f:cb:f4:97:65:fc:00:fd:16:8b:4f:a1: 64:fb:15:8d:9f:25:9f:15:a6:89:f6:41:13:a9:c3: 1a:08:2d:bc:e7:52:9d:00:f2:ff:e6:6f:a5:6a:b0: bd:be:96:d7:09:d1:00:f8:fe:c5:59:71:b1:99:71: 43:3b:96:f6:48:81:2e:49:73:10:3a:7a:c5:95:0b: 4c:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:28:71:F9:0E:FF:5F:50:CD:4D:DB:A4:72:E0:BA:54:68:90:33:FB X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/zyhx-Q7_X1DNTdukcuC6VGiQM_s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.248.0/21 Signature Algorithm: sha256WithRSAEncryption 26:d4:ac:29:71:6e:39:d5:93:ef:93:0a:d6:40:6d:9b:7c:88: 85:bb:9d:23:62:1b:af:69:ec:e8:ef:4c:4a:59:0e:ed:ab:b7: e5:76:d9:8d:55:98:bd:d6:cf:10:6f:27:2c:bf:82:35:4b:e3: a6:d3:d1:da:31:14:cc:5e:12:47:3d:be:78:7c:74:9f:d2:75: c7:fb:50:44:d3:05:74:01:4a:b3:ed:29:57:76:17:3f:8f:8b: ee:24:66:dc:bb:f5:85:ff:50:3f:30:58:5f:55:c5:09:9b:60: 26:cc:04:9f:2f:84:bc:60:58:09:a9:46:90:5e:86:6a:88:16: 2a:47:e6:70:f8:c6:3b:d8:c7:30:50:80:56:91:db:6e:11:70: 8b:77:b8:aa:e3:f4:12:e1:31:1f:29:4a:a7:9b:42:e5:7a:2f: 32:da:93:f9:0e:c0:7c:eb:6b:f5:be:8d:b3:22:5b:df:6d:e9: 59:ad:c7:27:01:2d:9d:4c:af:a7:7a:66:83:3d:cc:a5:25:0c: da:fd:b2:20:36:65:0f:98:bc:a5:ff:ea:7a:6b:c5:5f:7e:2c: 0a:85:6d:65:cc:ec:b6:71:94:ea:43:70:fb:34:44:c5:69:0a: 9a:fb:78:18:c1:29:0f:3a:6f:72:32:c3:ed:83:a4:dd:b3:ed: ea:86:74:8b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTYw MzMxMDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENGMjg3MUY5MEVGRjVG NTBDRDREREJBNDcyRTBCQTU0Njg5MDMzRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWKwXTX6B+P3XcV0zyXG2qy6n0oG8D5kzFwhYvpCpDJLXATvL8 /SwqfGifpHH8x1l8lFGbfE+gK93hZu1utflnNQYHlywXv4znIk9tFah0id0WLEn4 sbnquwuZTREOVcfWl0F54BHiQ+G0i+uXZ9uK+IzQ1kmloDYMWsOwycRmjoWdmygu MlYK1OQAFu/bLBnusQQzxgQFCjTivX8Avb8NxAGoxBT2aqT7XKQo/44wAAGkg8uq 2w/L9Jdl/AD9FotPoWT7FY2fJZ8Vpon2QROpwxoILbznUp0A8v/mb6VqsL2+ltcJ 0QD4/sVZcbGZcUM7lvZIgS5JcxA6esWVC0zvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUzyhx+Q7/X1DNTdukcuC6VGiQM/swHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvenloeC1RN19YMURO VGR1a2N1QzZWR2lRTV9zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf+DANBgkqhkiG9w0BAQsFAAOCAQEAJtSsKXFuOdWT75MK1kBtm3yIhbud I2Ibr2ns6O9MSlkO7au35XbZjVWYvdbPEG8nLL+CNUvjptPR2jEUzF4SRz2+eHx0 n9J1x/tQRNMFdAFKs+0pV3YXP4+L7iRm3Lv1hf9QPzBYX1XFCZtgJswEny+EvGBY CalGkF6GaogWKkfmcPjGO9jHMFCAVpHbbhFwi3e4quP0EuExHylKp5tC5XovMtqT +Q7AfOtr9b6NsyJb323pWa3HJwEtnUyvp3pmgz3MpSUM2v2yIDZlD5i8pf/qemvF X34sCoVtZczstnGU6kNw+zRExWkKmvt4GMEpDzpvcjLD7YOk3bPt6oZ0iw== -----END CERTIFICATE-----Generated at Thu Mar 13 07:16:52 2025 by rpki-client