$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/316/DkbgG_2QF1H1zkbtwbC1IYgZgyE.roa File: DkbgG_2QF1H1zkbtwbC1IYgZgyE.roa (raw, json) Hash identifier: eXW9cZe9xYe5QO3OSRy8Hk5D4Ja5js/wO9jLh6dU8tk= Subject key identifier: 0E:46:E0:1B:FD:90:17:51:F5:CE:46:ED:C1:B0:B5:21:88:19:83:21 Certificate issuer: /CN=4BC6A9B58BBEEAD50DDD48F844782C8294A18B39 Certificate serial: 14BA Authority key identifier: 4B:C6:A9:B5:8B:BE:EA:D5:0D:DD:48:F8:44:78:2C:82:94:A1:8B:39 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/S8aptYu-6tUN3Uj4RHgsgpShizk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/DkbgG_2QF1H1zkbtwbC1IYgZgyE.roa Signing time: Fri 17 Jan 2025 01:27:10 +0000 ROA not before: Fri 17 Jan 2025 01:27:10 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 38378 IP address blocks: 103.92.88.0/22 maxlen: 24 119.40.64.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/S8aptYu-6tUN3Uj4RHgsgpShizk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/S8aptYu-6tUN3Uj4RHgsgpShizk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/S8aptYu-6tUN3Uj4RHgsgpShizk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5306 (0x14ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4BC6A9B58BBEEAD50DDD48F844782C8294A18B39 Validity Not Before: Jan 17 01:27:10 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0E46E01BFD901751F5CE46EDC1B0B52188198321 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:54:66:f9:62:aa:16:48:52:4b:ca:17:2d:e3: f7:e1:69:21:a8:07:59:6f:7a:46:be:9f:bc:76:83: b0:fe:91:68:1d:5d:95:19:3c:3d:7a:35:6a:c4:83: d2:5b:72:09:75:aa:96:f2:97:0d:79:d1:a1:24:ab: b7:41:e1:bd:db:a6:6f:d9:b9:b0:f8:4d:07:8d:10: 74:7a:67:ef:cf:83:d3:80:28:9e:78:d7:72:17:cb: dd:bb:cc:fc:94:52:f7:5d:29:85:4d:53:51:61:bf: 02:07:0a:e8:b2:99:a5:7e:da:dd:a1:9d:71:1a:25: 0f:7d:d6:1c:82:fc:41:aa:4f:78:7d:6e:c7:67:bf: fa:5d:df:f7:7e:d1:65:a1:97:36:75:19:9e:9f:7e: bd:68:ba:3d:0a:3b:46:4b:88:dc:5e:7c:89:7b:38: a0:1b:0d:96:4f:34:66:71:b1:92:cb:a4:74:67:18: 2c:07:f5:77:5e:19:ca:eb:0c:b9:28:e3:4d:9b:34: da:52:f8:f6:76:f5:e2:ed:b6:8e:fa:1d:ff:a6:4f: 4a:78:27:c8:fc:86:05:40:4c:2e:52:59:6a:f1:28: 6f:bb:5e:02:a2:29:79:21:d2:ac:a5:0d:a0:ee:60: c2:dc:2c:de:53:80:44:36:8d:2d:fd:7d:a5:27:1f: 7a:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:46:E0:1B:FD:90:17:51:F5:CE:46:ED:C1:B0:B5:21:88:19:83:21 X509v3 Authority Key Identifier: keyid:4B:C6:A9:B5:8B:BE:EA:D5:0D:DD:48:F8:44:78:2C:82:94:A1:8B:39 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/S8aptYu-6tUN3Uj4RHgsgpShizk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/S8aptYu-6tUN3Uj4RHgsgpShizk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/316/DkbgG_2QF1H1zkbtwbC1IYgZgyE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.92.88.0/22 119.40.64.0/20 Signature Algorithm: sha256WithRSAEncryption 6d:0a:73:be:99:eb:17:40:15:95:f0:f5:cf:c8:b5:24:6e:76: 42:f7:ad:b1:43:8d:c0:aa:86:f7:9c:47:db:48:f9:13:4d:08: f5:2f:8f:83:8a:6c:83:95:fd:8d:30:77:e3:23:d5:a5:de:41: 22:f4:15:5c:1c:76:bb:ca:e6:76:53:00:fe:cc:b3:85:58:68: 45:e2:bf:f7:ba:b3:e0:eb:37:25:66:d3:bc:3c:fa:65:40:85: ec:9c:3b:e2:a7:a9:1a:95:2a:ad:23:33:91:ae:2f:ce:df:8e: 84:de:d8:35:9b:21:76:10:2d:0d:f3:2d:bf:0f:15:3d:6e:40: 2d:84:56:b5:9e:bf:1f:07:be:e8:03:cd:e6:22:be:2b:74:ac: 1a:fd:95:5d:30:c0:2a:05:7b:b9:04:d8:c9:42:74:cb:9c:82: 66:51:a7:aa:99:38:b5:a0:0b:95:58:bb:1f:73:c8:97:3d:f5: 0b:42:75:98:7b:6a:ed:5d:3a:93:7c:04:7d:ea:c9:ed:eb:10: ff:57:78:1f:2c:17:74:10:17:2d:6a:d9:a3:16:43:38:b0:b7: ca:b6:e1:80:f2:ed:b3:c7:e8:b9:b6:c4:c1:73:2a:34:ff:36: aa:00:3d:d4:16:b8:c3:d5:55:63:d6:e2:b1:06:b4:5b:55:55: 23:33:02:d4 -----BEGIN CERTIFICATE----- MIIE2zCCA8OgAwIBAgICFLowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEJD NkE5QjU4QkJFRUFENTBEREQ0OEY4NDQ3ODJDODI5NEExOEIzOTAeFw0yNTAxMTcw MTI3MTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBFNDZFMDFCRkQ5MDE3 NTFGNUNFNDZFREMxQjBCNTIxODgxOTgzMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKVGb5YqoWSFJLyhct4/fhaSGoB1lveka+n7x2g7D+kWgdXZUZ PD16NWrEg9Jbcgl1qpbylw150aEkq7dB4b3bpm/ZubD4TQeNEHR6Z+/Pg9OAKJ54 13IXy927zPyUUvddKYVNU1FhvwIHCuiymaV+2t2hnXEaJQ991hyC/EGqT3h9bsdn v/pd3/d+0WWhlzZ1GZ6ffr1ouj0KO0ZLiNxefIl7OKAbDZZPNGZxsZLLpHRnGCwH 9XdeGcrrDLko402bNNpS+PZ29eLtto76Hf+mT0p4J8j8hgVATC5SWWrxKG+7XgKi KXkh0qylDaDuYMLcLN5TgEQ2jS39faUnH3rVAgMBAAGjggH3MIIB8zAdBgNVHQ4E FgQUDkbgG/2QF1H1zkbtwbC1IYgZgyEwHwYDVR0jBBgwFoAUS8aptYu+6tUN3Uj4 RHgsgpShizkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 L1M4YXB0WXUtNnRVTjNVajRSSGdzZ3BTaGl6ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvUzhhcHRZdS02dFVOM1VqNFJIZ3NncFNoaXprLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2L0RrYmdHXzJRRjFIMXpr YnR3YkMxSVlnWmd5RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwD BAJnXFgDBAR3KEAwDQYJKoZIhvcNAQELBQADggEBAG0Kc76Z6xdAFZXw9c/ItSRu dkL3rbFDjcCqhvecR9tI+RNNCPUvj4OKbIOV/Y0wd+Mj1aXeQSL0FVwcdrvK5nZT AP7Ms4VYaEXiv/e6s+DrNyVm07w8+mVAheycO+KnqRqVKq0jM5GuL87fjoTe2DWb IXYQLQ3zLb8PFT1uQC2EVrWevx8HvugDzeYivit0rBr9lV0wwCoFe7kE2MlCdMuc gmZRp6qZOLWgC5VYux9zyJc99QtCdZh7au1dOpN8BH3qye3rEP9XeB8sF3QQFy1q 2aMWQziwt8q24YDy7bPH6Lm2xMFzKjT/NqoAPdQWuMPVVWPW4rEGtFtVVSMzAtQ= -----END CERTIFICATE-----Generated at Fri Apr 4 18:48:59 2025 by rpki-client