$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/HUw23TFXmjpD_e2Klj8O1aJOuLI.roa File: HUw23TFXmjpD_e2Klj8O1aJOuLI.roa (raw, json) Hash identifier: LVhArJyw5UUv/lJaYkde8UdSAWT1VmmRAoWb0c+KHGM= Subject key identifier: 1D:4C:36:DD:31:57:9A:3A:43:FD:ED:8A:96:3F:0E:D5:A2:4E:B8:B2 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 142D Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/HUw23TFXmjpD_e2Klj8O1aJOuLI.roa Signing time: Mon 26 May 2025 23:39:25 +0000 ROA not before: Mon 26 May 2025 23:39:25 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146806 IP address blocks: 103.79.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:11:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5165 (0x142d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: May 26 23:39:25 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1D4C36DD31579A3A43FDED8A963F0ED5A24EB8B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:76:27:b8:9e:3b:ff:16:af:f3:bc:18:76:bb: 8a:98:84:b1:46:d7:42:81:f7:2f:30:53:a9:f8:46: 25:20:a6:ef:70:07:35:1a:4d:bc:3e:7f:04:da:ae: 69:23:17:4b:b5:5b:0a:51:c3:6b:05:ca:86:75:bb: d8:d0:a6:44:8c:5f:ad:9e:de:a5:3e:9e:55:be:f6: 3f:0a:74:e1:c0:90:8e:0a:db:5d:27:1e:39:cd:9c: 68:76:52:43:d7:e6:bb:68:01:43:2e:a6:8f:5a:f8: 94:57:bd:ad:40:d8:34:f7:79:48:56:2e:bc:0d:e4: 53:88:ec:cf:cd:e3:e0:7c:6a:71:21:e8:8e:04:93: b5:27:3b:2d:bc:13:84:fd:c0:f9:26:ba:14:f8:39: ca:b0:8e:7c:13:b2:5c:5a:98:10:01:77:a3:24:ab: 31:0a:0e:83:ec:82:d4:c2:b4:dc:23:30:43:62:da: 9c:0e:c1:27:e4:68:2a:0a:e6:3e:d4:8a:a6:fc:b0: 82:7c:66:45:a7:a5:98:b2:4a:42:7d:b7:81:e0:01: 2d:be:f9:50:61:67:c7:1e:64:f8:07:ce:0f:97:97: c1:08:31:e5:62:28:02:d5:13:59:e1:b9:cb:3f:9a: 44:2a:2f:43:bd:48:85:6c:2f:90:ef:50:ee:75:8b: 63:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:4C:36:DD:31:57:9A:3A:43:FD:ED:8A:96:3F:0E:D5:A2:4E:B8:B2 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/HUw23TFXmjpD_e2Klj8O1aJOuLI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.229.0/24 Signature Algorithm: sha256WithRSAEncryption 07:ba:dd:32:ea:a1:ef:ef:ef:02:99:d9:1c:23:88:84:6e:56: 2c:be:46:11:c2:ba:34:6e:4f:ce:52:00:58:8e:5c:df:55:28: 8a:95:e3:f3:20:41:d8:5b:33:f0:83:f4:7c:ed:3f:03:d3:c0: 9b:52:88:36:63:29:94:7a:07:80:07:17:ce:32:62:b2:a0:6f: 69:8d:dc:4f:1a:68:55:08:9e:66:0d:ad:30:d3:83:cd:ff:9b: 2a:a9:7b:36:37:b2:54:fd:f3:02:58:d0:94:e6:38:c4:c8:1c: 64:87:93:d3:d1:c2:4e:27:53:4b:38:fb:de:84:0d:80:13:ec: 76:04:1f:7b:3e:c0:e5:8e:b0:f7:de:2c:fd:6d:7e:71:9e:db: 25:ce:08:e0:d5:d5:97:6e:c3:12:95:bd:a9:18:36:1c:61:59: fd:86:9d:cc:7d:06:81:14:f1:f2:8a:2a:30:19:bb:b3:fa:c6: 88:06:fe:90:b6:f4:bc:fb:9b:70:92:c1:6e:2d:82:35:4a:67: ae:9e:3d:ce:2c:41:c2:ff:9b:31:9a:a5:ba:c0:38:1b:d6:d6: dc:39:22:3f:83:4c:c4:e2:ef:82:70:38:e1:d4:64:66:12:1f: 3a:14:10:d0:0d:54:d9:97:25:32:fc:ad:23:52:a8:b3:c3:d7: 4e:80:7b:81 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA1MjYy MzM5MjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFENEMzNkREMzE1NzlB M0E0M0ZERUQ4QTk2M0YwRUQ1QTI0RUI4QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRdie4njv/Fq/zvBh2u4qYhLFG10KB9y8wU6n4RiUgpu9wBzUa Tbw+fwTarmkjF0u1WwpRw2sFyoZ1u9jQpkSMX62e3qU+nlW+9j8KdOHAkI4K210n HjnNnGh2UkPX5rtoAUMupo9a+JRXva1A2DT3eUhWLrwN5FOI7M/N4+B8anEh6I4E k7UnOy28E4T9wPkmuhT4OcqwjnwTslxamBABd6MkqzEKDoPsgtTCtNwjMENi2pwO wSfkaCoK5j7Uiqb8sIJ8ZkWnpZiySkJ9t4HgAS2++VBhZ8ceZPgHzg+Xl8EIMeVi KALVE1nhucs/mkQqL0O9SIVsL5DvUO51i2MNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHUw23TFXmjpD/e2Klj8O1aJOuLIwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvSFV3MjNURlhtanBE X2UyS2xqOE8xYUpPdUxJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdP5TANBgkqhkiG9w0BAQsFAAOCAQEAB7rdMuqh7+/vApnZHCOIhG5WLL5G EcK6NG5PzlIAWI5c31UoipXj8yBB2Fsz8IP0fO0/A9PAm1KINmMplHoHgAcXzjJi sqBvaY3cTxpoVQieZg2tMNODzf+bKql7NjeyVP3zAljQlOY4xMgcZIeT09HCTidT Szj73oQNgBPsdgQfez7A5Y6w994s/W1+cZ7bJc4I4NXVl27DEpW9qRg2HGFZ/Yad zH0GgRTx8ooqMBm7s/rGiAb+kLb0vPubcJLBbi2CNUpnrp49zixBwv+bMZqlusA4 G9bW3DkiP4NMxOLvgnA44dRkZhIfOhQQ0A1U2ZclMvytI1Kos8PXToB7gQ== -----END CERTIFICATE-----Generated at Wed Jun 4 01:06:03 2025 by rpki-client