$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/JVyE-PbWV85g5evZ8YyoJRwoLHE.roa File: JVyE-PbWV85g5evZ8YyoJRwoLHE.roa (raw, json) Hash identifier: NtjRhSVuhDt0HPDJMNO6NW+SPA4tThjKOBB4zdl4TMc= Subject key identifier: 25:5C:84:F8:F6:D6:57:CE:60:E5:EB:D9:F1:8C:A8:25:1C:28:2C:71 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1186 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JVyE-PbWV85g5evZ8YyoJRwoLHE.roa Signing time: Fri 17 Jan 2025 01:28:22 +0000 ROA not before: Fri 17 Jan 2025 01:28:22 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 211392 IP address blocks: 103.79.228.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4486 (0x1186) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Jan 17 01:28:22 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=255C84F8F6D657CE60E5EBD9F18CA8251C282C71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:35:c4:86:17:32:1a:f1:9a:59:cd:d3:b1:9d: ba:25:5d:14:14:31:0a:84:8f:76:12:7a:a5:12:0f: 91:b5:43:cf:26:30:8c:00:e2:34:e2:e1:e6:4c:9d: 15:bf:c0:6e:a0:53:bf:15:71:27:59:ce:51:2e:21: 2b:28:0e:25:22:97:95:b8:43:f9:fc:8b:72:83:69: c0:81:e1:ce:56:73:13:5a:11:c6:e5:07:46:61:65: 37:da:53:92:1e:76:78:35:32:46:6d:b8:2e:d5:10: 37:ce:a4:d8:28:30:bb:bf:14:35:73:d3:ae:e5:4b: ea:0a:65:d5:c9:93:c3:f9:fa:f9:d5:1e:d8:48:a5: b5:04:c5:e1:43:4a:42:30:b0:4c:47:cd:7e:fb:bc: fc:0e:27:bc:ce:3e:e4:41:a4:6e:31:8c:3c:85:4f: 1e:6d:c8:dc:23:ba:cf:f3:3e:3a:bc:4c:bb:ed:9b: 89:83:a4:dc:96:81:f2:22:e2:60:9b:34:75:43:0d: ce:23:18:bb:96:b2:44:28:ad:78:72:f7:55:52:d5: b9:41:df:89:32:da:b9:ac:a8:4b:a1:a8:e7:8d:ef: 48:67:d0:f8:09:ea:45:27:26:bd:a1:dd:4d:1f:a4: 72:69:5b:91:f5:54:af:6a:17:cb:25:26:c3:87:5f: 80:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:5C:84:F8:F6:D6:57:CE:60:E5:EB:D9:F1:8C:A8:25:1C:28:2C:71 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JVyE-PbWV85g5evZ8YyoJRwoLHE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.228.0/23 Signature Algorithm: sha256WithRSAEncryption 7e:78:4f:58:dd:ac:46:7a:c9:62:d1:9f:0a:48:6e:98:e5:29: 17:69:de:35:ac:23:72:11:6d:bf:81:ab:23:92:95:72:5f:49: 0c:6d:4b:c7:39:4f:bb:9a:c0:32:24:0e:d8:3d:55:45:94:e1: 86:80:da:5a:be:a3:20:1d:a0:73:e9:1a:0d:57:fe:51:6e:41: 88:70:a8:11:3c:5a:52:04:ed:e6:cb:a7:88:b0:99:75:c4:6b: 5e:92:11:d6:18:11:b2:bd:77:d8:51:45:d0:7b:3e:d6:4e:5a: fc:c6:4f:12:79:0a:ca:13:47:bc:43:3a:2f:44:93:b6:f6:31: f1:80:de:2d:cc:18:93:62:67:39:3d:6f:ce:50:73:87:4f:33: bd:68:d8:32:d3:b7:a2:40:40:68:b5:14:7c:cd:ab:f8:67:a7: c0:20:61:bd:6f:0e:c2:1a:41:72:52:52:44:6f:64:df:85:41: 10:32:dd:0d:95:c4:25:32:7e:d2:d0:01:a3:64:93:24:f8:2c: ad:af:14:17:fe:6a:0d:03:f3:a4:e2:ea:93:95:94:1c:fe:35: 59:68:7f:67:94:3d:61:ad:b1:a2:52:bd:4e:40:5e:d1:c2:00: f0:38:c9:d3:ee:3e:39:ea:23:79:fb:4a:7c:99:ad:ff:ab:62: 7d:2b:60:7c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEYYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTAxMTcw MTI4MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI1NUM4NEY4RjZENjU3 Q0U2MEU1RUJEOUYxOENBODI1MUMyODJDNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdNcSGFzIa8ZpZzdOxnbolXRQUMQqEj3YSeqUSD5G1Q88mMIwA 4jTi4eZMnRW/wG6gU78VcSdZzlEuISsoDiUil5W4Q/n8i3KDacCB4c5WcxNaEcbl B0ZhZTfaU5Iedng1MkZtuC7VEDfOpNgoMLu/FDVz067lS+oKZdXJk8P5+vnVHthI pbUExeFDSkIwsExHzX77vPwOJ7zOPuRBpG4xjDyFTx5tyNwjus/zPjq8TLvtm4mD pNyWgfIi4mCbNHVDDc4jGLuWskQorXhy91VS1blB34ky2rmsqEuhqOeN70hn0PgJ 6kUnJr2h3U0fpHJpW5H1VK9qF8slJsOHX4AlAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUJVyE+PbWV85g5evZ8YyoJRwoLHEwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvSlZ5RS1QYldWODVn NWV2WjhZeW9KUndvTEhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdP5DANBgkqhkiG9w0BAQsFAAOCAQEAfnhPWN2sRnrJYtGfCkhumOUpF2ne NawjchFtv4GrI5KVcl9JDG1LxzlPu5rAMiQO2D1VRZThhoDaWr6jIB2gc+kaDVf+ UW5BiHCoETxaUgTt5suniLCZdcRrXpIR1hgRsr132FFF0Hs+1k5a/MZPEnkKyhNH vEM6L0STtvYx8YDeLcwYk2JnOT1vzlBzh08zvWjYMtO3okBAaLUUfM2r+GenwCBh vW8OwhpBclJSRG9k34VBEDLdDZXEJTJ+0tABo2STJPgsra8UF/5qDQPzpOLqk5WU HP41WWh/Z5Q9Ya2xolK9TkBe0cIA8DjJ0+4+OeojeftKfJmt/6tifStgfA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:30 2025 by rpki-client