$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/SPbxRfVqJDl-tzQOS4aeBemE8vY.roa File: SPbxRfVqJDl-tzQOS4aeBemE8vY.roa (raw, json) Hash identifier: 2G7DJJIM4dg1k8H0479hK2x06IMbck5SPXGFhV21Sus= Subject key identifier: 48:F6:F1:45:F5:6A:24:39:7E:B7:34:0E:4B:86:9E:05:E9:84:F2:F6 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 0FF3 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/SPbxRfVqJDl-tzQOS4aeBemE8vY.roa Signing time: Mon 28 Oct 2024 07:24:12 +0000 ROA not before: Mon 28 Oct 2024 07:24:12 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 135074 IP address blocks: 103.79.228.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4083 (0xff3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Oct 28 07:24:12 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=48F6F145F56A24397EB7340E4B869E05E984F2F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f3:43:70:71:60:e6:9a:2d:57:25:83:ca:33: 4d:f2:5a:e8:cd:18:13:ea:8c:ac:19:74:8a:31:15: e3:0e:a7:0b:06:69:77:84:44:11:59:99:05:06:cd: d0:18:18:5d:1a:9a:ff:9d:52:1f:6e:d6:95:1d:d8: 90:f6:e2:6f:f8:62:8d:55:aa:49:e4:de:e2:5e:64: 20:e8:54:1a:e8:d6:ae:6a:cc:7f:33:7d:99:eb:97: 56:fa:41:ef:da:e7:f0:de:d7:9d:15:5e:91:5a:e1: f4:27:9d:c6:41:e0:1b:cf:10:03:bf:38:00:23:00: 37:6a:52:38:db:91:32:12:71:8a:1c:8a:0f:63:8a: f3:80:9b:93:ea:68:44:a6:59:c7:37:98:dc:1c:10: 4e:1a:66:6a:87:5c:61:1b:1c:35:86:2f:15:9c:69: 48:b8:73:0a:cf:9a:80:cd:fc:6e:4c:f2:f0:49:0c: 5e:70:d6:b8:7b:6c:89:19:cb:c9:bd:18:e8:ec:76: 45:b7:20:c2:9c:55:f5:45:56:a4:c2:d4:7c:47:57: f0:da:18:5f:81:48:8d:dc:d9:33:22:23:9d:05:46: 62:f4:1f:b7:69:3a:0a:a2:ef:84:00:08:82:92:31: 07:a9:df:11:48:ca:86:ab:78:34:11:df:1f:80:2a: ee:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:F6:F1:45:F5:6A:24:39:7E:B7:34:0E:4B:86:9E:05:E9:84:F2:F6 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/SPbxRfVqJDl-tzQOS4aeBemE8vY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.228.0/23 Signature Algorithm: sha256WithRSAEncryption a3:88:1c:67:c8:54:23:de:50:09:d5:23:bd:36:33:4a:8b:05: 00:d9:e9:2c:e1:42:2c:8a:c9:d1:3b:24:5a:d8:5a:3b:8b:ed: d8:ca:94:5c:70:91:7d:b3:06:b6:5e:c2:3a:a0:cb:31:32:0f: 88:a6:0a:8d:e0:03:b5:ea:0e:62:e7:0b:07:04:9d:8a:a0:e3: 66:ee:5f:56:d9:d2:9c:82:64:5a:87:fb:ab:2c:25:76:9a:28: 2a:b8:3f:98:49:0d:9c:c2:ab:58:41:f6:fa:47:39:ed:ad:09: 1d:15:41:cd:90:9b:83:7f:30:bc:dd:1b:bf:15:bf:a0:35:9c: 0d:2a:12:34:13:4e:e3:6f:5b:43:2c:ff:2b:12:e9:a3:81:c2: 42:a6:3c:d1:ca:16:36:58:c5:ef:9f:54:5b:af:85:31:08:d5: ff:a3:05:50:7e:68:86:06:eb:e5:00:8e:79:7e:84:27:33:32: f2:a7:a5:4e:b3:53:2b:24:0a:13:10:e6:67:d6:a6:49:43:fc: 95:3d:39:02:04:13:11:cf:d7:84:ea:8c:4f:e1:80:6e:ac:b1: fa:e5:f3:25:70:83:63:69:a3:66:bb:f3:5b:2b:0b:c2:f3:f1: 45:10:72:5d:8b:11:87:a0:d9:ae:fc:0f:2f:92:de:98:eb:c6: 57:64:6c:2f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD/MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNDEwMjgw NzI0MTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ4RjZGMTQ1RjU2QTI0 Mzk3RUI3MzQwRTRCODY5RTA1RTk4NEYyRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCr80NwcWDmmi1XJYPKM03yWujNGBPqjKwZdIoxFeMOpwsGaXeE RBFZmQUGzdAYGF0amv+dUh9u1pUd2JD24m/4Yo1Vqknk3uJeZCDoVBro1q5qzH8z fZnrl1b6Qe/a5/De150VXpFa4fQnncZB4BvPEAO/OAAjADdqUjjbkTIScYocig9j ivOAm5PqaESmWcc3mNwcEE4aZmqHXGEbHDWGLxWcaUi4cwrPmoDN/G5M8vBJDF5w 1rh7bIkZy8m9GOjsdkW3IMKcVfVFVqTC1HxHV/DaGF+BSI3c2TMiI50FRmL0H7dp Ogqi74QACIKSMQep3xFIyoareDQR3x+AKu6zAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUSPbxRfVqJDl+tzQOS4aeBemE8vYwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvU1BieFJmVnFKRGwt dHpRT1M0YWVCZW1FOHZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdP5DANBgkqhkiG9w0BAQsFAAOCAQEAo4gcZ8hUI95QCdUjvTYzSosFANnp LOFCLIrJ0TskWthaO4vt2MqUXHCRfbMGtl7COqDLMTIPiKYKjeADteoOYucLBwSd iqDjZu5fVtnSnIJkWof7qywldpooKrg/mEkNnMKrWEH2+kc57a0JHRVBzZCbg38w vN0bvxW/oDWcDSoSNBNO429bQyz/KxLpo4HCQqY80coWNljF759UW6+FMQjV/6MF UH5ohgbr5QCOeX6EJzMy8qelTrNTKyQKExDmZ9amSUP8lT05AgQTEc/XhOqMT+GA bqyx+uXzJXCDY2mjZrvzWysLwvPxRRByXYsRh6DZrvwPL5LemOvGV2RsLw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:34:30 2025 by rpki-client