$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/ctezbMQLxP8Ykqi0UusJ9kXRp0k.roa File: ctezbMQLxP8Ykqi0UusJ9kXRp0k.roa (raw, json) Hash identifier: qmGjFwU1FD4xG4EaFpCqvHDShMmhH7y5AEXm712oYWo= Subject key identifier: 72:D7:B3:6C:C4:0B:C4:FF:18:92:A8:B4:52:EB:09:F6:45:D1:A7:49 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1449 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/ctezbMQLxP8Ykqi0UusJ9kXRp0k.roa Signing time: Tue 27 May 2025 00:18:51 +0000 ROA not before: Tue 27 May 2025 00:18:51 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 211392 IP address blocks: 103.79.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:11:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5193 (0x1449) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: May 27 00:18:51 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=72D7B36CC40BC4FF1892A8B452EB09F645D1A749 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:d2:18:c5:45:17:d0:dd:81:77:2a:3c:f5:b7: 3a:81:54:16:38:a1:62:d0:08:f8:ae:47:cd:d6:0e: 04:e0:91:28:44:4e:9b:7d:01:29:13:7c:23:01:d3: 01:18:3c:f9:64:9b:94:32:ad:93:74:48:56:10:5d: 3b:83:18:03:27:aa:6f:d8:ed:98:cc:6a:b1:f0:5c: 60:ed:e3:28:58:c7:27:84:20:f2:8e:79:f6:ef:bf: 5e:31:da:79:cc:89:e2:8a:2c:a2:3b:4b:86:f3:3e: d3:1b:98:09:dc:27:66:77:da:56:1b:d5:c5:38:15: c2:4a:fc:6a:82:a4:88:4d:dc:f3:70:ad:10:e4:ee: d2:64:ae:72:36:0c:cf:41:e9:33:78:8f:4e:6d:48: 96:10:b5:d6:cc:b4:a7:af:83:4a:15:fc:dc:89:94: d2:d1:74:c2:8e:71:40:46:d4:aa:50:22:00:4f:6c: d1:e7:bf:16:1a:72:f5:c4:7d:b6:6a:ea:5a:eb:d4: d6:2e:86:f8:94:74:28:b3:47:03:d1:90:33:b0:ec: ee:04:73:df:2b:f2:a8:8f:bd:a8:33:5b:ff:5c:ca: 37:41:b1:fc:b2:e9:aa:b9:b4:90:1d:e1:11:07:16: ec:76:5d:75:69:fd:d0:f8:41:06:d0:3a:86:a2:87: 48:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:D7:B3:6C:C4:0B:C4:FF:18:92:A8:B4:52:EB:09:F6:45:D1:A7:49 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/ctezbMQLxP8Ykqi0UusJ9kXRp0k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.228.0/24 Signature Algorithm: sha256WithRSAEncryption 86:57:96:f3:88:9d:06:d1:c4:4b:3a:5d:1e:3c:f3:2a:cf:ff: 7c:67:72:f3:0a:cc:d2:00:94:72:32:6f:2b:ab:8b:60:86:83: da:b1:16:c0:cb:b2:6a:a3:3b:0c:72:c3:3d:a0:87:ed:5a:08: 31:25:a9:65:74:9b:79:11:c6:92:86:16:d1:b3:88:7a:ca:e0: 98:3e:e5:af:e0:37:9f:6a:5b:cd:52:a1:39:4b:e7:17:35:72: a8:3e:ac:35:06:03:16:64:5f:76:f4:84:4a:d2:7b:11:42:48: d9:b3:7f:31:89:27:d2:41:4f:aa:41:65:bc:67:47:98:ea:47: 44:df:e9:d5:e5:3f:46:4d:a4:96:65:eb:74:6c:af:f0:a7:d7: bc:81:7f:ea:07:81:c3:42:bb:ec:9c:01:52:b7:15:3f:1b:53: b1:36:0c:de:68:d5:6c:ba:54:d9:5c:18:fa:31:b9:89:36:6b: 3d:8a:cb:fa:ef:31:3b:13:10:cf:25:bb:3c:e3:97:25:b7:35: 5a:59:45:0c:b3:0b:62:29:c1:6e:6e:36:dc:fa:d3:38:2c:4c: 00:42:ba:0b:ed:aa:24:98:cb:60:e2:c2:ff:cf:77:65:77:73: 37:29:36:42:c7:32:d7:27:8b:25:11:b1:41:d6:17:47:e0:80: 39:cb:90:67 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA1Mjcw MDE4NTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDcyRDdCMzZDQzQwQkM0 RkYxODkyQThCNDUyRUIwOUY2NDVEMUE3NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCs0hjFRRfQ3YF3Kjz1tzqBVBY4oWLQCPiuR83WDgTgkShETpt9 ASkTfCMB0wEYPPlkm5QyrZN0SFYQXTuDGAMnqm/Y7ZjMarHwXGDt4yhYxyeEIPKO efbvv14x2nnMieKKLKI7S4bzPtMbmAncJ2Z32lYb1cU4FcJK/GqCpIhN3PNwrRDk 7tJkrnI2DM9B6TN4j05tSJYQtdbMtKevg0oV/NyJlNLRdMKOcUBG1KpQIgBPbNHn vxYacvXEfbZq6lrr1NYuhviUdCizRwPRkDOw7O4Ec98r8qiPvagzW/9cyjdBsfyy 6aq5tJAd4REHFux2XXVp/dD4QQbQOoaih0jJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUctezbMQLxP8Ykqi0UusJ9kXRp0kwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvY3RlemJNUUx4UDhZ a3FpMFV1c0o5a1hScDBrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdP5DANBgkqhkiG9w0BAQsFAAOCAQEAhleW84idBtHESzpdHjzzKs//fGdy 8wrM0gCUcjJvK6uLYIaD2rEWwMuyaqM7DHLDPaCH7VoIMSWpZXSbeRHGkoYW0bOI esrgmD7lr+A3n2pbzVKhOUvnFzVyqD6sNQYDFmRfdvSEStJ7EUJI2bN/MYkn0kFP qkFlvGdHmOpHRN/p1eU/Rk2klmXrdGyv8KfXvIF/6geBw0K77JwBUrcVPxtTsTYM 3mjVbLpU2VwY+jG5iTZrPYrL+u8xOxMQzyW7POOXJbc1WllFDLMLYinBbm423PrT OCxMAEK6C+2qJJjLYOLC/893ZXdzNyk2Qscy1yeLJRGxQdYXR+CAOcuQZw== -----END CERTIFICATE-----Generated at Wed Jun 4 01:18:12 2025 by rpki-client