$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/f_86r3mhQo4FIwhvOxaFBP8lRCM.roa File: f_86r3mhQo4FIwhvOxaFBP8lRCM.roa (raw, json) Hash identifier: dIhiVvOoXJKFM98+UYutMzUt/A8Mf0xha9hSgGrHSnQ= Subject key identifier: 7F:FF:3A:AF:79:A1:42:8E:05:23:08:6F:3B:16:85:04:FF:25:44:23 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1448 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/f_86r3mhQo4FIwhvOxaFBP8lRCM.roa Signing time: Tue 27 May 2025 00:18:51 +0000 ROA not before: Tue 27 May 2025 00:18:51 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 211392 IP address blocks: 103.79.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:11:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5192 (0x1448) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: May 27 00:18:51 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=7FFF3AAF79A1428E0523086F3B168504FF254423 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:4f:af:b0:95:30:8d:98:9e:b8:66:15:2c:61: 5c:8e:34:6d:31:a3:c0:8c:99:a4:80:c9:be:b8:25: 0d:bb:d5:16:5c:cc:5f:28:b7:e9:6a:da:11:2b:1e: 2f:31:28:86:eb:aa:85:49:31:8a:00:60:a2:43:11: 3a:63:29:af:3a:25:41:96:40:71:1a:60:00:c9:30: 64:bb:a9:33:91:b7:4c:5d:59:5e:3b:42:1f:d2:94: 2c:01:3d:73:0a:db:e1:82:06:3e:85:f2:b5:74:cf: ef:a6:cc:3d:53:9b:ff:a6:35:35:a1:7f:a4:ab:bb: f1:e2:27:54:bc:a1:2b:c8:96:d8:c1:57:44:fa:d7: aa:66:5c:eb:2c:aa:0c:a4:74:60:24:fa:0c:70:cd: a6:de:77:ef:ca:0d:4c:20:dc:a7:01:1b:fc:fa:b0: f4:b0:0e:b8:e8:4c:2f:56:ea:c0:a4:ec:e0:9c:b6: 8e:c6:2f:ff:ba:be:41:d1:e2:b5:2d:50:ba:14:da: cd:ab:c1:0b:52:2f:c8:dc:19:80:f4:64:94:80:29: 94:ac:7c:1e:35:0e:58:fc:86:f0:f7:d8:22:98:41: 0b:52:55:0c:21:48:a5:14:1a:96:75:dd:d0:37:dd: f1:78:dc:fb:37:d2:cd:20:4f:84:c6:a7:7f:ee:df: 47:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:FF:3A:AF:79:A1:42:8E:05:23:08:6F:3B:16:85:04:FF:25:44:23 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/f_86r3mhQo4FIwhvOxaFBP8lRCM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.229.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:b2:1b:af:cf:d9:dd:8f:65:8a:ab:c0:a5:00:48:26:56:88: 2f:8a:d5:fb:1e:88:eb:af:22:3a:e0:48:63:6d:36:62:cf:3f: 7c:ab:16:52:bf:6a:c4:37:22:74:3b:46:37:1d:eb:9c:59:f6: 2c:17:54:cc:ab:0c:78:4b:53:4f:d3:e7:f0:6a:c8:f0:10:09: 90:6f:78:f9:a9:e0:64:d6:5c:d2:3b:5d:15:45:b9:c8:01:8f: 1a:ec:0a:32:51:ef:8f:fb:9b:56:9f:25:aa:fe:ad:88:2a:45: e9:da:03:1c:42:5d:2e:71:66:df:0e:8b:ae:49:05:47:f8:93: f8:4f:54:89:d3:d0:8f:6f:c2:b2:d0:12:a2:eb:3f:6d:48:1b: 93:cd:17:35:9b:25:b0:61:8b:09:ac:84:f0:7f:4b:fc:52:b9: 66:46:cd:0a:e0:f2:f4:e4:88:cf:16:60:7f:51:9e:02:f6:09: 75:bb:01:0c:67:3a:c8:b7:9a:bd:fc:4a:fe:10:17:b6:14:e5: 3d:f6:68:29:a8:3b:31:c4:b3:f3:59:9a:46:a5:fd:ba:32:c2: 46:1e:bb:36:ba:d6:9b:0e:2c:63:59:20:45:8d:a4:91:70:68: e3:d7:de:23:16:1a:71:6b:88:04:4c:61:48:1f:2d:77:87:42: 7d:28:1f:64 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFEgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA1Mjcw MDE4NTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDdGRkYzQUFGNzlBMTQy OEUwNTIzMDg2RjNCMTY4NTA0RkYyNTQ0MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaT6+wlTCNmJ64ZhUsYVyONG0xo8CMmaSAyb64JQ271RZczF8o t+lq2hErHi8xKIbrqoVJMYoAYKJDETpjKa86JUGWQHEaYADJMGS7qTORt0xdWV47 Qh/SlCwBPXMK2+GCBj6F8rV0z++mzD1Tm/+mNTWhf6Sru/HiJ1S8oSvIltjBV0T6 16pmXOssqgykdGAk+gxwzabed+/KDUwg3KcBG/z6sPSwDrjoTC9W6sCk7OCcto7G L/+6vkHR4rUtULoU2s2rwQtSL8jcGYD0ZJSAKZSsfB41Dlj8hvD32CKYQQtSVQwh SKUUGpZ13dA33fF43Ps30s0gT4TGp3/u30cdAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUf/86r3mhQo4FIwhvOxaFBP8lRCMwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvZl84NnIzbWhRbzRG SXdodk94YUZCUDhsUkNNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdP5TANBgkqhkiG9w0BAQsFAAOCAQEAL7Ibr8/Z3Y9liqvApQBIJlaIL4rV +x6I668iOuBIY202Ys8/fKsWUr9qxDcidDtGNx3rnFn2LBdUzKsMeEtTT9Pn8GrI 8BAJkG94+angZNZc0jtdFUW5yAGPGuwKMlHvj/ubVp8lqv6tiCpF6doDHEJdLnFm 3w6LrkkFR/iT+E9UidPQj2/CstASous/bUgbk80XNZslsGGLCayE8H9L/FK5ZkbN CuDy9OSIzxZgf1GeAvYJdbsBDGc6yLeavfxK/hAXthTlPfZoKag7McSz81maRqX9 ujLCRh67NrrWmw4sY1kgRY2kkXBo49feIxYacWuIBExhSB8td4dCfSgfZA== -----END CERTIFICATE-----Generated at Wed Jun 4 01:07:56 2025 by rpki-client