$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/SGpuOxsalusTzpYR3fphfkpzMVY.roa File: SGpuOxsalusTzpYR3fphfkpzMVY.roa (raw, json) Hash identifier: YMN9QVglyHTZ+uAe4m7iUyKbPe/xcnJgsyMEy+dbYZI= Subject key identifier: 48:6A:6E:3B:1B:1A:96:EB:13:CE:96:11:DD:FA:61:7E:4A:73:31:56 Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Certificate serial: 070D Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/SGpuOxsalusTzpYR3fphfkpzMVY.roa Signing time: Fri 17 Jan 2025 01:27:33 +0000 ROA not before: Fri 17 Jan 2025 01:27:33 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 21859 IP address blocks: 157.10.220.0/24 maxlen: 32 157.10.221.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:10:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1805 (0x70d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Validity Not Before: Jan 17 01:27:33 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=486A6E3B1B1A96EB13CE9611DDFA617E4A733156 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:56:2b:99:69:06:2c:dd:33:71:16:39:6b:a6: 48:42:9d:3b:2d:03:5b:06:2a:ce:29:2e:b8:cb:ff: bd:10:51:bd:c9:23:4b:d8:58:f7:df:4b:8e:77:50: c9:58:8c:0b:1e:1d:cd:ae:01:21:6c:43:0f:47:ea: 8b:70:ee:ba:bb:26:06:17:bf:cd:93:a4:d2:20:c9: 1e:92:50:04:a3:dc:43:eb:0e:79:f7:d2:83:c2:ae: 80:e8:c9:f2:b1:7c:0c:7b:df:83:59:97:fe:92:f9: 2b:13:0d:4b:99:c7:7d:61:ae:cc:51:e1:91:95:10: 45:94:fd:48:cf:c9:ec:51:c5:cf:76:be:eb:2f:c2: c8:03:f9:00:2a:d1:23:dd:13:b3:a7:6a:3b:46:31: 3a:14:17:b1:99:60:57:2d:2a:48:b4:5d:ba:cc:48: f0:b1:93:d3:af:b7:88:4a:d8:f9:8c:8f:b0:9d:54: 92:84:2c:00:21:df:73:34:a6:4a:6f:f2:80:63:59: e6:50:87:54:01:4f:57:d4:62:18:77:39:88:57:65: e2:6f:79:53:cb:13:02:39:b0:e2:e4:46:74:41:bf: bf:d8:c8:a1:40:57:15:3e:d4:1f:8b:ca:c4:10:0e: cb:33:7b:0e:9c:96:dd:1c:af:c3:f3:ef:ae:c2:10: 5d:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:6A:6E:3B:1B:1A:96:EB:13:CE:96:11:DD:FA:61:7E:4A:73:31:56 X509v3 Authority Key Identifier: keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/SGpuOxsalusTzpYR3fphfkpzMVY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.220.0/23 Signature Algorithm: sha256WithRSAEncryption 5f:a8:21:44:18:1b:aa:c5:a6:ea:ba:c0:62:c8:ff:fb:67:d2: be:d0:37:d3:b0:46:6a:02:07:b5:f6:4d:41:a4:b4:07:52:c8: 7f:22:1b:b9:a1:76:fe:9c:c3:32:10:0f:16:cf:0e:9d:5b:1c: cb:aa:1b:ca:12:0d:0b:a3:2d:27:4c:86:17:27:95:5d:2b:77: b8:b4:c1:d9:83:e1:20:ef:21:76:8f:01:5c:a3:96:79:82:f2: b5:d5:94:61:58:dd:9f:6d:ab:cd:67:b9:dc:f2:f6:25:14:9c: d5:56:17:3e:e4:13:83:88:69:63:74:c4:43:2e:3f:05:bb:f0: 9e:da:f1:b3:24:cb:0c:16:72:a3:5c:d5:82:5f:35:20:06:2d: ae:c7:26:fd:22:8c:29:dc:d8:45:9f:45:99:1d:e4:07:56:ae: 5b:9a:38:75:22:1a:32:43:3d:24:c1:45:ce:93:84:15:bf:4d: 84:f8:4b:b9:ae:68:ba:8e:d0:01:d9:e9:de:22:44:76:fc:c7: 6b:32:15:94:7b:6f:67:d5:6f:c0:e9:c9:cd:2b:5d:01:fa:6a: 26:8e:f7:6b:19:98:18:2c:e5:d2:6a:8c:b5:b1:5c:4b:43:ec: e7:b9:4d:1d:ef:d7:10:2b:c7:6e:1e:56:4d:1b:93:23:b7:95: 04:72:ac:6a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNTAxMTcw MTI3MzNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ4NkE2RTNCMUIxQTk2 RUIxM0NFOTYxMURERkE2MTdFNEE3MzMxNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkViuZaQYs3TNxFjlrpkhCnTstA1sGKs4pLrjL/70QUb3JI0vY WPffS453UMlYjAseHc2uASFsQw9H6otw7rq7JgYXv82TpNIgyR6SUASj3EPrDnn3 0oPCroDoyfKxfAx734NZl/6S+SsTDUuZx31hrsxR4ZGVEEWU/UjPyexRxc92vusv wsgD+QAq0SPdE7OnajtGMToUF7GZYFctKki0XbrMSPCxk9Ovt4hK2PmMj7CdVJKE LAAh33M0pkpv8oBjWeZQh1QBT1fUYhh3OYhXZeJveVPLEwI5sOLkRnRBv7/YyKFA VxU+1B+LysQQDsszew6clt0cr8Pz767CEF2zAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUSGpuOxsalusTzpYR3fphfkpzMVYwHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgvU0dwdU94c2FsdXNU enBZUjNmcGhma3B6TVZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ0K3DANBgkqhkiG9w0BAQsFAAOCAQEAX6ghRBgbqsWm6rrAYsj/+2fSvtA3 07BGagIHtfZNQaS0B1LIfyIbuaF2/pzDMhAPFs8OnVscy6obyhINC6MtJ0yGFyeV XSt3uLTB2YPhIO8hdo8BXKOWeYLytdWUYVjdn22rzWe53PL2JRSc1VYXPuQTg4hp Y3TEQy4/BbvwntrxsyTLDBZyo1zVgl81IAYtrscm/SKMKdzYRZ9FmR3kB1auW5o4 dSIaMkM9JMFFzpOEFb9NhPhLua5ouo7QAdnp3iJEdvzHazIVlHtvZ9VvwOnJzStd AfpqJo73axmYGCzl0mqMtbFcS0Ps57lNHe/XECvHbh5WTRuTI7eVBHKsag== -----END CERTIFICATE-----Generated at Fri Apr 4 18:46:02 2025 by rpki-client