$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3262/pAdMn1MlkjJlCVSP2QmkkAwaBc8.roa File: pAdMn1MlkjJlCVSP2QmkkAwaBc8.roa (raw, json) Hash identifier: 1Ko/Sx6oQmP0Opi3hp+4gnvjm2R0mnMU8LAySvjv/+Y= Subject key identifier: A4:07:4C:9F:53:25:92:32:65:09:54:8F:D9:09:A4:90:0C:1A:05:CF Certificate issuer: /CN=9077E7B0AF580F78FE010699FA0DB8107E186F07 Certificate serial: 06D9 Authority key identifier: 90:77:E7:B0:AF:58:0F:78:FE:01:06:99:FA:0D:B8:10:7E:18:6F:07 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/pAdMn1MlkjJlCVSP2QmkkAwaBc8.roa Signing time: Fri 17 Jan 2025 01:23:50 +0000 ROA not before: Fri 17 Jan 2025 01:23:50 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 157.15.94.0/23 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1753 (0x6d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9077E7B0AF580F78FE010699FA0DB8107E186F07 Validity Not Before: Jan 17 01:23:50 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A4074C9F532592326509548FD909A4900C1A05CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:08:2a:8b:29:68:2d:d5:89:6e:02:24:82:35: 15:6b:9e:b4:39:15:e0:c7:d3:eb:9f:2d:ca:79:6d: 2f:02:36:5e:c4:bb:eb:a1:33:4e:fb:b7:59:6c:bb: 1b:fb:7e:a0:f1:d7:5b:07:7a:78:ab:89:21:86:7b: b6:b8:ae:aa:ff:da:04:94:d9:d2:01:0e:5a:df:ab: 5d:f2:8a:80:1d:2d:5b:a0:00:b4:cf:a2:f6:f3:c6: 00:2f:02:25:80:b6:5a:53:1c:45:17:96:e1:d3:42: c3:a6:d7:f3:e3:04:5d:4d:30:45:c0:ea:9d:b2:fe: 83:d9:06:c0:b5:91:24:f4:e5:90:65:ae:9c:b9:0b: d6:85:77:e3:00:96:06:0a:36:af:61:2d:7c:1c:51: 77:35:3a:f7:5c:f8:cb:7f:a6:1a:ca:0a:7f:b2:72: 28:07:a3:61:fd:ef:40:0d:db:ab:0d:eb:81:e4:d4: 6a:80:04:ca:99:2b:0f:e6:c0:47:c3:93:8e:e4:da: a6:16:8e:51:f9:bd:a2:62:15:57:cd:ff:ee:ce:01: f1:7a:d9:cc:10:c2:82:3d:5c:27:53:34:25:7e:b8: 7b:c2:1e:f3:a8:c2:c0:ca:b7:f1:52:75:a5:57:b2: 1a:28:96:a6:46:3a:f7:55:b8:09:e8:bd:fb:36:6e: d4:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:07:4C:9F:53:25:92:32:65:09:54:8F:D9:09:A4:90:0C:1A:05:CF X509v3 Authority Key Identifier: keyid:90:77:E7:B0:AF:58:0F:78:FE:01:06:99:FA:0D:B8:10:7E:18:6F:07 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kHfnsK9YD3j-AQaZ-g24EH4Ybwc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3262/pAdMn1MlkjJlCVSP2QmkkAwaBc8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.15.94.0/23 Signature Algorithm: sha256WithRSAEncryption 4b:26:c0:70:b3:56:8d:a4:66:77:56:28:45:97:eb:d3:fa:a7: 25:9a:3b:46:fe:12:20:72:b5:02:69:23:54:50:b0:2b:2c:f2: 03:79:1b:52:6c:65:cb:79:6e:f7:3e:bb:52:b1:e9:8d:82:9b: 67:57:dd:1c:bf:ce:2a:c4:83:f0:27:d2:e1:d3:14:cf:de:79: c7:d1:41:87:7d:ca:3c:57:5e:e4:08:3a:d4:ff:57:20:e0:13: 08:ef:da:ab:08:66:68:8d:46:ce:90:ec:6d:5d:68:5c:65:a8: 0e:ea:dc:92:2a:55:3e:e2:bc:22:d5:fa:21:dd:43:8f:41:8a: e4:38:d7:c2:a6:30:99:67:19:d2:11:56:fa:f8:11:04:f0:87: dd:11:ac:77:6f:3c:0c:e7:55:63:04:7e:ba:5b:5f:3e:93:1f: 96:ff:ff:50:23:0e:60:95:5e:c1:0d:e0:5f:d9:97:97:53:51: f3:f8:d4:bf:92:9b:f8:61:5e:e8:c6:d5:49:74:d9:95:7b:06: a7:61:39:36:a3:8b:7f:02:aa:03:80:68:b5:8e:1d:0e:20:fc: 8a:8f:69:23:51:cc:7f:8c:84:3e:ff:f6:49:a8:96:bf:c7:9a: ff:29:51:c0:b1:3a:f9:db:99:6c:d4:62:c8:60:f9:44:94:7c: c1:c3:e5:04 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBtkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTA3 N0U3QjBBRjU4MEY3OEZFMDEwNjk5RkEwREI4MTA3RTE4NkYwNzAeFw0yNTAxMTcw MTIzNTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE0MDc0QzlGNTMyNTky MzI2NTA5NTQ4RkQ5MDlBNDkwMEMxQTA1Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLCCqLKWgt1YluAiSCNRVrnrQ5FeDH0+ufLcp5bS8CNl7Eu+uh M077t1lsuxv7fqDx11sHeniriSGGe7a4rqr/2gSU2dIBDlrfq13yioAdLVugALTP ovbzxgAvAiWAtlpTHEUXluHTQsOm1/PjBF1NMEXA6p2y/oPZBsC1kST05ZBlrpy5 C9aFd+MAlgYKNq9hLXwcUXc1Ovdc+Mt/phrKCn+ycigHo2H970AN26sN64Hk1GqA BMqZKw/mwEfDk47k2qYWjlH5vaJiFVfN/+7OAfF62cwQwoI9XCdTNCV+uHvCHvOo wsDKt/FSdaVXshoolqZGOvdVuAnovfs2btRPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUpAdMn1MlkjJlCVSP2QmkkAwaBc8wHwYDVR0jBBgwFoAUkHfnsK9YD3j+AQaZ +g24EH4YbwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 Mi9rSGZuc0s5WUQzai1BUWFaLWcyNEVINFlid2MuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tIZm5zSzlZRDNqLUFRYVotZzI0RUg0WWJ3Yy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjIvcEFkTW4xTWxrakps Q1ZTUDJRbWtrQXdhQmM4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ0PXjANBgkqhkiG9w0BAQsFAAOCAQEASybAcLNWjaRmd1YoRZfr0/qnJZo7 Rv4SIHK1AmkjVFCwKyzyA3kbUmxly3lu9z67UrHpjYKbZ1fdHL/OKsSD8CfS4dMU z955x9FBh33KPFde5Ag61P9XIOATCO/aqwhmaI1GzpDsbV1oXGWoDurckipVPuK8 ItX6Id1Dj0GK5DjXwqYwmWcZ0hFW+vgRBPCH3RGsd288DOdVYwR+ultfPpMflv// UCMOYJVewQ3gX9mXl1NR8/jUv5Kb+GFe6MbVSXTZlXsGp2E5NqOLfwKqA4BotY4d DiD8io9pI1HMf4yEPv/2SaiWv8ea/ylRwLE6+duZbNRiyGD5RJR8wcPlBA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:06 2025 by rpki-client