$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/40/MCB3KJEpS5d2tI9HESY2f6-mB5Q.roa File: MCB3KJEpS5d2tI9HESY2f6-mB5Q.roa (raw, json) Hash identifier: CvO0rxwQJpDF21wFHuLQBCHhxxdUOE1ZFTZaucA3ZlQ= Subject key identifier: 30:20:77:28:91:29:4B:97:76:B4:8F:47:11:26:36:7F:AF:A6:07:94 Certificate issuer: /CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847 Certificate serial: 184C Authority key identifier: AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/MCB3KJEpS5d2tI9HESY2f6-mB5Q.roa Signing time: Fri 17 Jan 2025 01:30:00 +0000 ROA not before: Fri 17 Jan 2025 01:30:00 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 17429 IP address blocks: 43.247.236.0/22 maxlen: 24 103.238.48.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6220 (0x184c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=AECCCCB79DFE6C466CCADB39896710ECAC37B847 Validity Not Before: Jan 17 01:30:00 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3020772891294B9776B48F471126367FAFA60794 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6f:7f:44:4f:3d:52:87:27:2d:d8:17:7c:f6: 56:f4:9f:90:5f:ed:1d:60:48:dd:c1:46:58:7c:de: 6e:7e:3d:8e:59:82:76:ec:1c:c9:c6:1a:d3:b4:b8: 3b:1b:f4:91:4a:3b:bc:f9:b4:46:5c:ca:fc:ad:96: 31:f4:05:6f:ee:ae:89:bc:dc:e9:1d:e3:9c:78:bf: ac:fe:c9:01:0e:4a:ac:a2:47:c8:58:79:46:41:8f: cb:ba:79:eb:e9:a6:e4:af:92:3f:29:3b:ee:c4:2a: 79:af:2d:30:ef:b2:71:34:a5:d2:e8:c9:e4:6b:3f: f7:c3:2d:7e:2f:1b:91:19:07:1b:24:8f:48:e3:22: 42:7c:b9:f7:16:49:e1:5a:00:ed:b2:eb:81:6b:6e: e7:fa:45:19:1d:17:d7:c8:df:3e:51:be:4e:ab:c2: bf:57:a8:3f:3f:c5:34:e5:98:07:73:b7:94:27:83: 80:2f:8d:da:c7:2c:16:02:b6:cf:8c:16:8a:1e:91: 07:eb:1b:50:0f:f3:2f:bf:59:9c:95:09:bf:bd:c4: fe:cc:98:9d:94:7f:86:56:a2:48:87:03:f1:21:da: 25:5a:41:08:7e:00:cd:e6:d2:e6:d1:8b:ba:dc:10: 9d:af:c6:0b:d4:62:dd:70:7b:de:e2:21:e9:a1:02: 2f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:20:77:28:91:29:4B:97:76:B4:8F:47:11:26:36:7F:AF:A6:07:94 X509v3 Authority Key Identifier: keyid:AE:CC:CC:B7:9D:FE:6C:46:6C:CA:DB:39:89:67:10:EC:AC:37:B8:47 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/rszMt53-bEZsyts5iWcQ7Kw3uEc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rszMt53-bEZsyts5iWcQ7Kw3uEc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/40/MCB3KJEpS5d2tI9HESY2f6-mB5Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.247.236.0/22 103.238.48.0/22 Signature Algorithm: sha256WithRSAEncryption 2a:f5:d2:49:d5:df:b8:f5:8d:03:34:22:f7:1b:99:6e:d5:d2: fa:02:06:9a:91:4e:8d:31:30:73:38:3f:ef:f2:73:f9:00:2b: 85:75:03:62:af:7d:68:2b:ac:37:ec:87:ac:8f:4d:bd:1c:91: 32:0e:b9:02:48:b9:bf:66:08:14:64:aa:c2:bc:d2:1d:c2:0a: 2e:eb:fb:ea:f5:be:c2:11:a1:1e:bd:26:5b:4d:1c:7b:20:be: 12:95:00:63:b1:af:25:11:82:44:9a:65:8d:03:3e:fe:2d:6e: 52:e3:23:90:01:97:bd:74:32:0c:ac:4e:14:b4:cc:ce:38:98: 36:83:de:4b:a7:f8:90:c4:d2:99:4a:7c:53:9a:eb:0c:dd:91: 1d:32:9c:7f:20:62:eb:ef:94:8f:45:95:9a:8f:16:d1:79:d8: 53:4b:56:44:b0:51:32:d7:b9:da:d7:55:2a:a9:3b:15:d0:12: 3d:ee:72:75:c0:86:a8:cc:19:c6:43:76:05:93:8d:f3:93:f0: 31:9f:c5:ea:b2:3c:7f:e8:6f:1d:c1:5e:f4:97:33:e7:43:85: f8:db:b7:f5:f3:bb:d9:35:25:ca:e4:a0:a7:41:d8:76:71:69: af:ab:93:3f:28:de:9c:d1:73:ba:6a:ca:dd:3b:2b:1e:f1:c3: ab:36:a3:f1 -----BEGIN CERTIFICATE----- MIIE2TCCA8GgAwIBAgICGEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUVD Q0NDQjc5REZFNkM0NjZDQ0FEQjM5ODk2NzEwRUNBQzM3Qjg0NzAeFw0yNTAxMTcw MTMwMDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMwMjA3NzI4OTEyOTRC OTc3NkI0OEY0NzExMjYzNjdGQUZBNjA3OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBb39ETz1Shyct2Bd89lb0n5Bf7R1gSN3BRlh83m5+PY5Zgnbs HMnGGtO0uDsb9JFKO7z5tEZcyvytljH0BW/urom83Okd45x4v6z+yQEOSqyiR8hY eUZBj8u6eevppuSvkj8pO+7EKnmvLTDvsnE0pdLoyeRrP/fDLX4vG5EZBxskj0jj IkJ8ufcWSeFaAO2y64Frbuf6RRkdF9fI3z5Rvk6rwr9XqD8/xTTlmAdzt5Qng4Av jdrHLBYCts+MFooekQfrG1AP8y+/WZyVCb+9xP7MmJ2Uf4ZWokiHA/Eh2iVaQQh+ AM3m0ubRi7rcEJ2vxgvUYt1we97iIemhAi9LAgMBAAGjggH1MIIB8TAdBgNVHQ4E FgQUMCB3KJEpS5d2tI9HESY2f6+mB5QwHwYDVR0jBBgwFoAUrszMt53+bEZsyts5 iWcQ7Kw3uEcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDAv cnN6TXQ1My1iRVpzeXRzNWlXY1E3S3czdUVjLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9yc3pNdDUzLWJFWnN5dHM1aVdjUTdLdzN1RWMuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC80MC9NQ0IzS0pFcFM1ZDJ0STlI RVNZMmY2LW1CNVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC K/fsAwQCZ+4wMA0GCSqGSIb3DQEBCwUAA4IBAQAq9dJJ1d+49Y0DNCL3G5lu1dL6 AgaakU6NMTBzOD/v8nP5ACuFdQNir31oK6w37Iesj029HJEyDrkCSLm/ZggUZKrC vNIdwgou6/vq9b7CEaEevSZbTRx7IL4SlQBjsa8lEYJEmmWNAz7+LW5S4yOQAZe9 dDIMrE4UtMzOOJg2g95Lp/iQxNKZSnxTmusM3ZEdMpx/IGLr75SPRZWajxbRedhT S1ZEsFEy17na11UqqTsV0BI97nJ1wIaozBnGQ3YFk43zk/Axn8Xqsjx/6G8dwV70 lzPnQ4X427f187vZNSXK5KCnQdh2cWmvq5M/KN6c0XO6asrdOyse8cOrNqPx -----END CERTIFICATE-----Generated at Fri Apr 4 22:07:01 2025 by rpki-client