$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/0IdOovEogeMQjcOP3UX0-L056E8.roa File: 0IdOovEogeMQjcOP3UX0-L056E8.roa (raw, json) Hash identifier: 6Bf61QUfCLrss2/t/oBjp5BGfqMVKWnsGisJv/cXugY= Subject key identifier: D0:87:4E:A2:F1:28:81:E3:10:8D:C3:8F:DD:45:F4:F8:BD:39:E8:4F Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 10E1 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/0IdOovEogeMQjcOP3UX0-L056E8.roa Signing time: Sun 09 Mar 2025 16:19:37 +0000 ROA not before: Sun 09 Mar 2025 16:19:37 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 101.232.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4321 (0x10e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Mar 9 16:19:37 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D0874EA2F12881E3108DC38FDD45F4F8BD39E84F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:75:cd:ce:79:43:b9:96:33:f3:4a:62:c2:52: 03:6b:74:b4:37:aa:90:16:0c:31:73:ae:5c:7e:e2: 1f:96:92:6f:f1:37:4a:db:f5:5f:78:55:eb:2a:d5: 99:3c:07:0e:22:c9:b1:67:8c:67:d7:36:dd:ee:31: ad:87:2e:03:94:bc:32:aa:87:6d:fe:3f:61:02:60: a6:3f:5a:a4:33:46:4d:1b:29:ef:1f:49:61:ab:d4: f3:cc:98:d1:0b:d9:42:d7:6b:84:45:a6:d0:db:bf: 48:cf:ab:cc:c9:7f:fc:f5:62:9b:78:6a:f7:55:1a: 4b:d2:04:35:3e:0f:fb:57:09:c4:32:43:b9:23:b5: 42:df:9d:44:76:46:46:20:ee:a9:cd:eb:a5:06:0c: e3:e1:68:1e:26:01:d8:b5:d2:2b:13:3d:75:a0:0c: 58:72:df:c5:c3:4e:94:51:c9:67:bd:1a:d8:50:81: bb:f1:79:eb:a7:8d:79:78:67:ae:a6:36:aa:b3:3e: a7:1e:ef:0f:7d:a0:5c:73:d5:3b:b7:1b:a3:3e:66: 08:5f:c1:38:a4:21:8e:82:3b:45:90:a3:ae:af:2b: 65:e1:50:89:6d:c8:cf:50:79:27:53:31:1e:d7:21: 16:10:b3:63:c6:1c:e7:16:8b:d1:18:99:5b:18:60: 14:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:87:4E:A2:F1:28:81:E3:10:8D:C3:8F:DD:45:F4:F8:BD:39:E8:4F X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/0IdOovEogeMQjcOP3UX0-L056E8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.28.0/22 Signature Algorithm: sha256WithRSAEncryption 0a:97:df:13:ef:96:47:ee:dd:90:4a:d1:a2:d5:64:55:d3:92: fb:e2:bd:c5:93:78:b0:df:b4:7a:60:1a:2c:3f:38:c4:b7:33: bf:ac:54:ee:4e:84:33:a5:28:ef:2f:a7:89:a8:45:a1:17:e6: 68:6e:32:5c:b6:49:f1:70:85:e1:e1:71:5e:30:02:ed:ce:db: 82:c9:e5:71:be:f5:11:6d:b5:c1:82:fd:60:ff:f5:c1:24:ad: 44:d5:9d:48:76:5e:fb:b6:a3:f3:e4:51:e1:b0:9c:02:31:ba: 31:06:ea:f2:87:c0:cf:97:7e:8a:d5:f5:1c:be:1b:c6:9f:69: 17:11:2d:fd:4b:ca:94:fe:3d:e9:62:da:89:85:b5:ce:0a:7b: 7c:ff:da:c3:22:4f:1a:b1:6b:aa:7e:2a:b8:2d:0b:38:f1:41: b3:91:77:bd:c8:5f:8c:e0:16:ac:15:f3:4f:7f:79:f8:2b:bb: bf:2f:73:35:4e:d6:57:12:10:14:14:22:80:a8:5e:2f:d9:17: a9:58:a6:eb:65:1c:10:eb:19:9c:28:49:cf:f5:7a:e4:c3:87: ef:b3:ee:07:17:ec:1a:d5:84:6d:d5:c0:68:e3:93:64:b1:87: 77:c1:5d:21:77:d3:c8:c5:b2:7e:1f:a6:e2:81:f7:d2:38:48: 90:bd:29:20 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAzMDkx NjE5MzdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQwODc0RUEyRjEyODgx RTMxMDhEQzM4RkRENDVGNEY4QkQzOUU4NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJdc3OeUO5ljPzSmLCUgNrdLQ3qpAWDDFzrlx+4h+Wkm/xN0rb 9V94Vesq1Zk8Bw4iybFnjGfXNt3uMa2HLgOUvDKqh23+P2ECYKY/WqQzRk0bKe8f SWGr1PPMmNEL2ULXa4RFptDbv0jPq8zJf/z1Ypt4avdVGkvSBDU+D/tXCcQyQ7kj tULfnUR2RkYg7qnN66UGDOPhaB4mAdi10isTPXWgDFhy38XDTpRRyWe9GthQgbvx eeunjXl4Z66mNqqzPqce7w99oFxz1Tu3G6M+ZghfwTikIY6CO0WQo66vK2XhUIlt yM9QeSdTMR7XIRYQs2PGHOcWi9EYmVsYYBRpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU0IdOovEogeMQjcOP3UX0+L056E8wHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzBJZE9vdkVvZ2VNUWpj T1AzVVgwLUwwNTZFOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6BwwDQYJKoZIhvcNAQELBQADggEBAAqX3xPvlkfu3ZBK0aLVZFXTkvvivcWT eLDftHpgGiw/OMS3M7+sVO5OhDOlKO8vp4moRaEX5mhuMly2SfFwheHhcV4wAu3O 24LJ5XG+9RFttcGC/WD/9cEkrUTVnUh2Xvu2o/PkUeGwnAIxujEG6vKHwM+XforV 9Ry+G8afaRcRLf1LypT+Peli2omFtc4Ke3z/2sMiTxqxa6p+KrgtCzjxQbORd73I X4zgFqwV809/efgru78vczVO1lcSEBQUIoCoXi/ZF6lYputlHBDrGZwoSc/1euTD h++z7gcX7BrVhG3VwGjjk2Sxh3fBXSF308jFsn4fpuKB99I4SJC9KSA= -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:42 2025 by rpki-client