$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/2gr9iEpjymBLWuHiBLuFqrY5drE.roa File: 2gr9iEpjymBLWuHiBLuFqrY5drE.roa (raw, json) Hash identifier: uBsxH3SgFEJ6u8lAjuj1mME0i6EM+ZnAoh+x4ca3R7Y= Subject key identifier: DA:0A:FD:88:4A:63:CA:60:4B:5A:E1:E2:04:BB:85:AA:B6:39:76:B1 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1113 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/2gr9iEpjymBLWuHiBLuFqrY5drE.roa Signing time: Tue 18 Mar 2025 10:09:59 +0000 ROA not before: Tue 18 Mar 2025 10:09:59 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 101.232.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4371 (0x1113) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Mar 18 10:09:59 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=DA0AFD884A63CA604B5AE1E204BB85AAB63976B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:c4:42:a3:b7:f2:7b:8b:72:20:09:ef:5e:4d: c2:3d:53:11:c0:52:1d:72:9e:c2:2c:70:62:e3:ed: 23:ab:91:c9:e2:e9:9e:90:c6:8a:e6:33:e0:2d:73: 51:05:86:ba:fb:4b:ed:f5:0a:72:ea:24:77:7d:f6: ef:b8:ed:5e:c1:f7:3f:e2:3a:c9:99:cd:bf:73:9a: f6:0a:7f:f8:11:8a:f2:4e:45:ef:6f:c0:4c:fa:e2: ae:1b:84:09:e5:bb:95:4b:62:7b:8e:75:e8:cc:ba: cd:c4:0f:c8:62:d0:b5:9b:19:a1:e6:35:61:98:cd: 3b:b8:02:74:5b:51:93:5a:d6:bd:02:83:dc:7b:1f: 76:a1:a6:4c:f1:68:c1:e9:ba:a3:75:d2:38:c3:f0: 9d:c6:af:d3:d6:41:15:ca:21:16:f4:3a:65:04:97: 89:60:26:35:9e:a6:d5:d6:d1:5a:1f:10:ee:8a:d0: 07:35:f0:c6:fe:d2:d8:21:58:ef:54:17:af:1f:ae: bf:8b:bf:d3:c6:5b:34:d2:a8:c5:7a:3d:ef:a6:6e: 98:ac:45:28:12:c2:dd:59:ff:7f:91:d2:12:a8:16: 9f:3d:1b:f1:25:b8:9e:bd:62:2f:90:ce:9a:35:2c: 69:60:8a:28:35:4e:cd:66:9a:2c:dc:24:b0:29:ca: 93:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:0A:FD:88:4A:63:CA:60:4B:5A:E1:E2:04:BB:85:AA:B6:39:76:B1 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/2gr9iEpjymBLWuHiBLuFqrY5drE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.40.0/22 Signature Algorithm: sha256WithRSAEncryption dd:0c:f5:40:07:05:20:ca:c3:3e:14:5e:95:0f:35:18:9d:2e: 8f:00:70:c3:0c:f5:ad:3b:ec:15:56:cc:a3:3f:a6:28:bf:bd: c5:7f:50:0f:c6:49:58:06:06:19:01:e9:f5:ea:ed:b4:49:a4: 5f:e5:78:49:8c:0e:19:03:6b:9e:a2:3c:15:76:b7:fd:1b:a3: f8:15:bd:51:33:36:15:8a:2e:a7:50:99:8e:73:93:c8:8c:a4: 9c:8b:f8:8a:28:d4:84:4d:91:83:72:a5:a7:5b:ad:cc:ac:b5: 1a:fb:1a:dd:83:ce:4b:c4:d2:4e:6c:4f:41:b7:c0:6a:32:4d: 8a:ab:f8:54:2b:16:a4:8c:6a:42:76:d2:9e:78:c8:23:ed:b9: be:ff:aa:49:01:43:9a:68:56:b1:ed:49:5b:80:e0:19:d6:eb: ce:39:d3:c6:5e:2c:72:2c:89:20:be:16:fb:a8:91:e5:5e:6a: f1:a0:64:85:02:9e:5c:75:4f:fa:9b:66:f9:fc:5a:fe:6e:b7: 08:bd:d6:52:26:e8:2a:a3:59:8a:34:44:67:5b:aa:45:9a:13: fc:a9:28:17:5c:99:c8:30:b9:9a:8b:d3:55:c1:8a:94:fc:06: 84:53:6c:3a:d6:6a:c5:d0:39:86:fc:bf:68:c5:6e:d7:db:ba: 60:df:17:fb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICERMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAzMTgx MDA5NTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKERBMEFGRDg4NEE2M0NB NjA0QjVBRTFFMjA0QkI4NUFBQjYzOTc2QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRxEKjt/J7i3IgCe9eTcI9UxHAUh1ynsIscGLj7SOrkcni6Z6Q xormM+Atc1EFhrr7S+31CnLqJHd99u+47V7B9z/iOsmZzb9zmvYKf/gRivJORe9v wEz64q4bhAnlu5VLYnuOdejMus3ED8hi0LWbGaHmNWGYzTu4AnRbUZNa1r0Cg9x7 H3ahpkzxaMHpuqN10jjD8J3Gr9PWQRXKIRb0OmUEl4lgJjWeptXW0VofEO6K0Ac1 8Mb+0tghWO9UF68frr+Lv9PGWzTSqMV6Pe+mbpisRSgSwt1Z/3+R0hKoFp89G/El uJ69Yi+Qzpo1LGlgiig1Ts1mmizcJLApypPjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU2gr9iEpjymBLWuHiBLuFqrY5drEwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzJncjlpRXBqeW1CTFd1 SGlCTHVGcXJZNWRyRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6CgwDQYJKoZIhvcNAQELBQADggEBAN0M9UAHBSDKwz4UXpUPNRidLo8AcMMM 9a077BVWzKM/pii/vcV/UA/GSVgGBhkB6fXq7bRJpF/leEmMDhkDa56iPBV2t/0b o/gVvVEzNhWKLqdQmY5zk8iMpJyL+Ioo1IRNkYNypadbrcystRr7Gt2DzkvE0k5s T0G3wGoyTYqr+FQrFqSMakJ20p54yCPtub7/qkkBQ5poVrHtSVuA4BnW684508Ze LHIsiSC+FvuokeVeavGgZIUCnlx1T/qbZvn8Wv5utwi91lIm6CqjWYo0RGdbqkWa E/ypKBdcmcgwuZqL01XBipT8BoRTbDrWasXQOYb8v2jFbtfbumDfF/s= -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:49 2025 by rpki-client