$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/8Dv9tIjHUeEyd5PhI_x6MsX-KoM.roa File: 8Dv9tIjHUeEyd5PhI_x6MsX-KoM.roa (raw, json) Hash identifier: 1wq/vqQ1mGi5HUZavgO0s+zg0jckGkPLPeQMtx0HxeQ= Subject key identifier: F0:3B:FD:B4:88:C7:51:E1:32:77:93:E1:23:FC:7A:32:C5:FE:2A:83 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 0FAF Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/8Dv9tIjHUeEyd5PhI_x6MsX-KoM.roa Signing time: Fri 17 Jan 2025 01:27:52 +0000 ROA not before: Fri 17 Jan 2025 01:27:52 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 119.59.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4015 (0xfaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Jan 17 01:27:52 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=F03BFDB488C751E1327793E123FC7A32C5FE2A83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b4:f2:4e:29:81:fc:c1:6c:ce:12:32:c9:8c: 3a:22:a5:82:6e:d3:72:70:64:cf:ae:10:5e:a7:82: 95:7d:c3:4f:69:04:b1:3a:bf:46:82:f3:89:ae:67: 33:9e:0f:16:68:f4:49:79:4f:a7:5c:f1:31:07:5a: a6:b6:41:c1:ec:75:e4:e5:b7:db:2d:13:bc:e0:aa: bd:60:80:17:cc:10:2b:64:3c:aa:78:e8:7a:fa:d5: c9:02:f1:ac:18:65:ca:05:6e:0f:28:13:d1:d1:78: 9d:69:83:5c:ce:f3:39:64:94:59:a9:88:e2:73:90: 90:40:64:08:89:51:3f:b8:91:2d:21:40:bd:fe:dd: b8:0a:87:b1:54:89:bd:b7:e3:a7:75:f7:81:68:fe: eb:3a:28:80:f0:ef:c9:d5:88:26:8c:4c:c5:6a:df: a6:c1:d1:a4:a5:13:7d:45:7a:18:6d:33:97:23:aa: 31:db:93:be:4c:da:cf:b4:27:38:2e:cf:f0:87:c9: 38:47:68:6c:9e:36:fd:6c:3b:8e:02:8e:9f:0d:df: bf:36:eb:19:42:9a:7e:41:98:18:24:0e:c6:cc:7c: ad:7e:c3:10:28:8a:6d:44:37:1f:71:8a:3c:b9:81: 82:75:d7:48:c6:fa:c1:ed:79:9b:28:ff:28:82:77: 7c:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:3B:FD:B4:88:C7:51:E1:32:77:93:E1:23:FC:7A:32:C5:FE:2A:83 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/8Dv9tIjHUeEyd5PhI_x6MsX-KoM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.59.196.0/22 Signature Algorithm: sha256WithRSAEncryption 2c:72:00:da:41:22:3d:6c:e6:5b:ad:9e:7e:9c:de:a9:b8:75: f9:9c:19:b7:15:2d:1b:b6:1e:06:b4:02:d6:00:83:c0:48:9c: d3:46:e0:24:7f:60:03:03:01:60:cc:7d:c8:20:34:ed:0e:31: 0e:54:5a:b4:c9:32:eb:45:f9:57:2d:05:44:51:53:29:e6:0d: 13:1e:f7:76:68:7c:88:93:ac:26:7f:cd:a1:0c:3f:af:d6:e0: de:ca:8c:b1:70:33:af:65:c1:b7:4a:93:67:91:12:22:59:ee: df:3d:36:d1:11:c7:e3:1a:7d:b9:6e:98:e6:8d:5f:f8:5a:73: 10:df:a6:ea:a2:5d:96:cf:47:32:5c:63:f6:3a:0d:84:1c:48: a7:26:11:db:4f:90:d6:70:48:97:88:c1:5d:77:ab:f9:4b:c1: 72:9b:1c:2a:f9:83:3f:0a:09:31:21:41:d9:f2:b4:2b:e2:ee: 11:9c:2f:a7:a9:11:64:de:ed:fd:33:5d:81:fc:d4:01:c1:01: f1:01:cf:5e:92:77:0f:a2:42:37:b0:df:ca:10:1a:6e:27:d1: 03:2f:30:63:ac:a9:fa:32:52:3f:05:f0:d9:10:82:67:80:eb: 8f:73:7c:05:49:54:41:ec:e2:24:70:6f:00:f0:28:e2:cf:1f: 69:32:54:76 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICD68wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAxMTcw MTI3NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEYwM0JGREI0ODhDNzUx RTEzMjc3OTNFMTIzRkM3QTMyQzVGRTJBODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6tPJOKYH8wWzOEjLJjDoipYJu03JwZM+uEF6ngpV9w09pBLE6 v0aC84muZzOeDxZo9El5T6dc8TEHWqa2QcHsdeTlt9stE7zgqr1ggBfMECtkPKp4 6Hr61ckC8awYZcoFbg8oE9HReJ1pg1zO8zlklFmpiOJzkJBAZAiJUT+4kS0hQL3+ 3bgKh7FUib2346d194Fo/us6KIDw78nViCaMTMVq36bB0aSlE31FehhtM5cjqjHb k75M2s+0Jzguz/CHyThHaGyeNv1sO44Cjp8N37826xlCmn5BmBgkDsbMfK1+wxAo im1ENx9xijy5gYJ110jG+sHteZso/yiCd3zjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU8Dv9tIjHUeEyd5PhI/x6MsX+KoMwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzLzhEdjl0SWpIVWVFeWQ1 UGhJX3g2TXNYLUtvTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJ3O8QwDQYJKoZIhvcNAQELBQADggEBACxyANpBIj1s5lutnn6c3qm4dfmcGbcV LRu2Hga0AtYAg8BInNNG4CR/YAMDAWDMfcggNO0OMQ5UWrTJMutF+VctBURRUynm DRMe93ZofIiTrCZ/zaEMP6/W4N7KjLFwM69lwbdKk2eREiJZ7t89NtERx+Mafblu mOaNX/hacxDfpuqiXZbPRzJcY/Y6DYQcSKcmEdtPkNZwSJeIwV13q/lLwXKbHCr5 gz8KCTEhQdnytCvi7hGcL6epEWTe7f0zXYH81AHBAfEBz16Sdw+iQjew38oQGm4n 0QMvMGOsqfoyUj8F8NkQgmeA649zfAVJVEHs4iRwbwDwKOLPH2kyVHY= -----END CERTIFICATE-----Generated at Fri Apr 4 18:46:09 2025 by rpki-client