$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/iek1MXEBlWdmapPhIY_db4hE_nw.roa File: iek1MXEBlWdmapPhIY_db4hE_nw.roa (raw, json) Hash identifier: T7/0qiWSi3qRHPuAOTmMfdsbThcG2N5WBZt8W2VUrcw= Subject key identifier: 89:E9:35:31:71:01:95:67:66:6A:93:E1:21:8F:DD:6F:88:44:FE:7C Certificate issuer: /CN=46F8343DCDAD3AAC408560492C21B59D762BC456 Certificate serial: 1BE4 Authority key identifier: 46:F8:34:3D:CD:AD:3A:AC:40:85:60:49:2C:21:B5:9D:76:2B:C4:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/iek1MXEBlWdmapPhIY_db4hE_nw.roa Signing time: Fri 17 Jan 2025 01:26:42 +0000 ROA not before: Fri 17 Jan 2025 01:26:42 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 56002 IP address blocks: 103.12.232.0/22 maxlen: 24 103.12.232.0/24 maxlen: 24 103.12.233.0/24 maxlen: 24 103.12.234.0/24 maxlen: 24 103.12.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7140 (0x1be4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46F8343DCDAD3AAC408560492C21B59D762BC456 Validity Not Before: Jan 17 01:26:42 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=89E9353171019567666A93E1218FDD6F8844FE7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ee:9a:5e:24:0d:82:8d:97:2c:ec:39:d1:b0: 04:ff:19:43:01:74:fd:c4:16:b9:2b:75:64:93:86: fe:21:fb:c0:de:fe:06:ee:87:ce:4b:ed:4d:11:bf: 3e:c6:fe:4e:d5:66:ad:3f:30:b9:4b:d5:a4:97:b5: e1:f4:73:a7:c6:2d:9d:4e:8d:78:4a:d2:ec:78:f1: 11:5f:e8:e5:e8:66:dc:0b:b9:51:16:04:f8:55:da: ef:5b:c3:85:0a:3b:a8:05:bc:4d:64:bf:73:68:a7: ce:c5:9b:52:5a:22:06:32:ec:c2:de:f7:7d:de:a0: a9:6a:6e:cc:d5:fc:3d:a1:2d:f9:97:a1:3b:84:5b: 58:75:78:90:b8:12:7a:cf:55:d7:f7:e0:40:bd:23: 34:21:66:10:54:72:f6:f2:34:56:69:1d:fc:0b:12: c0:09:72:78:62:ff:b3:49:e6:c4:f8:11:7c:fc:53: b3:c0:88:9c:a2:80:b4:91:6e:0e:d4:91:9a:20:3b: 22:62:85:db:2d:77:01:82:de:62:da:e1:d0:7c:ea: c2:1d:1c:c5:bd:86:ad:80:97:c1:c2:2a:ff:6f:9c: 4b:a3:69:48:5b:e3:17:3c:5d:34:29:2d:64:72:42: b4:58:bf:4c:25:40:96:cd:8a:d5:14:14:4e:a3:0a: b3:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E9:35:31:71:01:95:67:66:6A:93:E1:21:8F:DD:6F:88:44:FE:7C X509v3 Authority Key Identifier: keyid:46:F8:34:3D:CD:AD:3A:AC:40:85:60:49:2C:21:B5:9D:76:2B:C4:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rvg0Pc2tOqxAhWBJLCG1nXYrxFY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/iek1MXEBlWdmapPhIY_db4hE_nw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.12.232.0/22 Signature Algorithm: sha256WithRSAEncryption 90:86:36:bb:c5:6b:df:8d:5e:3e:c6:12:fc:9a:f6:c5:d5:35: ac:ef:de:0f:09:61:93:2e:1d:53:44:c2:4f:a2:0e:06:61:17: d9:4c:80:bf:19:c9:99:fd:6b:5a:64:bb:b9:4e:70:9b:7d:f2: bc:6c:0b:03:e5:1a:80:17:3c:0f:14:8a:7a:b5:4f:86:d2:81: e1:36:3e:ef:08:74:fc:a1:20:29:e7:20:ce:b1:b6:48:23:05: 2e:9d:2f:cc:6e:94:b4:3e:5e:ff:4a:fa:94:57:8b:38:04:1f: 1f:9c:3c:01:35:50:b7:52:c2:f0:df:a6:e2:e6:c0:9d:aa:91: dc:57:d0:e0:5e:b6:ad:76:f1:e9:d9:5c:2c:9b:3e:1f:25:c5: c4:f5:c4:bf:1c:27:ed:c8:6c:f7:5d:de:d1:11:cd:a4:d9:da: c9:19:85:34:c8:99:6c:ca:27:2e:76:cf:88:35:3d:66:9e:6e: 3f:53:c4:0e:0a:58:ec:54:b1:c2:6a:1b:15:45:80:81:56:2b: b0:dc:9d:ee:b9:ea:22:81:c3:23:bc:1c:64:ae:53:89:55:98: 54:09:c3:cc:07:30:9f:6a:2e:51:5d:9f:87:e4:aa:4e:10:81: b9:72:d1:c3:72:d6:8d:40:2a:03:41:64:54:11:09:f8:a0:de: db:59:07:a9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG+QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDZG ODM0M0RDREFEM0FBQzQwODU2MDQ5MkMyMUI1OUQ3NjJCQzQ1NjAeFw0yNTAxMTcw MTI2NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg5RTkzNTMxNzEwMTk1 Njc2NjZBOTNFMTIxOEZERDZGODg0NEZFN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC47ppeJA2CjZcs7DnRsAT/GUMBdP3EFrkrdWSThv4h+8De/gbu h85L7U0Rvz7G/k7VZq0/MLlL1aSXteH0c6fGLZ1OjXhK0ux48RFf6OXoZtwLuVEW BPhV2u9bw4UKO6gFvE1kv3Nop87Fm1JaIgYy7MLe933eoKlqbszV/D2hLfmXoTuE W1h1eJC4EnrPVdf34EC9IzQhZhBUcvbyNFZpHfwLEsAJcnhi/7NJ5sT4EXz8U7PA iJyigLSRbg7UkZogOyJihdstdwGC3mLa4dB86sIdHMW9hq2Al8HCKv9vnEujaUhb 4xc8XTQpLWRyQrRYv0wlQJbNitUUFE6jCrPLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUiek1MXEBlWdmapPhIY/db4hE/nwwHwYDVR0jBBgwFoAURvg0Pc2tOqxAhWBJ LCG1nXYrxFYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3 L1J2ZzBQYzJ0T3F4QWhXQkpMQ0cxblhZcnhGWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvUnZnMFBjMnRPcXhBaFdCSkxDRzFuWFlyeEZZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L2llazFNWEVCbFdkbWFw UGhJWV9kYjRoRV9udy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnDOgwDQYJKoZIhvcNAQELBQADggEBAJCGNrvFa9+NXj7GEvya9sXVNazv3g8J YZMuHVNEwk+iDgZhF9lMgL8ZyZn9a1pku7lOcJt98rxsCwPlGoAXPA8Uinq1T4bS geE2Pu8IdPyhICnnIM6xtkgjBS6dL8xulLQ+Xv9K+pRXizgEHx+cPAE1ULdSwvDf puLmwJ2qkdxX0OBetq128enZXCybPh8lxcT1xL8cJ+3IbPdd3tERzaTZ2skZhTTI mWzKJy52z4g1PWaebj9TxA4KWOxUscJqGxVFgIFWK7Dcne656iKBwyO8HGSuU4lV mFQJw8wHMJ9qLlFdn4fkqk4Qgbly0cNy1o1AKgNBZFQRCfig3ttZB6k= -----END CERTIFICATE-----Generated at Fri Apr 4 21:11:21 2025 by rpki-client