$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/KXC0qgIn72LRVsWM0i_L6lscO8g.roa File: KXC0qgIn72LRVsWM0i_L6lscO8g.roa (raw, json) Hash identifier: GSnatx02n+iXry7WlwPh8UpObPD3/2LSBscAoZQxmeI= Subject key identifier: 29:70:B4:AA:02:27:EF:62:D1:56:C5:8C:D2:2F:CB:EA:5B:1C:3B:C8 Certificate issuer: /CN=2CA390E2780550E44EC03598082E1995474DF2FB Certificate serial: 1A1D Authority key identifier: 2C:A3:90:E2:78:05:50:E4:4E:C0:35:98:08:2E:19:95:47:4D:F2:FB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/KXC0qgIn72LRVsWM0i_L6lscO8g.roa Signing time: Fri 17 Jan 2025 01:30:04 +0000 ROA not before: Fri 17 Jan 2025 01:30:04 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 58862 IP address blocks: 167.220.244.0/22 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6685 (0x1a1d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2CA390E2780550E44EC03598082E1995474DF2FB Validity Not Before: Jan 17 01:30:04 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2970B4AA0227EF62D156C58CD22FCBEA5B1C3BC8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d5:49:0e:f2:11:95:22:5c:65:f9:90:68:b5: 7b:21:0e:40:8c:33:bf:41:a9:91:ab:c2:f1:1b:85: 3e:b7:0b:bf:b0:b6:fd:36:99:53:15:1e:5a:e0:1a: 67:07:09:77:d0:e3:52:5f:5d:88:7e:6f:71:52:5b: 90:5e:c8:df:83:33:9e:a6:2e:d1:8c:32:c4:ea:ff: fa:6c:7f:16:60:39:94:4a:88:fc:59:2a:e8:b8:e3: bc:cb:bd:1e:c8:3c:09:50:d5:53:5e:f8:be:45:2b: 13:95:f5:fc:5c:5b:3b:47:47:bb:7c:72:57:4f:43: 9e:de:d7:50:5c:e9:32:c7:64:33:63:03:8c:54:e7: 4f:5e:83:54:84:70:b4:4f:02:ca:8f:42:88:bb:e2: a8:5f:e7:11:7f:68:01:7a:f9:8a:ef:8d:39:27:25: a6:0f:1f:b4:2c:58:b7:7a:44:d6:c4:31:0d:16:1d: 4b:08:d5:0e:09:c0:89:9c:be:88:97:28:0c:26:a5: 6e:99:72:3f:35:4d:ff:29:f2:8d:8d:28:ae:65:79: b5:95:54:f2:d6:9c:0b:75:0e:a7:0c:0f:59:77:28: 0a:66:56:a2:1a:6b:97:50:e8:a2:49:9c:07:ed:7a: 55:d1:1b:cc:df:c5:09:75:35:4d:21:88:a6:52:63: aa:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:70:B4:AA:02:27:EF:62:D1:56:C5:8C:D2:2F:CB:EA:5B:1C:3B:C8 X509v3 Authority Key Identifier: keyid:2C:A3:90:E2:78:05:50:E4:4E:C0:35:98:08:2E:19:95:47:4D:F2:FB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LKOQ4ngFUOROwDWYCC4ZlUdN8vs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/KXC0qgIn72LRVsWM0i_L6lscO8g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 167.220.244.0/22 Signature Algorithm: sha256WithRSAEncryption 24:b2:a7:78:7d:4b:a2:b4:a0:29:74:d0:a6:46:9a:21:5a:4f: b0:ff:88:d0:95:79:87:38:3c:c9:ac:ae:a2:5e:6e:c2:45:99: 38:c3:89:48:dd:3c:35:10:f8:dd:36:98:eb:85:9d:ac:b9:2b: e9:4a:59:71:99:52:78:59:e1:bd:84:bc:5e:11:cf:9d:80:4c: 1d:41:f7:6e:39:b5:0b:a3:f1:43:75:ca:9c:83:d3:b2:79:b9: 70:fc:84:61:fd:36:d7:9a:17:c3:ed:8a:62:e1:00:7a:f1:4d: a5:37:b8:8f:f7:cd:93:6f:96:8a:69:a6:2a:88:25:b8:6c:1f: ff:69:52:88:f5:24:44:82:23:ac:35:12:26:54:3c:6a:99:8c: c7:db:0c:10:f1:1b:f5:9c:c2:0b:d7:9b:24:c6:6e:bf:f3:c4: db:19:ff:bc:f0:97:4f:d2:af:0a:f6:30:29:74:81:9b:1b:61: e6:cc:d9:66:41:09:26:f4:d2:59:33:f2:38:06:0d:1b:d0:a9: 8c:dd:1d:41:87:a6:50:b4:ed:c5:28:09:f3:f1:57:03:fb:e8: bd:a8:ea:5a:f7:1e:f9:5a:1f:3e:ca:e1:5f:07:c1:57:c8:c1: 36:29:12:de:37:03:72:a2:87:3d:bd:e3:70:82:4b:b8:a5:10: 02:63:d9:be -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkNB MzkwRTI3ODA1NTBFNDRFQzAzNTk4MDgyRTE5OTU0NzRERjJGQjAeFw0yNTAxMTcw MTMwMDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI5NzBCNEFBMDIyN0VG NjJEMTU2QzU4Q0QyMkZDQkVBNUIxQzNCQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDR1UkO8hGVIlxl+ZBotXshDkCMM79BqZGrwvEbhT63C7+wtv02 mVMVHlrgGmcHCXfQ41JfXYh+b3FSW5BeyN+DM56mLtGMMsTq//psfxZgOZRKiPxZ Kui447zLvR7IPAlQ1VNe+L5FKxOV9fxcWztHR7t8cldPQ57e11Bc6TLHZDNjA4xU 509eg1SEcLRPAsqPQoi74qhf5xF/aAF6+YrvjTknJaYPH7QsWLd6RNbEMQ0WHUsI 1Q4JwImcvoiXKAwmpW6Zcj81Tf8p8o2NKK5lebWVVPLWnAt1DqcMD1l3KApmVqIa a5dQ6KJJnAftelXRG8zfxQl1NU0hiKZSY6qpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKXC0qgIn72LRVsWM0i/L6lscO8gwHwYDVR0jBBgwFoAULKOQ4ngFUOROwDWY CC4ZlUdN8vswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1 L0xLT1E0bmdGVU9ST3dEV1lDQzRabFVkTjh2cy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTEtPUTRuZ0ZVT1JPd0RXWUNDNFpsVWROOHZzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L0tYQzBxZ0luNzJMUlZz V00waV9MNmxzY084Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAKn3PQwDQYJKoZIhvcNAQELBQADggEBACSyp3h9S6K0oCl00KZGmiFaT7D/iNCV eYc4PMmsrqJebsJFmTjDiUjdPDUQ+N02mOuFnay5K+lKWXGZUnhZ4b2EvF4Rz52A TB1B9245tQuj8UN1ypyD07J5uXD8hGH9NteaF8PtimLhAHrxTaU3uI/3zZNvlopp piqIJbhsH/9pUoj1JESCI6w1EiZUPGqZjMfbDBDxG/WcwgvXmyTGbr/zxNsZ/7zw l0/Srwr2MCl0gZsbYebM2WZBCSb00lkz8jgGDRvQqYzdHUGHplC07cUoCfPxVwP7 6L2o6lr3HvlaHz7K4V8HwVfIwTYpEt43A3Kihz2943CCS7ilEAJj2b4= -----END CERTIFICATE-----Generated at Fri Apr 4 18:35:19 2025 by rpki-client