$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/H2r04DyPj8b8McLs0ubBnjw7ndY.roa File: H2r04DyPj8b8McLs0ubBnjw7ndY.roa (raw, json) Hash identifier: uytW7T59u6fmvP5wAd0JbCr4Yq/bMmIgW77RTb/pxq4= Subject key identifier: 1F:6A:F4:E0:3C:8F:8F:C6:FC:31:C2:EC:D2:E6:C1:9E:3C:3B:9D:D6 Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1D96 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/H2r04DyPj8b8McLs0ubBnjw7ndY.roa Signing time: Fri 28 Feb 2025 05:53:28 +0000 ROA not before: Fri 28 Feb 2025 05:53:28 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4134 IP address blocks: 43.254.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Mar 2025 09:29:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7574 (0x1d96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Feb 28 05:53:28 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1F6AF4E03C8F8FC6FC31C2ECD2E6C19E3C3B9DD6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:e0:52:de:26:e0:02:50:8e:e2:63:38:6f:8d: 3b:f3:1c:42:8a:2e:53:35:7a:03:09:99:62:1b:f0: 09:dc:7c:61:c3:a9:98:77:07:c5:63:04:58:ee:80: f3:d8:42:df:5a:2e:d4:9c:64:c0:3d:ca:c2:4c:22: 0e:ca:5d:1b:6b:ab:34:34:42:ba:22:58:d6:1d:1c: 7a:fb:af:8e:ec:fe:53:1a:51:1b:ba:f3:f5:77:40: 85:f4:76:ce:76:72:63:12:b1:d9:a4:68:f1:4b:88: 68:33:b2:26:3d:99:9b:0a:3e:e4:43:76:3e:2d:4f: db:63:63:ec:0a:02:c9:bd:c4:5a:1e:9e:f6:a6:d2: a5:c7:76:51:cd:9f:75:62:a9:d6:a1:da:6b:19:3c: 46:4d:76:28:95:b1:5c:b9:9a:9a:03:0e:25:c5:08: d4:a3:c0:c8:ab:3e:7b:70:4f:1f:28:8d:4d:ed:6d: 5c:10:bb:08:32:b6:15:56:ec:e0:c6:10:a9:76:d5: 97:82:28:aa:64:69:59:29:a9:77:53:36:79:41:8f: 59:93:39:22:82:da:f5:a7:09:c6:2a:7c:15:65:d6: e7:c9:d7:76:28:66:58:59:b0:c7:b9:42:2e:4e:be: 01:31:e5:6f:10:98:b9:53:d4:e0:96:bb:68:1c:fa: 9c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:6A:F4:E0:3C:8F:8F:C6:FC:31:C2:EC:D2:E6:C1:9E:3C:3B:9D:D6 X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/H2r04DyPj8b8McLs0ubBnjw7ndY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.128.0/22 Signature Algorithm: sha256WithRSAEncryption c9:29:3f:7e:42:ec:08:f3:41:cc:59:dc:f7:8e:ea:26:d7:e6: 7d:ca:6a:66:f2:e3:0b:28:43:cc:07:3f:9e:f1:cc:40:2a:02: 61:c6:7c:c1:1e:21:91:39:f5:5a:50:ab:22:b2:67:a6:be:69: a2:d8:85:57:09:43:75:35:e9:ac:11:73:7e:36:64:d1:4f:07: 60:92:a1:9d:14:d3:dd:3b:b5:cd:08:90:f3:ea:62:7c:4a:8b: 3e:96:ef:09:b3:1b:33:56:4d:2f:3f:94:af:f3:34:1c:f3:b2: a1:74:60:a8:ae:a2:26:16:06:2b:e7:12:c6:26:5b:da:f5:fa: a3:cb:d9:9b:da:44:f2:52:1c:2f:47:fa:71:de:ae:ec:24:32: f0:f8:53:83:c2:54:8e:55:89:7b:ef:8f:a9:c6:36:ef:d8:12: 0b:e5:12:69:e6:a4:21:7c:ff:1f:fb:6f:7d:65:83:8e:ea:42: 78:0c:e7:bc:0c:d8:f4:5e:30:4a:79:d2:37:59:3f:3f:9d:1f: a4:ed:03:a4:ca:d0:c6:3d:5c:96:11:9b:ca:ba:c5:8e:7c:b4: 46:29:71:6e:31:1f:4a:5f:77:52:70:30:3b:8b:57:89:74:be: 4b:8d:46:9d:be:aa:e5:65:ef:59:e3:56:1d:90:e2:99:b7:fd: d2:b6:87:6a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNTAyMjgw NTUzMjhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFGNkFGNEUwM0M4RjhG QzZGQzMxQzJFQ0QyRTZDMTlFM0MzQjlERDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDP4FLeJuACUI7iYzhvjTvzHEKKLlM1egMJmWIb8AncfGHDqZh3 B8VjBFjugPPYQt9aLtScZMA9ysJMIg7KXRtrqzQ0QroiWNYdHHr7r47s/lMaURu6 8/V3QIX0ds52cmMSsdmkaPFLiGgzsiY9mZsKPuRDdj4tT9tjY+wKAsm9xFoenvam 0qXHdlHNn3Viqdah2msZPEZNdiiVsVy5mpoDDiXFCNSjwMirPntwTx8ojU3tbVwQ uwgythVW7ODGEKl21ZeCKKpkaVkpqXdTNnlBj1mTOSKC2vWnCcYqfBVl1ufJ13Yo ZlhZsMe5Qi5OvgEx5W8QmLlT1OCWu2gc+pxnAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUH2r04DyPj8b8McLs0ubBnjw7ndYwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0gycjA0RHlQajhiOE1j THMwdWJCbmp3N25kWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/oAwDQYJKoZIhvcNAQELBQADggEBAMkpP35C7AjzQcxZ3PeO6ibX5n3Kamby 4wsoQ8wHP57xzEAqAmHGfMEeIZE59VpQqyKyZ6a+aaLYhVcJQ3U16awRc342ZNFP B2CSoZ0U0907tc0IkPPqYnxKiz6W7wmzGzNWTS8/lK/zNBzzsqF0YKiuoiYWBivn EsYmW9r1+qPL2ZvaRPJSHC9H+nHeruwkMvD4U4PCVI5ViXvvj6nGNu/YEgvlEmnm pCF8/x/7b31lg47qQngM57wM2PReMEp50jdZPz+dH6TtA6TK0MY9XJYRm8q6xY58 tEYpcW4xH0pfd1JwMDuLV4l0vkuNRp2+quVl71njVh2Q4pm3/dK2h2o= -----END CERTIFICATE-----Generated at Thu Mar 13 06:57:52 2025 by rpki-client