$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/767/1H_dEmlcHR9WrgXuUkgyw7TC6PI.roa File: 1H_dEmlcHR9WrgXuUkgyw7TC6PI.roa (raw, json) Hash identifier: PYMpJ9QJ790iCzSPPg6odQyh509VNCs3J8a0L4Xr8Vs= Subject key identifier: D4:7F:DD:12:69:5C:1D:1F:56:AE:05:EE:52:48:32:C3:B4:C2:E8:F2 Certificate issuer: /CN=CC8CF726F2323299108744D6930BEF18D677445D Certificate serial: 15FE Authority key identifier: CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/1H_dEmlcHR9WrgXuUkgyw7TC6PI.roa Signing time: Fri 17 Jan 2025 01:27:27 +0000 ROA not before: Fri 17 Jan 2025 01:27:27 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 59015 IP address blocks: 43.224.240.0/22 maxlen: 32 103.43.240.0/22 maxlen: 32 119.38.224.0/19 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5630 (0x15fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CC8CF726F2323299108744D6930BEF18D677445D Validity Not Before: Jan 17 01:27:27 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D47FDD12695C1D1F56AE05EE524832C3B4C2E8F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:6f:db:61:3d:84:6f:e6:89:0f:cb:7e:c9:f9: ea:a9:0a:2d:b6:47:97:1f:61:3b:0c:55:3f:db:89: 4e:d6:ce:19:ae:7d:b5:dc:ec:f3:b7:02:c1:8e:4a: 46:e0:4e:a7:f1:db:76:5e:ab:66:7c:08:97:ab:84: cc:92:b3:ea:83:3f:17:b6:9b:46:b3:f8:33:c7:77: d1:ce:a8:08:c0:ab:cb:84:d1:5c:88:c0:1b:6c:a6: 8c:cf:bb:6e:d4:2d:a2:66:b6:17:47:ea:ab:cf:86: 6d:0e:4a:fa:21:6e:a1:95:27:0e:9e:46:52:03:88: e1:41:2b:aa:01:4c:e0:90:95:72:5a:0b:52:a7:3e: 66:96:ab:55:aa:3f:d7:d5:c0:86:a6:d6:cb:f7:06: 96:0f:c2:d5:5c:a5:e7:fe:78:9f:19:0c:df:69:e9: 56:9c:b0:29:f5:28:61:f0:22:cc:4a:d3:52:0d:45: 40:79:cf:75:ad:7a:85:7f:54:b7:95:99:5c:f8:81: 11:20:6c:58:a9:22:92:a1:60:bd:54:b9:5e:1a:b4: 5d:dc:a2:42:d6:e4:80:be:74:90:2c:eb:22:f2:c9: 1c:01:43:31:e7:0d:ad:c0:bd:8a:1c:ad:63:18:6c: ed:f2:ce:69:9d:e6:8f:24:a5:66:62:ab:10:3d:b0: 68:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:7F:DD:12:69:5C:1D:1F:56:AE:05:EE:52:48:32:C3:B4:C2:E8:F2 X509v3 Authority Key Identifier: keyid:CC:8C:F7:26:F2:32:32:99:10:87:44:D6:93:0B:EF:18:D6:77:44:5D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zIz3JvIyMpkQh0TWkwvvGNZ3RF0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/767/1H_dEmlcHR9WrgXuUkgyw7TC6PI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.224.240.0/22 103.43.240.0/22 119.38.224.0/19 Signature Algorithm: sha256WithRSAEncryption 8f:a4:8c:8a:0e:ab:46:a7:ee:67:46:7a:1b:46:cb:86:b5:8c: ad:43:0f:4f:28:f9:b0:26:c8:9a:9e:fe:83:11:fb:15:ef:01: ef:b6:04:3d:f2:53:05:6e:24:c5:14:35:a0:e4:65:72:a0:80: ac:5b:3e:83:fd:f6:9f:a0:22:c7:2a:e4:c2:04:d2:42:9d:31: fb:d9:1c:f6:33:0a:2c:89:8d:c0:13:d6:c4:37:67:f0:1e:60: 06:3d:9c:1b:a2:99:28:dc:b5:2a:1e:48:f3:23:a2:3a:61:cc: c1:c0:ff:69:7d:65:a7:ab:ad:e6:05:aa:e5:74:db:bd:3f:15: 36:e2:af:fa:7a:5c:28:ca:46:31:43:db:7e:bc:38:6f:71:18: 0e:36:86:9a:03:0f:fc:ef:c2:eb:9c:77:7a:b0:bc:79:a2:1f: 9b:33:c9:e5:6b:7a:a9:4e:9f:99:24:12:0a:14:b2:7c:7c:d7: 7f:ba:0f:63:4b:1d:9e:40:16:7a:f8:17:34:4a:61:c5:46:7a: e1:53:57:05:59:35:02:4e:aa:37:9f:81:9d:5f:1e:45:6f:cd: c2:f6:f9:43:49:90:eb:9b:23:90:dc:ee:1d:5b:77:bb:06:fa: 16:f0:ed:e3:a4:88:c5:cd:70:0f:89:2e:b2:34:46:87:a2:42: 47:5c:54:f4 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICFf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0M4 Q0Y3MjZGMjMyMzI5OTEwODc0NEQ2OTMwQkVGMThENjc3NDQ1RDAeFw0yNTAxMTcw MTI3MjdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ0N0ZERDEyNjk1QzFE MUY1NkFFMDVFRTUyNDgzMkMzQjRDMkU4RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdb9thPYRv5okPy37J+eqpCi22R5cfYTsMVT/biU7WzhmufbXc 7PO3AsGOSkbgTqfx23Zeq2Z8CJerhMySs+qDPxe2m0az+DPHd9HOqAjAq8uE0VyI wBtspozPu27ULaJmthdH6qvPhm0OSvohbqGVJw6eRlIDiOFBK6oBTOCQlXJaC1Kn PmaWq1WqP9fVwIam1sv3BpYPwtVcpef+eJ8ZDN9p6VacsCn1KGHwIsxK01INRUB5 z3WteoV/VLeVmVz4gREgbFipIpKhYL1UuV4atF3cokLW5IC+dJAs6yLyyRwBQzHn Da3AvYocrWMYbO3yzmmd5o8kpWZiqxA9sGiJAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQU1H/dEmlcHR9WrgXuUkgyw7TC6PIwHwYDVR0jBBgwFoAUzIz3JvIyMpkQh0TW kwvvGNZ3RF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3 L3pJejNKdkl5TXBrUWgwVFdrd3Z2R05aM1JGMC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvekl6M0p2SXlNcGtRaDBUV2t3dnZHTlozUkYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzY3LzFIX2RFbWxjSFI5V3Jn WHVVa2d5dzdUQzZQSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAIr4PADBAJnK/ADBAV3JuAwDQYJKoZIhvcNAQELBQADggEBAI+kjIoOq0an7mdG ehtGy4a1jK1DD08o+bAmyJqe/oMR+xXvAe+2BD3yUwVuJMUUNaDkZXKggKxbPoP9 9p+gIscq5MIE0kKdMfvZHPYzCiyJjcAT1sQ3Z/AeYAY9nBuimSjctSoeSPMjojph zMHA/2l9ZaerreYFquV0270/FTbir/p6XCjKRjFD2368OG9xGA42hpoDD/zvwuuc d3qwvHmiH5szyeVreqlOn5kkEgoUsnx813+6D2NLHZ5AFnr4FzRKYcVGeuFTVwVZ NQJOqjefgZ1fHkVvzcL2+UNJkOubI5Dc7h1bd7sG+hbw7eOkiMXNcA+JLrI0Roei QkdcVPQ= -----END CERTIFICATE-----Generated at Fri Apr 4 18:38:45 2025 by rpki-client