$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/861/KtkKTWtPNj5wHFjwBkJUsLLPtIY.roa File: KtkKTWtPNj5wHFjwBkJUsLLPtIY.roa (raw, json) Hash identifier: VueTaTS6ACWPKbz+D/qnweeOLK3EFD2lyW+Z38+Z/7Q= Subject key identifier: 2A:D9:0A:4D:6B:4F:36:3E:70:1C:58:F0:06:42:54:B0:B2:CF:B4:86 Certificate issuer: /CN=615BCE8F7F8A83DB939AE0F42FA05413B285181E Certificate serial: 138D Authority key identifier: 61:5B:CE:8F:7F:8A:83:DB:93:9A:E0:F4:2F:A0:54:13:B2:85:18:1E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/KtkKTWtPNj5wHFjwBkJUsLLPtIY.roa Signing time: Fri 17 Jan 2025 01:26:11 +0000 ROA not before: Fri 17 Jan 2025 01:26:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 59043 IP address blocks: 103.56.184.0/24 maxlen: 24 103.56.185.0/24 maxlen: 24 103.56.186.0/24 maxlen: 24 103.56.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5005 (0x138d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=615BCE8F7F8A83DB939AE0F42FA05413B285181E Validity Not Before: Jan 17 01:26:11 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2AD90A4D6B4F363E701C58F0064254B0B2CFB486 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:be:72:16:88:10:bc:2c:1f:cb:68:99:d7:41: e8:b9:12:e2:5f:52:d2:de:08:c9:cc:1e:c1:88:54: 21:b8:d9:41:ae:a7:74:b7:40:10:26:4f:03:9e:92: bd:a9:10:ca:ea:cf:91:43:3f:fd:40:6d:ef:7a:7d: 06:7c:3c:7b:1d:87:7c:09:4a:a7:1d:dd:b7:8e:b9: c5:49:ca:17:f8:9e:c2:f5:b0:d0:90:4c:f6:6e:af: a7:d5:07:4c:39:5e:f3:b9:59:a8:ef:1f:0d:04:87: 8e:38:68:ac:96:82:6a:d1:7e:d3:06:33:26:aa:5f: 08:1b:ef:71:7e:4c:02:f7:6e:04:97:56:55:5a:4a: 51:29:cf:be:c6:75:4c:bc:15:5e:41:53:5a:99:ae: 7c:af:9b:98:f5:44:e1:33:6c:71:27:01:0c:1e:de: bf:a7:27:cd:70:d6:f9:bf:5d:6e:8d:b8:fa:75:9d: 7a:fa:fa:5f:26:3d:f3:1f:7b:6c:7e:fb:42:32:a1: f7:8f:61:6a:e6:32:e8:57:91:53:43:2d:11:cb:38: 1a:0d:69:9e:ff:d3:0a:27:19:e6:b1:6d:c7:9d:20: a5:0b:68:33:eb:18:56:91:cb:25:01:2d:39:92:c8: 34:be:69:7e:17:39:9d:f1:3e:20:4f:cd:35:03:c2: e2:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:D9:0A:4D:6B:4F:36:3E:70:1C:58:F0:06:42:54:B0:B2:CF:B4:86 X509v3 Authority Key Identifier: keyid:61:5B:CE:8F:7F:8A:83:DB:93:9A:E0:F4:2F:A0:54:13:B2:85:18:1E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YVvOj3-Kg9uTmuD0L6BUE7KFGB4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/861/KtkKTWtPNj5wHFjwBkJUsLLPtIY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.56.184.0/22 Signature Algorithm: sha256WithRSAEncryption 65:67:31:10:ab:75:d7:d9:dd:38:8c:d1:91:41:5d:12:89:f0: 94:32:10:38:04:f1:25:92:ac:d7:74:2a:08:71:5d:b2:ce:67: 45:b5:d0:1e:5b:67:cd:31:f5:7a:ae:29:33:de:53:4d:fc:a4: 3c:bb:c9:71:45:fd:9c:11:71:e0:2e:7c:79:46:51:fb:81:18: 16:70:8d:22:44:c7:ce:7c:f2:9e:b0:35:a5:81:ae:e0:64:a7: 86:70:b1:da:c6:a7:aa:ff:1a:75:46:96:bd:82:03:1e:81:53: 70:13:35:6a:6b:83:73:cb:bf:68:9e:c4:98:d4:38:62:0c:a9: cf:95:b5:5e:32:35:ed:c5:a0:8f:16:3e:6d:0f:a6:fb:b3:d9: da:46:64:4e:3e:55:12:c6:92:43:9d:cc:0a:0e:81:04:72:b9: cc:cd:02:72:99:1a:87:15:8e:a8:12:e2:eb:0c:f5:ee:8b:72: e0:00:4e:19:18:1c:31:4f:3b:01:05:f1:6f:21:c6:50:6b:8a: db:c3:0e:1b:e0:05:a0:90:d8:86:f0:73:97:57:3f:7f:78:ea: 81:5d:a3:11:4d:47:82:a2:27:ca:0d:ef:10:ed:e4:17:7b:10: 16:9f:d2:8c:9c:40:af:c3:db:a6:b3:25:c0:8e:74:72:ba:97: cb:ce:4f:25 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE1 QkNFOEY3RjhBODNEQjkzOUFFMEY0MkZBMDU0MTNCMjg1MTgxRTAeFw0yNTAxMTcw MTI2MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJBRDkwQTRENkI0RjM2 M0U3MDFDNThGMDA2NDI1NEIwQjJDRkI0ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+vnIWiBC8LB/LaJnXQei5EuJfUtLeCMnMHsGIVCG42UGup3S3 QBAmTwOekr2pEMrqz5FDP/1Abe96fQZ8PHsdh3wJSqcd3beOucVJyhf4nsL1sNCQ TPZur6fVB0w5XvO5WajvHw0Eh444aKyWgmrRftMGMyaqXwgb73F+TAL3bgSXVlVa SlEpz77GdUy8FV5BU1qZrnyvm5j1ROEzbHEnAQwe3r+nJ81w1vm/XW6NuPp1nXr6 +l8mPfMfe2x++0IyofePYWrmMuhXkVNDLRHLOBoNaZ7/0wonGeaxbcedIKULaDPr GFaRyyUBLTmSyDS+aX4XOZ3xPiBPzTUDwuItAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKtkKTWtPNj5wHFjwBkJUsLLPtIYwHwYDVR0jBBgwFoAUYVvOj3+Kg9uTmuD0 L6BUE7KFGB4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODYx L1lWdk9qMy1LZzl1VG11RDBMNkJVRTdLRkdCNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvWVZ2T2ozLUtnOXVUbXVEMEw2QlVFN0tGR0I0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODYxL0t0a0tUV3RQTmo1d0hG andCa0pVc0xMUHRJWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnOLgwDQYJKoZIhvcNAQELBQADggEBAGVnMRCrddfZ3TiM0ZFBXRKJ8JQyEDgE 8SWSrNd0KghxXbLOZ0W10B5bZ80x9XquKTPeU038pDy7yXFF/ZwRceAufHlGUfuB GBZwjSJEx8588p6wNaWBruBkp4ZwsdrGp6r/GnVGlr2CAx6BU3ATNWprg3PLv2ie xJjUOGIMqc+VtV4yNe3FoI8WPm0Ppvuz2dpGZE4+VRLGkkOdzAoOgQRyuczNAnKZ GocVjqgS4usM9e6LcuAAThkYHDFPOwEF8W8hxlBritvDDhvgBaCQ2Ibwc5dXP394 6oFdoxFNR4KiJ8oN7xDt5Bd7EBaf0oycQK/D26azJcCOdHK6l8vOTyU= -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:48 2025 by rpki-client