$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1534/Dz95d2ZKphqb2el9oQUFMOWy-LI.roa File: Dz95d2ZKphqb2el9oQUFMOWy-LI.roa (raw, json) Hash identifier: cactaRQsDKNJuzLAHuIHOnIJBEaJfhebPxNBBSPyjDQ= Subject key identifier: 0F:3F:79:77:66:4A:A6:1A:9B:D9:E9:7D:A1:05:05:30:E5:B2:F8:B2 Certificate issuer: /CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E Certificate serial: 2346 Authority key identifier: 0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/Dz95d2ZKphqb2el9oQUFMOWy-LI.roa Signing time: Tue 08 Apr 2025 03:06:32 +0000 ROA not before: Tue 08 Apr 2025 03:06:32 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 59067 IP address blocks: 111.221.28.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:37:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9030 (0x2346) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E Validity Not Before: Apr 8 03:06:32 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0F3F7977664AA61A9BD9E97DA1050530E5B2F8B2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b7:fb:b7:cb:0d:ee:f3:52:3e:ee:b2:0a:6e: 72:fc:81:6c:a2:82:78:95:88:ff:f0:8c:95:58:48: ac:51:84:64:a8:e7:29:78:dd:15:c6:e7:9d:94:b6: c3:5d:74:b2:e0:31:b7:eb:ca:77:10:3e:2a:0c:49: 8a:b7:41:e3:b3:98:29:14:25:54:1d:b8:1c:15:5a: 52:d9:1f:5d:04:49:7a:0a:c1:5b:46:b3:4d:45:e9: 0e:37:fb:10:e1:ba:db:6c:1f:db:00:b7:81:35:f3: d9:17:a8:bd:78:75:bd:83:c8:70:c6:59:ee:18:fc: e5:87:c9:e2:bf:0b:e9:ec:77:a4:f2:53:87:92:f3: 29:4c:77:3d:9e:d7:77:00:26:8c:ea:b4:a6:03:8f: 1f:21:b2:f4:f6:e6:92:62:f3:cd:d5:da:75:07:93: ed:90:2e:02:b4:d6:0b:3a:62:4c:17:5b:25:7a:c4: fd:a1:d2:4c:f5:97:1c:dd:3c:0e:55:af:22:b8:11: 77:9e:cc:a0:1a:04:f4:18:27:b4:9c:18:bd:49:89: ba:70:91:b3:ae:4f:9f:82:b7:12:48:c6:98:60:e3: 35:4f:db:ef:ee:e1:13:ed:1c:d4:4f:d6:b3:52:10: aa:ba:49:c2:c6:37:f6:fb:5c:5f:96:04:21:af:9b: a7:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:3F:79:77:66:4A:A6:1A:9B:D9:E9:7D:A1:05:05:30:E5:B2:F8:B2 X509v3 Authority Key Identifier: keyid:0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/Dz95d2ZKphqb2el9oQUFMOWy-LI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 111.221.28.0/24 Signature Algorithm: sha256WithRSAEncryption a4:49:f2:38:fb:3d:53:0b:11:28:6f:d2:ae:a9:58:89:8a:74: ca:05:7e:b4:62:3d:3e:81:01:d8:d7:ee:a1:41:94:64:d4:c6: 5e:1e:ff:a1:b0:85:c3:44:a4:32:82:08:15:72:d0:1f:9b:2e: 38:ed:c6:94:d8:09:5c:e5:8a:dc:4d:21:f2:6d:1a:b7:35:05: 19:08:ef:7d:02:54:2b:b7:c2:cb:2a:64:4a:64:e7:8a:10:85: be:b6:60:2a:6e:1f:b1:b9:fc:71:58:9a:10:c7:56:ac:3e:2b: 7c:1e:6b:74:00:74:e3:5a:3d:fb:23:1a:ce:a4:b7:1f:92:da: 27:ec:f8:3c:f9:88:95:41:e6:75:fd:1a:a8:99:fe:f0:ba:b6: 66:9e:31:c9:28:df:a0:12:51:a0:08:d8:03:eb:1f:90:a4:8c: ad:88:b4:62:d3:f3:95:b0:c8:f0:c0:87:bb:ff:b7:8c:a9:a2: 15:f5:13:e2:9e:e2:08:21:b1:c5:65:0a:01:a5:1c:5e:a4:bc: 2c:99:59:74:57:fb:52:22:30:6c:cd:e6:d8:25:94:e6:15:d5: 15:95:cb:1f:4f:de:27:36:1c:92:c0:20:a6:94:19:a2:d2:e6: 2c:fa:a3:48:c9:ac:9f:10:2d:7d:0f:62:2f:f8:f6:6a:19:af: ba:1d:4d:55 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICI0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMENB NEYxODNDNjU5RUQ1N0ZCNDZENTlBRDU0ODNENkZFOUIzNEY0RTAeFw0yNTA0MDgw MzA2MzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBGM0Y3OTc3NjY0QUE2 MUE5QkQ5RTk3REExMDUwNTMwRTVCMkY4QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrt/u3yw3u81I+7rIKbnL8gWyigniViP/wjJVYSKxRhGSo5yl4 3RXG552UtsNddLLgMbfryncQPioMSYq3QeOzmCkUJVQduBwVWlLZH10ESXoKwVtG s01F6Q43+xDhuttsH9sAt4E189kXqL14db2DyHDGWe4Y/OWHyeK/C+nsd6TyU4eS 8ylMdz2e13cAJozqtKYDjx8hsvT25pJi883V2nUHk+2QLgK01gs6YkwXWyV6xP2h 0kz1lxzdPA5VryK4EXeezKAaBPQYJ7ScGL1JibpwkbOuT5+CtxJIxphg4zVP2+/u 4RPtHNRP1rNSEKq6ScLGN/b7XF+WBCGvm6ctAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDz95d2ZKphqb2el9oQUFMOWy+LIwHwYDVR0jBBgwFoAUDKTxg8ZZ7Vf7RtWa 1Ug9b+mzT04wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTUz NC9ES1R4ZzhaWjdWZjdSdFdhMVVnOWItbXpUMDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0RLVHhnOFpaN1ZmN1J0V2ExVWc5Yi1telQwNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1MzQvRHo5NWQyWktwaHFi MmVsOW9RVUZNT1d5LUxJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG/dHDANBgkqhkiG9w0BAQsFAAOCAQEApEnyOPs9UwsRKG/SrqlYiYp0ygV+ tGI9PoEB2NfuoUGUZNTGXh7/obCFw0SkMoIIFXLQH5suOO3GlNgJXOWK3E0h8m0a tzUFGQjvfQJUK7fCyypkSmTnihCFvrZgKm4fsbn8cViaEMdWrD4rfB5rdAB041o9 +yMazqS3H5LaJ+z4PPmIlUHmdf0aqJn+8Lq2Zp4xySjfoBJRoAjYA+sfkKSMrYi0 YtPzlbDI8MCHu/+3jKmiFfUT4p7iCCGxxWUKAaUcXqS8LJlZdFf7UiIwbM3m2CWU 5hXVFZXLH0/eJzYcksAgppQZotLmLPqjSMmsnxAtfQ9iL/j2ahmvuh1NVQ== -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:38 2025 by rpki-client