$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/LGzL1dFEcgx2HvjRnHZUEaqM0a0.roa File: LGzL1dFEcgx2HvjRnHZUEaqM0a0.roa (raw, json) Hash identifier: VXfqzQ0y8qqt7GB0EUujrXiDsSRGCYb15YbbiSOlh0M= Subject key identifier: 2C:6C:CB:D5:D1:44:72:0C:76:1E:F8:D1:9C:76:54:11:AA:8C:D1:AD Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 1DF7 Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LGzL1dFEcgx2HvjRnHZUEaqM0a0.roa Signing time: Mon 21 Apr 2025 07:54:56 +0000 ROA not before: Mon 21 Apr 2025 07:54:56 +0000 ROA not after: Thu 09 Apr 2026 06:41:08 +0000 asID: 59033 IP address blocks: 103.90.56.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:37:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7671 (0x1df7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Apr 21 07:54:56 2025 GMT Not After : Apr 9 06:41:08 2026 GMT Subject: CN=2C6CCBD5D144720C761EF8D19C765411AA8CD1AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:aa:89:0b:dd:4e:de:6c:26:0b:2e:0f:c0:bb: 77:86:79:51:55:e1:be:7a:7c:ba:d4:66:4b:25:03: 0c:a0:64:a8:cc:70:c4:8d:82:0a:3a:bd:d0:78:1a: 86:50:7d:55:0a:49:ed:b5:39:06:93:c9:b3:f3:e3: a3:75:6d:45:19:53:a4:0e:78:6a:a8:d3:86:8a:de: e0:f5:6d:e3:ff:e4:53:1b:da:45:17:6d:bc:fd:2b: 96:89:84:99:91:d6:8b:fb:24:a8:2f:4e:60:68:24: c4:3d:14:64:80:7b:9e:f3:ed:97:80:0c:93:ce:fd: 25:bc:03:80:02:74:60:d4:9e:2c:2c:32:50:73:8c: 06:21:10:d6:0c:5e:04:b2:16:30:60:a0:af:d2:91: d2:e9:8b:42:60:88:25:b2:e2:12:7c:da:39:d0:00: a7:42:46:50:53:9f:39:c1:fd:e3:19:ee:31:90:aa: 97:b6:e9:75:63:74:9b:b9:cd:db:8f:f1:69:f2:37: 41:55:84:80:ef:2d:b0:35:34:6d:01:07:c4:ec:bf: c4:05:b5:8c:36:79:e7:a6:c2:b6:25:3b:f6:d2:c7: de:ec:da:61:13:3c:3b:9e:10:de:52:9f:80:6f:2a: 49:ed:9a:ee:3a:77:2c:58:a8:38:67:1d:82:23:c2: 7f:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:6C:CB:D5:D1:44:72:0C:76:1E:F8:D1:9C:76:54:11:AA:8C:D1:AD X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LGzL1dFEcgx2HvjRnHZUEaqM0a0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.90.56.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:03:9f:54:d7:01:b8:48:f1:08:51:bf:fc:81:57:d2:1b:3e: e0:78:bf:6c:43:a9:28:65:c3:bd:e0:b3:c6:30:78:20:31:43: 80:18:7a:a2:8c:42:e6:fc:97:ef:19:30:2d:4e:94:7e:6f:99: f7:fa:66:5e:5a:5f:79:d4:ac:eb:db:9d:1c:13:67:a2:a6:67: b4:33:62:68:45:db:64:90:12:3e:0d:fb:9d:1d:18:38:af:62: 52:15:55:94:d8:28:69:9d:43:ed:5f:ef:50:5c:d0:72:bb:3b: f3:fe:1d:18:e3:09:69:f0:f6:d5:3a:6f:67:b8:1e:c6:44:2e: 25:70:da:24:5d:81:b8:c9:ae:c4:18:94:b1:9d:16:65:25:92: 5b:41:de:9c:4c:b5:e6:e7:8a:53:ba:8d:50:75:6d:8c:1c:cc: 53:85:11:34:7d:da:9c:b2:60:be:40:b9:e3:cd:eb:55:f2:a0: c4:de:e2:95:30:ec:7e:8f:18:3f:9d:4c:7b:cf:73:1a:bd:b1: dc:1a:42:1d:6e:32:dd:19:3a:83:f0:05:61:b0:a2:13:78:b5: 51:e0:8d:c0:41:43:35:a1:20:24:16:42:73:64:77:67:9f:0c: c9:d0:2f:f6:83:74:d7:f9:9e:e8:61:81:27:d5:19:c2:25:74: f5:f5:00:ef -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHfcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTA0MjEw NzU0NTZaFw0yNjA0MDkwNjQxMDhaMDMxMTAvBgNVBAMTKDJDNkNDQkQ1RDE0NDcy MEM3NjFFRjhEMTlDNzY1NDExQUE4Q0QxQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGqokL3U7ebCYLLg/Au3eGeVFV4b56fLrUZkslAwygZKjMcMSN ggo6vdB4GoZQfVUKSe21OQaTybPz46N1bUUZU6QOeGqo04aK3uD1beP/5FMb2kUX bbz9K5aJhJmR1ov7JKgvTmBoJMQ9FGSAe57z7ZeADJPO/SW8A4ACdGDUniwsMlBz jAYhENYMXgSyFjBgoK/SkdLpi0JgiCWy4hJ82jnQAKdCRlBTnznB/eMZ7jGQqpe2 6XVjdJu5zduP8WnyN0FVhIDvLbA1NG0BB8Tsv8QFtYw2eeemwrYlO/bSx97s2mET PDueEN5Sn4BvKkntmu46dyxYqDhnHYIjwn9pAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULGzL1dFEcgx2HvjRnHZUEaqM0a0wHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvTEd6TDFkRkVjZ3gy SHZqUm5IWlVFYXFNMGEwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdaODANBgkqhkiG9w0BAQsFAAOCAQEAjAOfVNcBuEjxCFG//IFX0hs+4Hi/ bEOpKGXDveCzxjB4IDFDgBh6ooxC5vyX7xkwLU6Ufm+Z9/pmXlpfedSs69udHBNn oqZntDNiaEXbZJASPg37nR0YOK9iUhVVlNgoaZ1D7V/vUFzQcrs78/4dGOMJafD2 1TpvZ7gexkQuJXDaJF2BuMmuxBiUsZ0WZSWSW0HenEy15ueKU7qNUHVtjBzMU4UR NH3anLJgvkC5483rVfKgxN7ilTDsfo8YP51Me89zGr2x3BpCHW4y3Rk6g/AFYbCi E3i1UeCNwEFDNaEgJBZCc2R3Z58MydAv9oN01/me6GGBJ9UZwiV09fUA7w== -----END CERTIFICATE-----Generated at Sat Apr 26 13:08:54 2025 by rpki-client