$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/pz76TCk7H2wZdRts-v6maSBGQ8U.roa File: pz76TCk7H2wZdRts-v6maSBGQ8U.roa (raw, json) Hash identifier: K3HUiDbVrYBIfzs+mzByHwCzFokHC+XMNvlObDassGU= Subject key identifier: A7:3E:FA:4C:29:3B:1F:6C:19:75:1B:6C:FA:FE:A6:69:20:46:43:C5 Certificate issuer: /CN=49449B46CAECE75D1C558061394DB402B6D009BE Certificate serial: 1DF8 Authority key identifier: 49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/pz76TCk7H2wZdRts-v6maSBGQ8U.roa Signing time: Mon 21 Apr 2025 07:54:57 +0000 ROA not before: Mon 21 Apr 2025 07:54:57 +0000 ROA not after: Thu 09 Apr 2026 06:41:08 +0000 asID: 63689 IP address blocks: 103.90.56.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:37:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7672 (0x1df8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49449B46CAECE75D1C558061394DB402B6D009BE Validity Not Before: Apr 21 07:54:57 2025 GMT Not After : Apr 9 06:41:08 2026 GMT Subject: CN=A73EFA4C293B1F6C19751B6CFAFEA669204643C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:28:b6:f8:35:1d:01:b5:d5:14:da:ea:ee:40: 10:91:4c:e9:34:6b:5e:29:fb:ad:45:2e:e4:7a:20: 3a:2e:30:19:46:58:73:18:2d:97:da:a0:e8:28:8e: b1:ee:6a:af:f7:d8:1c:13:73:8a:bf:3f:fd:51:ae: de:37:9e:d1:2f:06:f9:50:ab:af:6b:18:65:3b:5a: c0:22:be:35:fe:09:b3:36:cf:73:33:56:7f:91:81: aa:fc:9c:3d:0b:81:94:ee:00:16:67:15:9b:22:bb: d0:34:39:b8:bd:d0:e4:38:65:4d:53:30:62:80:9e: 66:79:45:b0:a6:a5:cc:a0:5b:4f:c8:e7:95:28:27: df:f1:04:6d:2c:5b:52:c2:2d:15:f7:81:ca:1e:de: 90:2e:12:4c:67:53:5f:99:f5:41:f8:ef:85:d6:45: 6e:ad:cd:7d:3f:b1:3b:fc:50:8c:2c:21:81:9a:44: a3:8c:37:6f:29:67:f2:66:8d:f5:79:2b:a7:82:18: 15:ba:73:7a:62:41:bf:19:d3:89:af:20:3e:00:45: 72:5b:5c:d4:a4:a2:76:4e:79:de:b4:f6:57:8a:46: 35:fd:f0:70:50:d7:51:78:48:9d:d6:a0:97:52:53: 6a:3f:74:46:ce:4a:57:76:3d:69:4a:d3:c7:d5:68: 4b:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:3E:FA:4C:29:3B:1F:6C:19:75:1B:6C:FA:FE:A6:69:20:46:43:C5 X509v3 Authority Key Identifier: keyid:49:44:9B:46:CA:EC:E7:5D:1C:55:80:61:39:4D:B4:02:B6:D0:09:BE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/SUSbRsrs510cVYBhOU20ArbQCb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SUSbRsrs510cVYBhOU20ArbQCb4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/pz76TCk7H2wZdRts-v6maSBGQ8U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.90.56.0/23 Signature Algorithm: sha256WithRSAEncryption 2e:fc:13:dd:be:90:d1:a5:77:43:93:96:fc:6a:ba:84:46:a2: 33:c5:ce:05:cb:9d:f1:d9:1d:cb:64:5c:53:53:d2:87:0b:11: ea:30:c4:d7:19:42:81:97:84:1f:80:7d:83:87:4f:e5:fa:5c: 26:3c:f7:31:3c:1f:18:57:f3:2a:6e:c0:54:06:0b:af:04:83: 46:f5:18:1f:a8:1a:5d:b6:29:a2:6b:0a:71:72:5b:84:80:8c: 68:db:05:1d:0d:70:16:60:75:7d:b8:31:a4:38:7d:82:43:6f: 79:e6:bc:f9:ba:08:52:11:9d:27:af:1d:7c:a8:bc:2b:8e:2f: fa:2b:28:46:9a:51:08:34:4d:01:ee:56:16:5e:1e:41:69:43: c2:ce:b1:cb:b5:43:d8:33:9e:67:11:91:b8:0e:7c:00:14:9c: 88:0a:97:e9:b6:c8:27:b8:e8:9d:d8:71:8c:d8:2c:b5:1b:fb: 40:fc:b1:ae:81:8c:c4:90:1c:50:72:18:35:e0:36:73:df:ba: 0e:ca:d1:ee:a5:53:15:37:ca:b7:89:4a:0a:df:21:74:4e:1d: 76:02:30:7c:f1:e7:1c:30:b0:28:6e:d2:d0:e0:10:d8:36:0c: 83:0b:d9:1b:7a:5d:21:95:5e:10:b2:72:05:45:60:a6:51:34: 9c:6f:32:4c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDk0 NDlCNDZDQUVDRTc1RDFDNTU4MDYxMzk0REI0MDJCNkQwMDlCRTAeFw0yNTA0MjEw NzU0NTdaFw0yNjA0MDkwNjQxMDhaMDMxMTAvBgNVBAMTKEE3M0VGQTRDMjkzQjFG NkMxOTc1MUI2Q0ZBRkVBNjY5MjA0NjQzQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0KLb4NR0BtdUU2uruQBCRTOk0a14p+61FLuR6IDouMBlGWHMY LZfaoOgojrHuaq/32BwTc4q/P/1Rrt43ntEvBvlQq69rGGU7WsAivjX+CbM2z3Mz Vn+Rgar8nD0LgZTuABZnFZsiu9A0Obi90OQ4ZU1TMGKAnmZ5RbCmpcygW0/I55Uo J9/xBG0sW1LCLRX3gcoe3pAuEkxnU1+Z9UH474XWRW6tzX0/sTv8UIwsIYGaRKOM N28pZ/JmjfV5K6eCGBW6c3piQb8Z04mvID4ARXJbXNSkonZOed609leKRjX98HBQ 11F4SJ3WoJdSU2o/dEbOSld2PWlK08fVaEtNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUpz76TCk7H2wZdRts+v6maSBGQ8UwHwYDVR0jBBgwFoAUSUSbRsrs510cVYBh OU20ArbQCb4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9TVVNiUnNyczUxMGNWWUJoT1UyMEFyYlFDYjQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NVU2JSc3JzNTEwY1ZZQmhPVTIwQXJiUUNiNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvcHo3NlRDazdIMnda ZFJ0cy12Nm1hU0JHUThVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdaODANBgkqhkiG9w0BAQsFAAOCAQEALvwT3b6Q0aV3Q5OW/Gq6hEaiM8XO Bcud8dkdy2RcU1PShwsR6jDE1xlCgZeEH4B9g4dP5fpcJjz3MTwfGFfzKm7AVAYL rwSDRvUYH6gaXbYpomsKcXJbhICMaNsFHQ1wFmB1fbgxpDh9gkNveea8+boIUhGd J68dfKi8K44v+isoRppRCDRNAe5WFl4eQWlDws6xy7VD2DOeZxGRuA58ABSciAqX 6bbIJ7jondhxjNgstRv7QPyxroGMxJAcUHIYNeA2c9+6DsrR7qVTFTfKt4lKCt8h dE4ddgIwfPHnHDCwKG7S0OAQ2DYMgwvZG3pdIZVeELJyBUVgplE0nG8yTA== -----END CERTIFICATE-----Generated at Sat Apr 26 15:24:26 2025 by rpki-client