$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/2VSJXBw1DlaA60bwgPxm1cv8GdI.roa File: 2VSJXBw1DlaA60bwgPxm1cv8GdI.roa (raw, json) Hash identifier: 3Jnqysnp98kQsNIlhC3H4viLRR0BegKf4veuRJusQc4= Subject key identifier: D9:54:89:5C:1C:35:0E:56:80:EB:46:F0:80:FC:66:D5:CB:FC:19:D2 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 305A Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/2VSJXBw1DlaA60bwgPxm1cv8GdI.roa Signing time: Sun 30 Mar 2025 19:58:18 +0000 ROA not before: Sun 30 Mar 2025 19:58:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4816 IP address blocks: 103.44.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12378 (0x305a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 30 19:58:18 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D954895C1C350E5680EB46F080FC66D5CBFC19D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b8:88:41:96:bb:1b:f9:8e:52:96:23:f6:b3: 49:bf:f3:5b:a3:8d:46:8b:bf:a6:37:f2:18:ed:1f: 29:63:70:99:73:fa:32:d4:8f:f1:e8:c1:8b:9d:60: e0:3e:92:29:75:7a:ce:5e:84:b2:0a:b7:56:30:7a: f9:e9:fc:0f:e6:84:20:6d:9c:9f:ef:a0:dc:02:b6: 10:03:2b:cf:47:6c:1f:53:0c:44:55:e3:99:08:57: a4:b2:43:21:63:c7:ea:e0:02:14:64:05:a1:a6:54: e7:4f:99:84:eb:f2:8f:ee:73:94:11:50:cb:bc:24: e7:c6:92:d0:9b:dd:12:65:96:c3:5a:50:34:ed:a8: 60:39:36:80:03:8d:fc:d2:d9:99:25:59:9c:13:5c: 47:d3:c4:c3:3a:fb:1e:1a:fc:00:25:94:c7:ba:f1: e3:a5:2e:98:45:93:cb:30:86:a3:2a:f8:a3:00:85: 51:47:03:0d:65:31:c3:05:95:6f:6a:06:6d:ad:ca: 71:16:18:df:a5:9a:40:2d:d0:1d:b6:16:99:d7:74: d8:51:31:9e:84:9d:ff:78:11:97:43:02:23:3a:ca: f7:0d:b2:b0:4c:81:85:d8:9c:99:ce:7c:23:d3:2c: d7:19:f7:10:63:ce:6a:5d:dd:a5:ac:36:ce:a7:52: 28:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:54:89:5C:1C:35:0E:56:80:EB:46:F0:80:FC:66:D5:CB:FC:19:D2 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/2VSJXBw1DlaA60bwgPxm1cv8GdI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.44.240.0/20 Signature Algorithm: sha256WithRSAEncryption 33:ee:0f:a1:0b:51:6e:ed:bf:ee:03:32:7e:04:99:d2:db:81: 6a:fc:d7:33:07:2f:6f:d0:32:9e:29:4d:0e:ff:9b:e4:d0:f8: 12:69:00:6e:ad:4c:cd:c7:0f:fb:f0:b1:ff:cc:b9:b0:53:f7: 17:f3:a5:43:f4:34:e0:ed:1a:e6:8d:65:d5:4c:fd:ee:8a:98: fc:79:e6:5b:93:73:76:b6:24:05:17:52:9d:5b:c3:a7:4f:e9: da:0e:3e:cc:97:75:74:9b:97:44:7f:a0:5e:8b:c1:fc:0a:06: bf:35:6f:ed:0f:52:78:f6:ef:ff:6d:9f:be:c0:bb:c0:9c:51: b3:93:e6:68:95:1f:d2:29:fd:00:b9:1a:14:be:00:23:56:4e: ce:cd:7a:24:41:4c:48:22:4b:a6:cc:f7:aa:88:d6:74:29:41: 18:97:6c:49:da:de:3b:41:92:12:19:4e:37:07:53:a5:b9:52: 8e:1a:70:41:88:83:9b:de:5f:dc:5d:fd:e9:92:61:3a:c9:86: 0e:58:c1:81:5e:8a:f6:48:16:12:73:1b:78:26:5f:3f:3c:ef: 87:fb:e6:2f:8e:51:98:eb:27:a8:92:7d:72:c9:df:a0:1e:ea: cc:b1:f3:36:a5:0b:e6:37:11:8d:ad:0c:01:41:de:1e:df:04: a3:66:f3:49 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICMFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAzMzAx OTU4MThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ5NTQ4OTVDMUMzNTBF NTY4MEVCNDZGMDgwRkM2NkQ1Q0JGQzE5RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5uIhBlrsb+Y5SliP2s0m/81ujjUaLv6Y38hjtHyljcJlz+jLU j/HowYudYOA+kil1es5ehLIKt1Ywevnp/A/mhCBtnJ/voNwCthADK89HbB9TDERV 45kIV6SyQyFjx+rgAhRkBaGmVOdPmYTr8o/uc5QRUMu8JOfGktCb3RJllsNaUDTt qGA5NoADjfzS2ZklWZwTXEfTxMM6+x4a/AAllMe68eOlLphFk8swhqMq+KMAhVFH Aw1lMcMFlW9qBm2tynEWGN+lmkAt0B22FpnXdNhRMZ6Enf94EZdDAiM6yvcNsrBM gYXYnJnOfCPTLNcZ9xBjzmpd3aWsNs6nUijzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2VSJXBw1DlaA60bwgPxm1cv8GdIwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvMlZTSlhCdzFEbGFB NjBid2dQeG0xY3Y4R2RJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBGcs8DANBgkqhkiG9w0BAQsFAAOCAQEAM+4PoQtRbu2/7gMyfgSZ0tuBavzX Mwcvb9AynilNDv+b5ND4EmkAbq1MzccP+/Cx/8y5sFP3F/OlQ/Q04O0a5o1l1Uz9 7oqY/HnmW5NzdrYkBRdSnVvDp0/p2g4+zJd1dJuXRH+gXovB/AoGvzVv7Q9SePbv /22fvsC7wJxRs5PmaJUf0in9ALkaFL4AI1ZOzs16JEFMSCJLpsz3qojWdClBGJds SdreO0GSEhlONwdTpblSjhpwQYiDm95f3F396ZJhOsmGDljBgV6K9kgWEnMbeCZf Pzzvh/vmL45RmOsnqJJ9csnfoB7qzLHzNqUL5jcRja0MAUHeHt8Eo2bzSQ== -----END CERTIFICATE-----Generated at Sat Apr 26 15:13:01 2025 by rpki-client