$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2522/xF_kY5igAZ4pYp7sRgDqMyeVigQ.roa File: xF_kY5igAZ4pYp7sRgDqMyeVigQ.roa (raw, json) Hash identifier: JqA1NDUEHISd0ZMcDg+01lOgp+bGBK0kQMU/tV9LvqA= Subject key identifier: C4:5F:E4:63:98:A0:01:9E:29:62:9E:EC:46:00:EA:33:27:95:8A:04 Certificate issuer: /CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Certificate serial: 1BE2 Authority key identifier: 40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/xF_kY5igAZ4pYp7sRgDqMyeVigQ.roa Signing time: Fri 17 Jan 2025 01:26:52 +0000 ROA not before: Fri 17 Jan 2025 01:26:52 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 131567 IP address blocks: 103.96.8.0/22 maxlen: 24 103.96.8.0/24 maxlen: 24 103.96.9.0/24 maxlen: 24 103.96.10.0/24 maxlen: 24 103.96.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7138 (0x1be2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Validity Not Before: Jan 17 01:26:52 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C45FE46398A0019E29629EEC4600EA3327958A04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7d:7b:61:4e:7b:e7:a9:a7:3a:e3:65:c6:12: 10:15:b0:a0:4c:3f:9c:39:cc:98:52:f6:c9:30:b8: b3:a4:9e:ac:c5:08:57:54:5f:de:19:e3:19:6b:43: a6:1d:47:fc:7a:57:7e:a7:3b:7a:bd:06:6f:ef:13: e1:49:d4:17:61:08:0c:dc:3a:d8:28:b3:40:db:0c: 31:97:09:eb:41:45:ce:57:4b:20:e5:86:d0:9c:c4: 66:44:a6:9d:30:76:1e:cc:ae:04:0e:f4:39:b5:ff: 00:f6:da:5b:cc:57:e2:79:56:1e:cc:20:b2:e0:c7: 9f:16:85:38:81:3b:52:0a:80:8e:ae:e1:d4:1c:35: 9d:9d:63:ef:d8:2f:eb:ce:8e:be:20:39:bc:0b:a0: ba:22:e4:60:b8:27:46:50:d3:12:18:de:b3:e8:b8: 66:f1:05:e3:50:cd:96:e9:a2:07:a4:56:bf:6f:56: 42:72:7c:24:c8:d2:c8:ac:ab:bc:ed:00:8a:18:9d: c2:eb:b4:0f:fe:6a:ac:c8:f6:98:6e:47:43:37:a5: 16:25:1e:bd:d9:1a:03:1b:29:51:a8:9d:25:cb:24: 3d:21:22:2c:78:79:5e:d4:00:d8:c3:23:73:e1:df: 37:70:4f:9b:50:d3:c8:46:e1:b4:42:d5:24:6e:8e: f5:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:5F:E4:63:98:A0:01:9E:29:62:9E:EC:46:00:EA:33:27:95:8A:04 X509v3 Authority Key Identifier: keyid:40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/xF_kY5igAZ4pYp7sRgDqMyeVigQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.96.8.0/22 Signature Algorithm: sha256WithRSAEncryption 5f:c3:2a:68:5e:72:7d:48:03:58:6b:88:d3:a4:22:f2:17:89: dc:6a:cc:1a:d7:ce:d3:6c:8d:17:a7:fb:1e:b9:18:f6:4c:bc: d1:b4:37:c5:5a:17:7d:59:66:95:ea:f1:4e:40:4d:72:4c:89: 39:94:51:58:b3:21:8d:c0:a1:81:f4:57:5c:a0:b2:28:08:90: f6:07:b7:e1:78:90:75:bc:ab:d4:dc:bd:57:5c:8b:37:53:af: 4f:35:cc:2d:73:12:48:f6:58:5d:6b:ac:4d:c0:e5:5a:87:fb: 93:f4:f2:bd:e8:f0:56:75:6c:64:eb:2c:93:db:ce:bf:dd:03: 4f:58:02:9f:ba:2d:24:a2:a6:57:8b:15:62:e3:93:1f:1a:d4: 05:be:ee:4d:d2:7a:8b:9d:db:a9:68:65:db:c0:51:2f:b4:41: 32:1d:ff:bd:5a:28:c3:94:92:c0:a7:29:ec:0f:24:65:f9:69: 8e:03:88:5b:b5:8a:38:fc:21:fc:68:21:40:7c:24:03:0d:72: 27:02:f3:34:a7:5b:7c:a8:b4:6a:c5:c7:b0:a4:4e:0a:0c:08: 3f:b6:e4:b3:e0:36:66:bf:40:b3:29:13:30:b3:8e:aa:e9:50: 0f:ed:94:45:b2:9b:54:5d:7a:f8:63:9e:05:a6:d9:62:f9:b3: fe:52:02:05 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA4 N0RBQjY3MTcyODM2QjA4MjA3NUNFMThCRTVFNUZBNDVENUU5NTAeFw0yNTAxMTcw MTI2NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM0NUZFNDYzOThBMDAx OUUyOTYyOUVFQzQ2MDBFQTMzMjc5NThBMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOfXthTnvnqac642XGEhAVsKBMP5w5zJhS9skwuLOknqzFCFdU X94Z4xlrQ6YdR/x6V36nO3q9Bm/vE+FJ1BdhCAzcOtgos0DbDDGXCetBRc5XSyDl htCcxGZEpp0wdh7MrgQO9Dm1/wD22lvMV+J5Vh7MILLgx58WhTiBO1IKgI6u4dQc NZ2dY+/YL+vOjr4gObwLoLoi5GC4J0ZQ0xIY3rPouGbxBeNQzZbpogekVr9vVkJy fCTI0sisq7ztAIoYncLrtA/+aqzI9phuR0M3pRYlHr3ZGgMbKVGonSXLJD0hIix4 eV7UANjDI3Ph3zdwT5tQ08hG4bRC1SRujvXTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUxF/kY5igAZ4pYp7sRgDqMyeVigQwHwYDVR0jBBgwFoAUQIfatnFyg2sIIHXO GL5eX6RdXpUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy Mi9RSWZhdG5GeWcyc0lJSFhPR0w1ZVg2UmRYcFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1FJZmF0bkZ5ZzJzSUlIWE9HTDVlWDZSZFhwVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjIveEZfa1k1aWdBWjRw WXA3c1JnRHFNeWVWaWdRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdgCDANBgkqhkiG9w0BAQsFAAOCAQEAX8MqaF5yfUgDWGuI06Qi8heJ3GrM GtfO02yNF6f7HrkY9ky80bQ3xVoXfVlmlerxTkBNckyJOZRRWLMhjcChgfRXXKCy KAiQ9ge34XiQdbyr1Ny9V1yLN1OvTzXMLXMSSPZYXWusTcDlWof7k/TyvejwVnVs ZOssk9vOv90DT1gCn7otJKKmV4sVYuOTHxrUBb7uTdJ6i53bqWhl28BRL7RBMh3/ vVoow5SSwKcp7A8kZflpjgOIW7WKOPwh/GghQHwkAw1yJwLzNKdbfKi0asXHsKRO CgwIP7bks+A2Zr9AsykTMLOOqulQD+2URbKbVF16+GOeBabZYvmz/lICBQ== -----END CERTIFICATE-----Generated at Sat Apr 26 15:40:41 2025 by rpki-client