$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa File: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (raw, json) Hash identifier: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU= Subject key identifier: A8:E2:F2:A9:38:0A:2A:0C:51:C7:2C:5E:B8:98:5C:DF:F7:19:19:0E Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672 Certificate serial: 05AB Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa Signing time: Wed 09 Apr 2025 07:08:46 +0000 ROA not before: Wed 09 Apr 2025 07:08:46 +0000 ROA not after: Thu 09 Apr 2026 06:41:32 +0000 asID: 132019 IP address blocks: 103.69.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1451 (0x5ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672 Validity Not Before: Apr 9 07:08:46 2025 GMT Not After : Apr 9 06:41:32 2026 GMT Subject: CN=A8E2F2A9380A2A0C51C72C5EB8985CDFF719190E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:1b:c9:7d:6a:1c:c1:99:d0:be:52:d7:3b:c2: ba:d0:ac:44:c0:00:75:58:a3:4c:50:66:65:97:ef: 53:37:0b:23:ac:db:8a:de:98:b9:4a:2b:e9:d9:44: 06:63:6e:96:fa:eb:0e:d1:6b:da:ef:ea:b2:33:d0: 12:ce:6a:6c:0d:22:d7:fe:cc:fc:5c:e8:92:40:0c: 01:6f:3c:d7:50:9b:1b:0a:6d:d4:7a:5b:11:96:f4: 3d:4d:e9:5d:8e:bd:3f:f1:34:de:29:7a:57:51:53: 4d:15:c1:6a:59:bd:0c:21:f9:b1:24:09:6e:2d:01: 61:87:b6:23:a2:08:50:eb:fe:38:8c:73:cb:f5:09: 26:2c:d8:ed:58:9f:82:db:f9:4a:21:8c:0a:d9:91: b7:82:6c:05:9b:1d:77:6d:27:66:cf:8c:9a:dd:31: a6:05:7b:41:08:b0:29:5c:75:78:41:fa:90:f9:cd: f2:7e:11:4f:7e:2e:b3:43:a2:47:5b:9d:76:e3:16: 3f:d0:b5:f8:e0:22:39:50:53:08:92:a4:d5:86:1e: d9:07:9a:21:e0:34:70:0f:c6:02:f6:32:d8:0e:78: a0:c4:7a:0d:f9:7e:2e:88:86:61:6e:63:8f:e0:55: 02:fa:a4:4d:6d:ab:16:10:8d:f8:65:b5:da:7b:df: 9d:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:E2:F2:A9:38:0A:2A:0C:51:C7:2C:5E:B8:98:5C:DF:F7:19:19:0E X509v3 Authority Key Identifier: keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.69.119.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:7d:73:e3:64:8c:9b:1e:37:d0:16:c1:07:4c:91:cc:2d:30: 6c:ac:a1:93:7d:0f:4e:8c:47:05:b3:98:5a:4e:0a:e3:a7:ca: 7c:3d:9e:55:3b:8b:34:c0:f7:ad:65:30:fa:4c:1d:95:72:cd: 56:47:ae:27:1c:64:74:9b:b6:26:8d:74:57:8c:25:47:b5:7d: bc:cb:af:40:42:38:ba:15:94:cb:93:a7:5c:05:c4:2c:18:54: 1e:ae:73:ee:ee:dc:d7:7b:81:7c:f9:2a:9f:b8:9f:74:da:91: 0c:68:88:eb:e3:0c:23:0e:2e:4f:aa:08:c2:cb:4b:eb:62:1b: a7:34:83:89:97:c0:d0:9f:c2:8e:fe:73:c1:a7:c5:df:52:1e: 9a:3c:e8:b6:c6:0e:d8:0d:a5:60:16:40:69:52:b5:eb:c1:48: c3:92:27:2e:4d:af:a9:da:22:b0:61:84:b4:a6:c3:82:8e:bc: ef:35:11:79:fa:e7:25:79:e8:1e:a4:92:82:70:01:c8:8e:82: 2b:91:c6:8d:be:87:ce:96:75:67:6e:08:7b:7f:36:50:7c:bd: f0:df:a9:62:67:c0:90:f2:2c:80:63:91:e2:a8:63:31:a0:48: 6c:b9:6e:d5:95:f3:2a:61:48:8e:54:ae:d7:65:9f:86:81:86: ba:6d:f6:e3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBaswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTA0MDkw NzA4NDZaFw0yNjA0MDkwNjQxMzJaMDMxMTAvBgNVBAMTKEE4RTJGMkE5MzgwQTJB MEM1MUM3MkM1RUI4OTg1Q0RGRjcxOTE5MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDzG8l9ahzBmdC+Utc7wrrQrETAAHVYo0xQZmWX71M3CyOs24re mLlKK+nZRAZjbpb66w7Ra9rv6rIz0BLOamwNItf+zPxc6JJADAFvPNdQmxsKbdR6 WxGW9D1N6V2OvT/xNN4peldRU00VwWpZvQwh+bEkCW4tAWGHtiOiCFDr/jiMc8v1 CSYs2O1Yn4Lb+UohjArZkbeCbAWbHXdtJ2bPjJrdMaYFe0EIsClcdXhB+pD5zfJ+ EU9+LrNDokdbnXbjFj/QtfjgIjlQUwiSpNWGHtkHmiHgNHAPxgL2MtgOeKDEeg35 fi6IhmFuY4/gVQL6pE1tqxYQjfhltdp7350DAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUqOLyqTgKKgxRxyxeuJhc3/cZGQ4wHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+ iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvcU9MeXFUZ0tLZ3hS eHl4ZXVKaGMzX2NaR1E0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdFdzANBgkqhkiG9w0BAQsFAAOCAQEAf31z42SMmx430BbBB0yRzC0wbKyh k30PToxHBbOYWk4K46fKfD2eVTuLNMD3rWUw+kwdlXLNVkeuJxxkdJu2Jo10V4wl R7V9vMuvQEI4uhWUy5OnXAXELBhUHq5z7u7c13uBfPkqn7ifdNqRDGiI6+MMIw4u T6oIwstL62IbpzSDiZfA0J/Cjv5zwafF31IemjzotsYO2A2lYBZAaVK168FIw5In Lk2vqdoisGGEtKbDgo687zURefrnJXnoHqSSgnAByI6CK5HGjb6HzpZ1Z24Ie382 UHy98N+pYmfAkPIsgGOR4qhjMaBIbLlu1ZXzKmFIjlSu12WfhoGGum324w== -----END CERTIFICATE-----Generated at Sat Apr 26 14:31:37 2025 by rpki-client