$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/hWCwekJ-Y4S_C_9D7gZp5Dfs_DQ.roa File: hWCwekJ-Y4S_C_9D7gZp5Dfs_DQ.roa (raw, json) Hash identifier: SZ764DsxRxJySdq2BsRdwX9HmUxMBarMZcYE9UZ4F4A= Subject key identifier: 85:60:B0:7A:42:7E:63:84:BF:0B:FF:43:EE:06:69:E4:37:EC:FC:34 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 161B Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/hWCwekJ-Y4S_C_9D7gZp5Dfs_DQ.roa Signing time: Sun 16 Feb 2025 03:24:11 +0000 ROA not before: Sun 16 Feb 2025 03:24:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4766 IP address blocks: 180.223.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5659 (0x161b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Feb 16 03:24:11 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8560B07A427E6384BF0BFF43EE0669E437ECFC34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:b1:9e:a8:f9:00:2a:b9:06:e7:04:a4:01:ff: 61:03:3e:59:e2:ed:52:0d:0e:11:5a:b4:55:ff:c1: 9f:de:a8:ff:e5:be:8c:a9:5e:9e:1f:f3:2f:4b:75: d9:8f:50:41:4e:fc:c6:9d:50:42:64:b0:c2:7b:05: 65:c3:bf:6e:2b:83:a5:fe:55:6c:c7:66:c3:b7:01: 78:90:05:db:5b:40:fe:a8:a3:d0:88:42:b7:56:cc: 6c:53:78:66:1c:88:a3:2f:63:49:9c:7f:70:41:a0: 2f:42:17:f1:c5:64:93:d6:75:b5:f8:40:0b:33:14: 9a:ab:1b:7c:17:98:54:64:5b:bb:e2:9b:99:c6:62: b5:15:c4:78:3b:38:2f:7a:56:30:54:15:1b:fc:a7: 92:6a:31:b0:53:4f:80:f6:64:cb:83:76:47:82:1b: c1:37:47:f0:21:31:f7:5d:9d:44:2d:51:fa:cd:5b: 51:18:59:7e:e5:9e:f0:b6:4f:c0:b8:a7:ef:dc:6a: f3:1d:d8:8b:1b:43:19:54:1c:20:1a:91:b7:b6:18: ad:28:da:93:20:ee:dd:cb:57:33:de:16:8c:8b:3d: 16:1b:64:39:83:70:b7:fa:22:7a:49:d1:c9:54:86: 95:87:06:8e:24:bc:a4:8d:b2:78:78:b2:3f:27:dc: 3e:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:60:B0:7A:42:7E:63:84:BF:0B:FF:43:EE:06:69:E4:37:EC:FC:34 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/hWCwekJ-Y4S_C_9D7gZp5Dfs_DQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.212.0/22 Signature Algorithm: sha256WithRSAEncryption 8a:ec:f0:91:8f:fe:ca:9c:d2:ed:ba:29:a6:8f:43:a5:b4:e2: 3e:bf:6d:5b:5a:8f:d4:08:4f:d9:eb:c3:d1:d3:3a:d2:50:a8: a5:17:da:55:f0:f7:67:0a:8f:96:eb:e7:d2:da:d0:21:e3:bb: 9d:50:cf:6a:5d:e4:d7:f3:d6:a1:86:53:da:b1:2e:7b:70:53: 44:94:69:1c:32:c4:9c:be:0c:c0:54:ff:14:06:17:25:77:34: 3d:f1:34:40:82:2d:aa:30:8b:6e:73:e0:79:2e:73:92:5c:26: 04:43:93:8f:71:2b:24:a1:40:40:b7:6d:80:f8:41:5a:e7:6d: b5:47:10:9b:be:48:93:c7:32:78:6e:a1:e3:f9:c7:53:cd:b1: da:df:30:f7:b9:4a:8a:26:ea:dd:e0:72:55:9f:b7:bc:45:7e: c7:fb:64:ba:90:7b:e0:b8:b5:ba:37:72:39:ef:62:46:19:e3: 91:e6:60:e5:23:9f:66:71:6f:a0:94:5e:42:99:62:99:53:79: 39:27:46:01:6c:97:a7:47:79:b1:47:ac:c5:44:17:5c:2f:fc: b7:7d:c0:dc:9c:3e:d1:ca:8c:c4:9d:e6:e4:a2:37:22:0d:98: ed:e2:7a:46:a4:6f:28:ae:e2:98:30:89:8c:ea:79:d4:86:b4: d6:46:7e:b9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFhswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAyMTYw MzI0MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg1NjBCMDdBNDI3RTYz ODRCRjBCRkY0M0VFMDY2OUU0MzdFQ0ZDMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzsZ6o+QAquQbnBKQB/2EDPlni7VINDhFatFX/wZ/eqP/lvoyp Xp4f8y9LddmPUEFO/MadUEJksMJ7BWXDv24rg6X+VWzHZsO3AXiQBdtbQP6oo9CI QrdWzGxTeGYciKMvY0mcf3BBoC9CF/HFZJPWdbX4QAszFJqrG3wXmFRkW7vim5nG YrUVxHg7OC96VjBUFRv8p5JqMbBTT4D2ZMuDdkeCG8E3R/AhMfddnUQtUfrNW1EY WX7lnvC2T8C4p+/cavMd2IsbQxlUHCAakbe2GK0o2pMg7t3LVzPeFoyLPRYbZDmD cLf6InpJ0clUhpWHBo4kvKSNsnh4sj8n3D51AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUhWCwekJ+Y4S/C/9D7gZp5Dfs/DQwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvaFdDd2VrSi1ZNFNf Q185RDdnWnA1RGZzX0RRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTf1DANBgkqhkiG9w0BAQsFAAOCAQEAiuzwkY/+ypzS7boppo9DpbTiPr9t W1qP1AhP2evD0dM60lCopRfaVfD3ZwqPluvn0trQIeO7nVDPal3k1/PWoYZT2rEu e3BTRJRpHDLEnL4MwFT/FAYXJXc0PfE0QIItqjCLbnPgeS5zklwmBEOTj3ErJKFA QLdtgPhBWudttUcQm75Ik8cyeG6h4/nHU82x2t8w97lKiibq3eByVZ+3vEV+x/tk upB74Li1ujdyOe9iRhnjkeZg5SOfZnFvoJReQplimVN5OSdGAWyXp0d5sUesxUQX XC/8t33A3Jw+0cqMxJ3m5KI3Ig2Y7eJ6RqRvKK7imDCJjOp51Ia01kZ+uQ== -----END CERTIFICATE-----Generated at Sat Apr 26 15:12:11 2025 by rpki-client