$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/4DB6b8uYtZlt1s-s0_Kj8Gd-4Qk.roa File: 4DB6b8uYtZlt1s-s0_Kj8Gd-4Qk.roa (raw, json) Hash identifier: SQKRUUQXTT1pPzXIPeZ5Tyb7WMo6EbNpgE1vC8RTOo8= Subject key identifier: E0:30:7A:6F:CB:98:B5:99:6D:D6:CF:AC:D3:F2:A3:F0:67:7E:E1:09 Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1DA8 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/4DB6b8uYtZlt1s-s0_Kj8Gd-4Qk.roa Signing time: Thu 24 Apr 2025 09:10:08 +0000 ROA not before: Thu 24 Apr 2025 09:10:08 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 45110 IP address blocks: 103.200.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7592 (0x1da8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Apr 24 09:10:08 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=E0307A6FCB98B5996DD6CFACD3F2A3F0677EE109 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:18:9b:80:2a:ef:e8:fd:27:eb:f0:1c:34:7c: 54:a9:9c:62:24:c0:eb:dd:54:d5:c6:fa:04:bb:c0: 67:fe:92:13:4b:2d:bf:0c:a0:28:e1:2d:27:86:34: 7d:d5:62:13:64:ce:c4:99:59:57:7e:bf:9e:37:11: 60:74:d4:6b:7b:96:55:34:a5:7d:89:a5:b6:b1:82: ec:6e:3d:ad:76:0c:00:41:a2:41:a2:f7:35:d3:c2: 50:7c:b8:d4:c8:d3:13:98:4c:87:73:30:5f:53:a0: 99:98:be:74:3f:76:9c:cb:0f:a3:44:c8:aa:08:fd: be:07:9d:7f:4e:86:f6:d6:32:78:24:44:e5:f6:ca: 45:41:65:a7:95:48:08:06:fe:01:9a:a5:1e:d3:e1: a9:02:7e:da:35:d1:be:b2:1f:68:e1:36:e3:86:9b: 9e:c3:67:b3:8f:27:df:26:66:a2:f4:ae:96:92:31: 3b:fd:0a:6e:02:07:10:75:87:29:2b:3b:01:0a:39: 3d:00:77:b3:0d:1f:e4:6e:5b:17:02:df:86:39:fa: f9:a7:19:e9:d7:e0:fc:f9:f1:87:6e:37:2d:26:aa: c9:18:c5:4d:f4:a3:f9:50:7d:45:39:07:7e:52:fe: 70:1f:8f:90:c2:26:64:ba:3b:a7:41:e2:e0:6b:79: b7:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:30:7A:6F:CB:98:B5:99:6D:D6:CF:AC:D3:F2:A3:F0:67:7E:E1:09 X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/4DB6b8uYtZlt1s-s0_Kj8Gd-4Qk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.200.220.0/22 Signature Algorithm: sha256WithRSAEncryption 68:39:7a:2f:b9:e4:f7:9d:f2:c3:44:30:56:de:54:cd:3c:d1: ec:d8:ec:cc:bf:43:0e:8e:79:1d:16:30:ac:25:78:98:d6:e0: 07:a3:ad:e4:2c:2e:d7:d8:df:e2:3b:a5:8d:4c:f4:e0:13:25: 72:22:1c:ad:cb:2c:94:c5:88:53:c3:11:3b:d9:65:10:54:b4: 96:e9:aa:35:f9:e7:65:ca:fc:b0:23:a7:91:d5:4d:af:03:10: 9b:38:29:3f:2a:6b:1d:b9:08:14:da:79:30:5a:98:19:99:4c: 00:39:ae:68:25:90:ba:94:75:aa:7c:4c:d4:b8:28:d5:7f:37: 57:a6:25:6e:fe:34:69:f2:36:73:1b:46:09:f7:f5:fc:9f:e0: 1b:de:cf:0d:f5:d5:37:a6:97:63:5a:ab:1d:00:25:2f:10:c6: 56:55:d9:59:0a:d1:8b:ba:42:e4:64:13:89:2d:a9:fd:8f:71: de:89:fa:0b:3a:f7:26:af:8e:10:46:8b:38:65:06:85:7e:e9: 0f:ef:a5:14:4c:44:75:de:5a:88:41:00:5c:a2:95:e0:a3:8e: 96:58:77:03:c0:52:1b:d7:cc:a5:74:c0:be:37:a3:72:5d:be: 03:7e:8d:9f:09:61:e4:b6:97:84:50:77:18:5b:3e:e0:52:3d: da:72:56:0a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA0MjQw OTEwMDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEUwMzA3QTZGQ0I5OEI1 OTk2REQ2Q0ZBQ0QzRjJBM0YwNjc3RUUxMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9GJuAKu/o/Sfr8Bw0fFSpnGIkwOvdVNXG+gS7wGf+khNLLb8M oCjhLSeGNH3VYhNkzsSZWVd+v543EWB01Gt7llU0pX2JpbaxguxuPa12DABBokGi 9zXTwlB8uNTI0xOYTIdzMF9ToJmYvnQ/dpzLD6NEyKoI/b4HnX9OhvbWMngkROX2 ykVBZaeVSAgG/gGapR7T4akCfto10b6yH2jhNuOGm57DZ7OPJ98mZqL0rpaSMTv9 Cm4CBxB1hykrOwEKOT0Ad7MNH+RuWxcC34Y5+vmnGenX4Pz58YduNy0mqskYxU30 o/lQfUU5B35S/nAfj5DCJmS6O6dB4uBrebdRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU4DB6b8uYtZlt1s+s0/Kj8Gd+4QkwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxLzREQjZiOHVZdFpsdDFz LXMwX0tqOEdkLTRRay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnyNwwDQYJKoZIhvcNAQELBQADggEBAGg5ei+55Ped8sNEMFbeVM080ezY7My/ Qw6OeR0WMKwleJjW4AejreQsLtfY3+I7pY1M9OATJXIiHK3LLJTFiFPDETvZZRBU tJbpqjX552XK/LAjp5HVTa8DEJs4KT8qax25CBTaeTBamBmZTAA5rmglkLqUdap8 TNS4KNV/N1emJW7+NGnyNnMbRgn39fyf4Bvezw311Teml2Naqx0AJS8QxlZV2VkK 0Yu6QuRkE4ktqf2Pcd6J+gs69yavjhBGizhlBoV+6Q/vpRRMRHXeWohBAFyileCj jpZYdwPAUhvXzKV0wL43o3JdvgN+jZ8JYeS2l4RQdxhbPuBSPdpyVgo= -----END CERTIFICATE-----Generated at Sat Apr 26 15:25:58 2025 by rpki-client