$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/8B3ee2zwLOh8s1iFIKMVsnmZuec.roa File: 8B3ee2zwLOh8s1iFIKMVsnmZuec.roa (raw, json) Hash identifier: iJOgEVfcK047KEt3I/W4CB27slTmoT+pHxQgHjtHKwM= Subject key identifier: F0:1D:DE:7B:6C:F0:2C:E8:7C:B3:58:85:20:A3:15:B2:79:99:B9:E7 Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1DA4 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/8B3ee2zwLOh8s1iFIKMVsnmZuec.roa Signing time: Thu 24 Apr 2025 09:10:07 +0000 ROA not before: Thu 24 Apr 2025 09:10:07 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 45110 IP address blocks: 43.254.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7588 (0x1da4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Apr 24 09:10:07 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F01DDE7B6CF02CE87CB3588520A315B27999B9E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:19:6c:7d:34:5e:d9:c1:9f:ea:10:2d:b8:97: e2:ba:b2:4d:f1:ad:b5:11:74:44:77:20:58:e1:d2: 69:e5:2a:e6:3d:1d:18:6f:7b:3a:60:fa:99:0a:02: a7:48:9d:47:e4:0c:92:a4:14:7a:a2:62:f9:3e:43: 87:49:06:e6:1c:48:38:28:e6:60:fb:ec:61:ad:6e: dc:c0:6b:69:ff:fb:27:e7:ab:5a:ca:b7:0c:5d:57: 94:fe:a4:40:cc:45:38:c5:63:10:ea:2a:09:b0:c9: 69:60:f9:3f:46:e9:c4:46:85:66:4a:e9:8b:db:bf: fd:ee:1a:6a:4d:00:c2:8a:41:80:05:bd:ec:56:c2: 2d:e7:ba:52:c4:04:eb:e0:f7:6a:db:51:a0:d0:69: 54:86:3c:22:ce:bd:55:88:4f:21:49:c9:49:37:08: 2a:b4:43:33:d8:32:d0:97:c1:b7:dc:93:d3:d6:f5: 5b:a6:b5:c9:2e:dc:8c:31:93:9c:d7:8c:b9:93:c4: 05:bc:4f:4e:13:bf:ac:43:13:dc:8a:b3:b5:61:f6: a4:02:44:a0:ed:0a:87:09:0a:18:59:c7:23:bc:34: 73:11:7a:b4:84:67:92:63:dd:79:0b:a3:7e:c9:9d: 75:75:7b:c2:61:05:ef:f4:4e:51:7c:5c:19:9e:a6: e1:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:1D:DE:7B:6C:F0:2C:E8:7C:B3:58:85:20:A3:15:B2:79:99:B9:E7 X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/8B3ee2zwLOh8s1iFIKMVsnmZuec.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.229.0/24 Signature Algorithm: sha256WithRSAEncryption 97:16:e6:f5:4d:83:ce:56:09:2f:95:b9:1f:c3:ba:09:49:9c: 14:4d:a9:55:0e:e0:24:79:eb:c9:0c:d0:20:cb:37:37:49:ce: 17:fd:e2:06:fc:b9:48:29:37:c5:16:89:e9:5c:a1:4d:26:01: 43:e3:29:2e:56:9b:08:17:2b:53:04:b2:ce:49:6e:74:ac:d8: e2:f8:95:f6:1a:9f:33:43:f9:cb:be:93:bb:6e:67:bd:8b:a8: eb:44:7f:55:87:5f:02:f7:5f:67:a0:d4:c5:2c:24:24:29:ab: d0:26:3b:ce:7d:c6:5b:a8:ed:bd:2f:e8:40:8b:87:74:9f:5d: d7:bb:82:ef:8e:f4:c8:18:c0:25:da:7c:88:9c:22:4a:90:60: 0f:13:8d:03:36:c9:8a:87:20:08:46:14:c1:b7:6a:78:bc:fb: 76:4a:db:c2:38:76:fa:85:69:54:7b:e5:7c:e3:56:01:e0:02: 66:b0:57:87:3f:51:28:e3:ab:21:98:3d:c9:ee:73:fe:eb:0e: cd:9f:17:21:04:0f:bf:70:a6:fc:2e:f6:e5:f9:af:5c:de:43: f5:18:38:9a:bc:93:e7:0f:45:99:71:cf:a0:d4:9f:87:d4:5b: a9:6a:83:5e:4f:b5:71:52:a1:1c:b3:d0:85:c0:e4:f6:e3:9c: 3a:b1:db:49 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA0MjQw OTEwMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYwMURERTdCNkNGMDJD RTg3Q0IzNTg4NTIwQTMxNUIyNzk5OUI5RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2GWx9NF7ZwZ/qEC24l+K6sk3xrbURdER3IFjh0mnlKuY9HRhv ezpg+pkKAqdInUfkDJKkFHqiYvk+Q4dJBuYcSDgo5mD77GGtbtzAa2n/+yfnq1rK twxdV5T+pEDMRTjFYxDqKgmwyWlg+T9G6cRGhWZK6Yvbv/3uGmpNAMKKQYAFvexW wi3nulLEBOvg92rbUaDQaVSGPCLOvVWITyFJyUk3CCq0QzPYMtCXwbfck9PW9Vum tcku3Iwxk5zXjLmTxAW8T04Tv6xDE9yKs7Vh9qQCRKDtCocJChhZxyO8NHMRerSE Z5Jj3XkLo37JnXV1e8JhBe/0TlF8XBmepuE3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU8B3ee2zwLOh8s1iFIKMVsnmZuecwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxLzhCM2VlMnp3TE9oOHMx aUZJS01Wc25tWnVlYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/uUwDQYJKoZIhvcNAQELBQADggEBAJcW5vVNg85WCS+VuR/DuglJnBRNqVUO 4CR568kM0CDLNzdJzhf94gb8uUgpN8UWielcoU0mAUPjKS5WmwgXK1MEss5JbnSs 2OL4lfYanzND+cu+k7tuZ72LqOtEf1WHXwL3X2eg1MUsJCQpq9AmO859xluo7b0v 6ECLh3SfXde7gu+O9MgYwCXafIicIkqQYA8TjQM2yYqHIAhGFMG3ani8+3ZK28I4 dvqFaVR75XzjVgHgAmawV4c/USjjqyGYPcnuc/7rDs2fFyEED79wpvwu9uX5r1ze Q/UYOJq8k+cPRZlxz6DUn4fUW6lqg15PtXFSoRyz0IXA5PbjnDqx20k= -----END CERTIFICATE-----Generated at Sat Apr 26 15:07:39 2025 by rpki-client