$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/IQ3MBoVNoiKyjgv81qd4k1Fq_ZA.roa File: IQ3MBoVNoiKyjgv81qd4k1Fq_ZA.roa (raw, json) Hash identifier: Q4Zo416Ok8oARcqbnlhpOSGq67Max3Ojni1CpzqUPcM= Subject key identifier: 21:0D:CC:06:85:4D:A2:22:B2:8E:0B:FC:D6:A7:78:93:51:6A:FD:90 Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1DA2 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/IQ3MBoVNoiKyjgv81qd4k1Fq_ZA.roa Signing time: Thu 24 Apr 2025 09:10:06 +0000 ROA not before: Thu 24 Apr 2025 09:10:06 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 45110 IP address blocks: 43.254.228.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7586 (0x1da2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Apr 24 09:10:06 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=210DCC06854DA222B28E0BFCD6A77893516AFD90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:e5:a6:b7:21:5a:79:9d:e6:8a:b5:fd:d6:f6: 57:22:a0:b2:f6:f0:7f:2e:9e:3f:85:c8:e1:38:ac: d7:ec:2b:a3:86:5c:7a:d3:a6:03:cf:6f:b2:8c:86: 81:93:6f:3c:4f:95:20:4f:0d:38:8c:c3:2a:75:1c: 54:bc:f5:49:96:fe:c3:f6:dd:50:fa:9a:5e:92:a6: 86:0d:d6:ea:3d:7e:4d:71:a0:cf:53:83:72:f8:ce: e1:a4:4b:f2:27:d5:e6:37:de:d0:a3:f0:93:a9:5b: b7:12:4a:16:67:53:79:52:36:83:44:01:fd:39:02: d1:c9:50:2d:df:ba:30:45:b1:6c:b2:f9:25:3d:67: 8d:82:5d:54:15:d9:69:da:6b:15:9f:9d:8b:32:02: f0:b3:54:38:7a:64:84:0c:d3:4b:5a:19:e5:71:d6: 72:3a:5b:4c:39:e0:f6:a9:42:85:54:1e:11:a5:05: 0c:16:ea:a3:b1:72:3c:50:72:26:f9:f4:92:81:9b: 82:19:c6:7e:69:fa:b5:93:be:56:cf:41:2c:22:2c: a2:13:86:8d:08:9b:1f:22:3c:6d:ab:a5:77:4b:00: 69:f1:60:c6:a6:3e:54:26:af:79:e3:57:de:7d:73: c3:39:25:b7:bc:05:b9:ba:8c:5e:af:00:ad:42:f8: ee:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:0D:CC:06:85:4D:A2:22:B2:8E:0B:FC:D6:A7:78:93:51:6A:FD:90 X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/IQ3MBoVNoiKyjgv81qd4k1Fq_ZA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.228.0/22 Signature Algorithm: sha256WithRSAEncryption 1c:d2:7e:52:df:e2:db:ed:27:c4:d9:c7:e3:05:83:5d:44:24: 8a:1a:15:fa:8e:d7:42:4c:c6:db:9b:dc:85:b4:a2:a0:90:23: 88:e7:a2:15:55:4b:85:90:19:c3:7c:0d:82:7d:8c:41:a8:b3: b7:8c:87:c1:6b:0b:12:b0:38:91:27:17:7a:44:f5:e8:b3:90: de:44:e2:31:ac:2d:29:cd:cb:cc:f6:0e:68:b2:e6:35:e2:0e: 9f:2d:c9:dd:1c:69:06:61:75:74:3e:10:cb:55:17:c7:23:68: 5f:1a:fe:e4:d1:2e:ac:a9:8d:bb:89:c0:b6:6e:53:ad:e0:a0: f6:d3:d1:0c:3e:6c:7f:5b:1a:14:cb:32:b2:24:a8:69:9a:22: a6:5d:87:54:94:79:9c:06:97:01:6a:aa:dd:47:4e:82:71:87: 6a:f6:a8:4d:c0:26:f4:be:0d:43:84:9f:57:19:ed:f2:7c:ea: 9d:b5:2b:c4:d5:a4:c2:5d:eb:e2:13:33:46:47:e3:35:7a:51: 27:38:6c:f6:d9:f7:60:95:d5:62:82:46:a0:bb:3f:df:7c:cc: d6:8b:db:9c:86:20:0d:1a:e9:49:9d:de:fa:c2:b9:b3:4e:21: 8b:ef:d8:12:88:c6:93:84:1c:61:3f:e1:6d:7f:43:ec:7d:0b: be:25:c4:e7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA0MjQw OTEwMDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIxMERDQzA2ODU0REEy MjJCMjhFMEJGQ0Q2QTc3ODkzNTE2QUZEOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDR5aa3IVp5neaKtf3W9lcioLL28H8unj+FyOE4rNfsK6OGXHrT pgPPb7KMhoGTbzxPlSBPDTiMwyp1HFS89UmW/sP23VD6ml6SpoYN1uo9fk1xoM9T g3L4zuGkS/In1eY33tCj8JOpW7cSShZnU3lSNoNEAf05AtHJUC3fujBFsWyy+SU9 Z42CXVQV2WnaaxWfnYsyAvCzVDh6ZIQM00taGeVx1nI6W0w54PapQoVUHhGlBQwW 6qOxcjxQcib59JKBm4IZxn5p+rWTvlbPQSwiLKITho0Imx8iPG2rpXdLAGnxYMam PlQmr3njV959c8M5Jbe8Bbm6jF6vAK1C+O7fAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUIQ3MBoVNoiKyjgv81qd4k1Fq/ZAwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL0lRM01Cb1ZOb2lLeWpn djgxcWQ0azFGcV9aQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/uQwDQYJKoZIhvcNAQELBQADggEBABzSflLf4tvtJ8TZx+MFg11EJIoaFfqO 10JMxtub3IW0oqCQI4jnohVVS4WQGcN8DYJ9jEGos7eMh8FrCxKwOJEnF3pE9eiz kN5E4jGsLSnNy8z2Dmiy5jXiDp8tyd0caQZhdXQ+EMtVF8cjaF8a/uTRLqypjbuJ wLZuU63goPbT0Qw+bH9bGhTLMrIkqGmaIqZdh1SUeZwGlwFqqt1HToJxh2r2qE3A JvS+DUOEn1cZ7fJ86p21K8TVpMJd6+ITM0ZH4zV6USc4bPbZ92CV1WKCRqC7P998 zNaL25yGIA0a6Umd3vrCubNOIYvv2BKIxpOEHGE/4W1/Q+x9C74lxOc= -----END CERTIFICATE-----Generated at Sat Apr 26 15:28:02 2025 by rpki-client