$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/i1vcqehnPWMsGkHyBt_JD5k4A6s.roa File: i1vcqehnPWMsGkHyBt_JD5k4A6s.roa (raw, json) Hash identifier: 7Vby9l7O2UfOHc1jCfza0GDpjmXF68GhT4vaR2Ve+lE= Subject key identifier: 8B:5B:DC:A9:E8:67:3D:63:2C:1A:41:F2:06:DF:C9:0F:99:38:03:AB Certificate issuer: /CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Certificate serial: 1D84 Authority key identifier: 7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/i1vcqehnPWMsGkHyBt_JD5k4A6s.roa Signing time: Wed 09 Apr 2025 07:08:35 +0000 ROA not before: Wed 09 Apr 2025 07:08:35 +0000 ROA not after: Thu 09 Apr 2026 06:40:34 +0000 asID: 56002 IP address blocks: 103.12.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7556 (0x1d84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Validity Not Before: Apr 9 07:08:35 2025 GMT Not After : Apr 9 06:40:34 2026 GMT Subject: CN=8B5BDCA9E8673D632C1A41F206DFC90F993803AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c1:7f:32:5f:0a:02:8a:f3:2f:dc:af:52:fd: c6:f2:78:0a:f2:db:84:5b:d2:d7:59:7d:9a:d1:64: 92:a9:67:a3:2c:51:89:01:69:f8:5b:58:39:55:d7: 58:9e:a2:9a:e8:9c:5e:7a:f9:8e:b4:41:2e:c4:78: b2:69:e2:d9:ac:d5:7d:20:77:5e:73:6e:78:6e:36: 27:1c:e3:13:0b:ac:9c:10:5d:0e:6e:be:8a:88:fd: 49:e5:75:fe:99:61:ac:7c:16:69:82:ab:9a:5e:6c: 5e:6d:a5:4d:ad:8e:33:97:0d:a6:6d:5d:54:87:24: d4:96:39:6e:53:2a:bb:fb:af:5a:86:ac:7f:0f:69: 52:4f:3a:f3:78:34:7e:9d:34:90:54:b4:5b:4c:35: 90:ca:9f:82:0a:71:27:de:42:7f:ce:1b:e7:9b:39: 5a:5d:38:c0:7f:c3:34:c5:91:4e:a4:6d:f7:5a:6c: 7a:f2:bf:2c:6d:42:25:a2:15:6d:74:15:4d:63:bb: fd:ee:c0:7b:69:c6:a1:f7:b0:c2:2d:96:7e:da:cb: ab:1a:4f:46:fd:ed:f0:72:dd:ed:01:74:d8:f3:b8: 94:40:a0:9d:69:4f:3d:75:1d:02:0c:f9:c6:51:dc: 9e:49:85:be:60:6e:d3:80:e2:40:d5:27:3a:57:c5: 74:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:5B:DC:A9:E8:67:3D:63:2C:1A:41:F2:06:DF:C9:0F:99:38:03:AB X509v3 Authority Key Identifier: keyid:7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/i1vcqehnPWMsGkHyBt_JD5k4A6s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.12.235.0/24 Signature Algorithm: sha256WithRSAEncryption 47:8e:79:cd:76:e4:1c:ec:6c:75:ec:4a:c3:c2:ca:88:be:f8: 04:c8:b2:a0:8d:dd:9e:ef:eb:d8:1f:a3:da:96:83:56:c9:a6: 78:1f:19:8b:da:6e:06:af:aa:7c:da:11:23:89:f9:16:a3:e5: 02:74:27:e1:7a:5e:00:de:ce:13:03:22:1c:aa:b2:e2:53:0c: 84:aa:69:bc:fc:42:04:cc:39:44:b7:4a:90:65:c2:8b:dd:a8: b2:42:b4:1e:30:33:bf:bd:b5:07:f5:c3:ac:51:f7:f9:2e:77: 22:b4:5a:94:59:bc:a3:23:4b:f3:e3:6c:96:29:43:b0:fa:a7: f2:91:6a:20:a2:42:ea:df:6f:03:6e:8b:98:11:c2:cd:08:af: ce:d1:73:04:25:39:9f:15:37:c7:fd:f8:88:cd:9c:bf:22:36: 7c:4f:21:90:73:9b:1d:bf:3d:37:b9:8d:0c:77:8d:ef:e3:fd: df:09:0a:12:e1:19:7b:b0:5f:6d:f8:cb:58:87:98:6c:36:79: 01:06:0d:6d:52:c6:2a:75:74:ec:d8:50:65:b5:f7:b7:81:56: cf:6a:ae:47:34:09:9c:9b:2b:a2:ce:c1:c2:e6:78:2a:a5:d2: 25:2f:0d:9d:29:bf:6b:be:b0:c3:b4:a2:3f:56:95:ca:6c:c5: 4f:f7:8c:bb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0U0 MEFFOTAwMTAwRTJCOTdCMzFDRTAwNjkwMkYzMUU3RDFEMkFGMjAeFw0yNTA0MDkw NzA4MzVaFw0yNjA0MDkwNjQwMzRaMDMxMTAvBgNVBAMTKDhCNUJEQ0E5RTg2NzNE NjMyQzFBNDFGMjA2REZDOTBGOTkzODAzQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrwX8yXwoCivMv3K9S/cbyeAry24Rb0tdZfZrRZJKpZ6MsUYkB afhbWDlV11ieopronF56+Y60QS7EeLJp4tms1X0gd15zbnhuNicc4xMLrJwQXQ5u voqI/Unldf6ZYax8FmmCq5pebF5tpU2tjjOXDaZtXVSHJNSWOW5TKrv7r1qGrH8P aVJPOvN4NH6dNJBUtFtMNZDKn4IKcSfeQn/OG+ebOVpdOMB/wzTFkU6kbfdabHry vyxtQiWiFW10FU1ju/3uwHtpxqH3sMItln7ay6saT0b97fBy3e0BdNjzuJRAoJ1p Tz11HQIM+cZR3J5Jhb5gbtOA4kDVJzpXxXT7AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUi1vcqehnPWMsGkHyBt/JD5k4A6swHwYDVR0jBBgwFoAUfkCukAEA4rl7Mc4A aQLzHn0dKvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3 L2ZrQ3VrQUVBNHJsN01jNEFhUUx6SG4wZEt2SS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZmtDdWtBRUE0cmw3TWM0QWFRTHpIbjBkS3ZJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L2kxdmNxZWhuUFdNc0dr SHlCdF9KRDVrNEE2cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnDOswDQYJKoZIhvcNAQELBQADggEBAEeOec125BzsbHXsSsPCyoi++ATIsqCN 3Z7v69gfo9qWg1bJpngfGYvabgavqnzaESOJ+Raj5QJ0J+F6XgDezhMDIhyqsuJT DISqabz8QgTMOUS3SpBlwovdqLJCtB4wM7+9tQf1w6xR9/kudyK0WpRZvKMjS/Pj bJYpQ7D6p/KRaiCiQurfbwNui5gRws0Ir87RcwQlOZ8VN8f9+IjNnL8iNnxPIZBz mx2/PTe5jQx3je/j/d8JChLhGXuwX234y1iHmGw2eQEGDW1Sxip1dOzYUGW197eB Vs9qrkc0CZybK6LOwcLmeCql0iUvDZ0pv2u+sMO0oj9WlcpsxU/3jLs= -----END CERTIFICATE-----Generated at Sat Apr 26 15:24:20 2025 by rpki-client