$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/ql9qcTEflj32Qvouuf74e7XIVH0.roa File: ql9qcTEflj32Qvouuf74e7XIVH0.roa (raw, json) Hash identifier: J5GlJW+RyK4nchWDPsGIHuSYVc8CVW/wpZ54lJLJtnA= Subject key identifier: AA:5F:6A:71:31:1F:96:3D:F6:42:FA:2E:B9:FE:F8:7B:B5:C8:54:7D Certificate issuer: /CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Certificate serial: 1D81 Authority key identifier: 7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/ql9qcTEflj32Qvouuf74e7XIVH0.roa Signing time: Wed 09 Apr 2025 07:08:34 +0000 ROA not before: Wed 09 Apr 2025 07:08:34 +0000 ROA not after: Thu 09 Apr 2026 06:40:34 +0000 asID: 56002 IP address blocks: 103.12.233.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7553 (0x1d81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2 Validity Not Before: Apr 9 07:08:34 2025 GMT Not After : Apr 9 06:40:34 2026 GMT Subject: CN=AA5F6A71311F963DF642FA2EB9FEF87BB5C8547D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:d4:7c:05:c7:4a:5a:3e:d4:7a:45:26:37:4b: be:84:53:03:7d:d4:05:67:73:2c:17:07:c2:22:5a: bd:1e:28:bd:b5:31:72:78:ad:db:76:b6:6e:db:65: ef:56:b0:32:43:47:c6:2c:ed:47:5a:b9:03:84:cf: 64:f2:07:c6:0f:81:a7:8c:b7:04:a3:44:c5:c4:f3: 8c:43:23:ce:0b:b6:0f:9d:bd:0d:a1:3d:e3:35:4c: 51:e3:1f:17:69:46:62:56:0a:35:d0:37:e0:f9:29: c6:1c:00:9c:ec:bd:eb:e8:00:aa:c3:36:a9:5f:24: da:35:80:a1:f7:f3:ca:63:e9:c1:a8:b5:59:ca:68: 7b:6a:d6:ae:c4:65:de:ad:31:37:32:df:37:47:7f: 74:0b:98:2a:b0:28:23:f1:40:f2:72:00:b1:3a:06: d2:f1:73:4b:0c:37:be:bb:7d:34:f1:10:99:64:4e: 45:87:a2:a2:f2:9f:13:b4:3b:f1:36:ea:b7:5e:b1: 5f:42:ac:2b:19:49:17:03:21:bc:4a:1e:31:91:c1: 24:e7:20:fe:5a:7d:d4:2e:a2:7c:f6:d1:0e:5e:68: 6a:db:10:3e:d5:29:0c:79:1e:89:fc:f0:c7:e8:7c: bd:04:6a:27:ba:76:8e:c8:58:97:a7:0c:df:ef:b6: 28:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:5F:6A:71:31:1F:96:3D:F6:42:FA:2E:B9:FE:F8:7B:B5:C8:54:7D X509v3 Authority Key Identifier: keyid:7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/ql9qcTEflj32Qvouuf74e7XIVH0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.12.233.0/24 Signature Algorithm: sha256WithRSAEncryption 82:54:3b:f8:b0:ac:8b:7a:fc:4d:22:80:3b:27:91:98:76:b1: a9:bc:59:d2:7a:9b:1a:cd:c7:50:d4:03:45:b0:26:bb:a7:2f: e4:8f:7e:50:3e:b3:f4:a7:20:6b:9b:2c:79:15:71:31:90:09: 43:4a:fe:c4:3f:c1:74:29:01:f5:7b:4d:ee:88:43:ab:87:e5: 8e:27:6f:8a:c3:b1:52:1c:13:b6:86:4e:36:11:18:8b:8a:7e: 8a:69:20:75:b7:b9:b4:9c:b5:7c:18:be:91:38:31:fe:26:ee: 73:61:2b:c6:0f:05:b9:db:e5:13:1c:39:c4:7c:80:b2:49:67: d1:e7:7e:ab:73:72:64:82:77:45:e7:7b:b2:c7:10:35:61:07: 3a:f1:3f:29:1f:ed:64:a1:94:a2:8a:08:3c:0e:6f:47:26:f7: 4d:df:9c:06:88:8f:4b:3c:05:f9:3a:ec:07:f5:51:e9:8a:7e: 0b:12:cd:ee:43:4d:d6:75:d0:84:39:c9:6b:fb:86:52:a7:7c: 57:84:2f:b4:89:6c:ca:1c:bb:0c:16:67:8f:7c:6d:9b:13:0e: 3c:1d:65:8d:48:96:df:38:c7:61:58:d2:f3:23:4e:72:f3:ab: 62:af:72:bc:d3:c5:bb:54:25:2a:63:40:d7:61:84:8e:4b:3b: 0c:d7:e3:80 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHYEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0U0 MEFFOTAwMTAwRTJCOTdCMzFDRTAwNjkwMkYzMUU3RDFEMkFGMjAeFw0yNTA0MDkw NzA4MzRaFw0yNjA0MDkwNjQwMzRaMDMxMTAvBgNVBAMTKEFBNUY2QTcxMzExRjk2 M0RGNjQyRkEyRUI5RkVGODdCQjVDODU0N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCY1HwFx0paPtR6RSY3S76EUwN91AVncywXB8IiWr0eKL21MXJ4 rdt2tm7bZe9WsDJDR8Ys7UdauQOEz2TyB8YPgaeMtwSjRMXE84xDI84Ltg+dvQ2h PeM1TFHjHxdpRmJWCjXQN+D5KcYcAJzsvevoAKrDNqlfJNo1gKH388pj6cGotVnK aHtq1q7EZd6tMTcy3zdHf3QLmCqwKCPxQPJyALE6BtLxc0sMN767fTTxEJlkTkWH oqLynxO0O/E26rdesV9CrCsZSRcDIbxKHjGRwSTnIP5afdQuonz20Q5eaGrbED7V KQx5Hon88MfofL0Eaie6do7IWJenDN/vtij9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUql9qcTEflj32Qvouuf74e7XIVH0wHwYDVR0jBBgwFoAUfkCukAEA4rl7Mc4A aQLzHn0dKvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3 L2ZrQ3VrQUVBNHJsN01jNEFhUUx6SG4wZEt2SS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZmtDdWtBRUE0cmw3TWM0QWFRTHpIbjBkS3ZJLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L3FsOXFjVEVmbGozMlF2 b3V1Zjc0ZTdYSVZIMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnDOkwDQYJKoZIhvcNAQELBQADggEBAIJUO/iwrIt6/E0igDsnkZh2sam8WdJ6 mxrNx1DUA0WwJrunL+SPflA+s/SnIGubLHkVcTGQCUNK/sQ/wXQpAfV7Te6IQ6uH 5Y4nb4rDsVIcE7aGTjYRGIuKfoppIHW3ubSctXwYvpE4Mf4m7nNhK8YPBbnb5RMc OcR8gLJJZ9HnfqtzcmSCd0Xne7LHEDVhBzrxPykf7WShlKKKCDwOb0cm903fnAaI j0s8Bfk67Af1UemKfgsSze5DTdZ10IQ5yWv7hlKnfFeEL7SJbMocuwwWZ498bZsT DjwdZY1Ilt84x2FY0vMjTnLzq2KvcrzTxbtUJSpjQNdhhI5LOwzX44A= -----END CERTIFICATE-----Generated at Sat Apr 26 15:26:01 2025 by rpki-client