$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/HYC2xe1ZSZQjXGa4r-0mXSPDHc4.roa File: HYC2xe1ZSZQjXGa4r-0mXSPDHc4.roa (raw, json) Hash identifier: g+Pp+4TjYRX7JcCX7XO+o2aSurbcf7YJCYM1qsG5jA8= Subject key identifier: 1D:80:B6:C5:ED:59:49:94:23:5C:66:B8:AF:ED:26:5D:23:C3:1D:CE Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 0B28 Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/HYC2xe1ZSZQjXGa4r-0mXSPDHc4.roa Signing time: Wed 09 Apr 2025 06:48:13 +0000 ROA not before: Wed 09 Apr 2025 06:48:13 +0000 ROA not after: Thu 09 Apr 2026 06:41:00 +0000 asID: 63567 IP address blocks: 43.247.92.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:38:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2856 (0xb28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: Apr 9 06:48:13 2025 GMT Not After : Apr 9 06:41:00 2026 GMT Subject: CN=1D80B6C5ED594994235C66B8AFED265D23C31DCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:42:91:47:a2:e0:de:c8:75:3f:c7:2c:eb:c8: 2b:a4:ea:46:63:37:05:95:4f:05:8c:b9:31:17:92: ea:09:3f:f4:e8:92:e3:92:f1:dc:8b:f4:ab:2d:46: 1a:90:60:5e:83:83:bf:26:6b:bf:68:b6:4f:dd:c0: bb:7e:0f:09:c7:c3:1e:34:3d:31:2e:b3:5a:8a:9d: 57:9d:84:89:61:d6:09:f6:0f:9b:1d:74:95:84:9d: 27:85:bd:79:20:94:b5:f4:d2:c6:96:e3:c6:da:08: 15:f1:d5:ec:fb:f0:a4:5b:f4:8f:18:f3:53:ee:e7: 3a:c4:18:19:94:12:47:9f:c1:09:20:e8:a3:4e:f8: 3b:24:86:cf:df:a2:85:09:09:9e:07:98:3a:8f:b9: 85:4a:4d:bd:3a:5d:70:9c:91:45:82:ba:13:97:29: 8e:c5:2b:0f:1b:28:b2:78:2e:e1:20:9e:2d:34:99: 92:a4:92:3e:8c:2b:b8:b9:76:82:2a:2a:81:45:3f: 2c:b1:34:0d:a2:20:12:98:52:b9:99:d8:fa:76:68: aa:5c:57:c4:ef:2c:bb:67:74:b7:91:c1:12:54:26: 2e:ec:65:5a:f0:97:bd:b1:db:67:21:a4:a3:fc:50: e2:25:e9:2f:77:b4:90:0d:4b:b5:76:9e:d0:80:7e: 76:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:80:B6:C5:ED:59:49:94:23:5C:66:B8:AF:ED:26:5D:23:C3:1D:CE X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/HYC2xe1ZSZQjXGa4r-0mXSPDHc4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.247.92.0/22 Signature Algorithm: sha256WithRSAEncryption ba:88:c2:dc:7f:03:63:93:a5:67:00:a4:ad:9f:d7:90:8a:cb: 00:89:cd:85:fe:4c:9f:a6:d1:2b:3c:db:05:b6:98:8a:79:26: 46:c3:86:cf:b5:5c:55:a3:9a:f7:ab:ab:bf:97:d1:04:58:1c: a7:cf:43:88:a8:ba:4c:ac:be:61:50:75:ce:f6:4a:6f:ee:33: 2f:c9:dc:ac:ab:a3:3f:3c:ff:86:6f:0e:e2:93:11:f8:b9:75: 02:89:a0:97:53:61:55:39:f4:fb:03:37:bf:95:54:1a:25:9b: 6b:05:d9:2b:07:8a:29:48:03:9a:96:54:d7:dd:1a:21:e3:c8: 6c:33:86:86:34:cf:2a:57:dd:06:99:c9:d5:af:b3:48:85:9a: be:b3:49:cd:9c:a9:c4:53:19:fe:36:48:03:1b:b1:e9:6d:89: 38:d8:ea:ea:92:67:ce:70:fa:51:30:b2:cd:5c:37:07:f1:38: ce:57:cd:d8:35:53:80:9c:d1:04:0f:a0:d9:65:86:99:08:8a: 18:78:ad:24:1f:7d:ee:13:e3:ec:a6:94:ca:10:5e:e0:66:4b: 0b:cc:a3:f6:03:dc:38:ad:fb:26:0a:ab:d3:b3:7b:45:1f:89: 7f:7a:84:ae:dc:03:25:5f:45:e6:74:5c:36:bb:80:e2:8b:8a: 23:65:c1:44 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICCygwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA0MDkw NjQ4MTNaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDFEODBCNkM1RUQ1OTQ5 OTQyMzVDNjZCOEFGRUQyNjVEMjNDMzFEQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyQpFHouDeyHU/xyzryCuk6kZjNwWVTwWMuTEXkuoJP/TokuOS 8dyL9KstRhqQYF6Dg78ma79otk/dwLt+DwnHwx40PTEus1qKnVedhIlh1gn2D5sd dJWEnSeFvXkglLX00saW48baCBXx1ez78KRb9I8Y81Pu5zrEGBmUEkefwQkg6KNO +Dskhs/fooUJCZ4HmDqPuYVKTb06XXCckUWCuhOXKY7FKw8bKLJ4LuEgni00mZKk kj6MK7i5doIqKoFFPyyxNA2iIBKYUrmZ2Pp2aKpcV8TvLLtndLeRwRJUJi7sZVrw l72x22chpKP8UOIl6S93tJANS7V2ntCAfnZ3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUHYC2xe1ZSZQjXGa4r+0mXSPDHc4wHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL0hZQzJ4ZTFaU1pRalhH YTRyLTBtWFNQREhjNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr91wwDQYJKoZIhvcNAQELBQADggEBALqIwtx/A2OTpWcApK2f15CKywCJzYX+ TJ+m0Ss82wW2mIp5JkbDhs+1XFWjmverq7+X0QRYHKfPQ4ioukysvmFQdc72Sm/u My/J3Kyroz88/4ZvDuKTEfi5dQKJoJdTYVU59PsDN7+VVBolm2sF2SsHiilIA5qW VNfdGiHjyGwzhoY0zypX3QaZydWvs0iFmr6zSc2cqcRTGf42SAMbseltiTjY6uqS Z85w+lEwss1cNwfxOM5Xzdg1U4Cc0QQPoNllhpkIihh4rSQffe4T4+ymlMoQXuBm SwvMo/YD3Dit+yYKq9Oze0UfiX96hK7cAyVfReZ0XDa7gOKLiiNlwUQ= -----END CERTIFICATE-----Generated at Sat Apr 26 13:05:17 2025 by rpki-client