$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/QGJXirDa_e-7g6LKz5GHSBkkK3U.roa File: QGJXirDa_e-7g6LKz5GHSBkkK3U.roa (raw, json) Hash identifier: p6EqQnaUODfRxGSCpoo7w+UDPwWqIb3pQ6lpnUuz+uY= Subject key identifier: 40:62:57:8A:B0:DA:FD:EF:BB:83:A2:CA:CF:91:87:48:19:24:2B:75 Certificate issuer: /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Certificate serial: 0D Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/QGJXirDa_e-7g6LKz5GHSBkkK3U.roa Signing time: Sat 17 May 2025 03:25:47 +0000 ROA not before: Sat 17 May 2025 03:25:47 +0000 ROA not after: Sat 16 May 2026 10:06:17 +0000 asID: 16509 IP address blocks: 43.254.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 04:37:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Validity Not Before: May 17 03:25:47 2025 GMT Not After : May 16 10:06:17 2026 GMT Subject: CN=4062578AB0DAFDEFBB83A2CACF91874819242B75 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:c5:a6:90:6b:0c:30:93:61:15:a4:17:96:a8: f3:8f:d0:2a:bb:c5:0f:62:bb:52:84:d8:52:7c:1c: 02:41:b7:2a:3c:f8:01:72:4f:99:44:70:fd:f7:2b: cd:a8:93:a8:9a:86:5e:fe:d1:8a:25:c7:80:57:f6: 60:eb:b4:f8:e6:9f:b9:59:f1:6b:b6:d7:d2:40:47: 54:2f:15:ec:ac:db:fb:6e:1f:d2:69:7d:5e:98:32: 5f:ae:ed:62:0a:52:dd:34:fa:d1:28:33:1c:7f:8a: eb:c7:f7:f3:3c:04:e4:bc:0e:57:60:d8:d7:76:10: f1:b5:fd:43:65:e8:d6:74:44:6f:67:2d:df:76:cf: 84:5a:83:0e:20:7e:a9:a2:57:ad:3b:be:4b:e9:e6: e8:ca:07:8f:72:76:65:83:24:1c:cc:0a:86:1c:61: d5:31:41:dd:d0:03:47:9a:ca:12:e7:83:06:04:37: a0:70:d7:48:09:56:f3:29:e3:5d:3b:5b:94:f5:ac: 68:0d:a1:f2:b9:0a:c7:7c:bd:54:a1:01:1e:ae:f0: 73:39:2a:39:5b:71:7e:de:75:22:87:7c:9c:cf:06: 1e:18:19:37:7f:57:30:74:dc:4d:fc:68:e8:c4:60: a8:68:fe:29:52:23:10:75:45:47:67:71:2b:34:14: 83:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:62:57:8A:B0:DA:FD:EF:BB:83:A2:CA:CF:91:87:48:19:24:2B:75 X509v3 Authority Key Identifier: keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/QGJXirDa_e-7g6LKz5GHSBkkK3U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.193.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:ee:34:0a:7a:43:48:bf:24:c3:41:ce:e8:45:1c:11:2f:52: f8:64:db:26:8f:1b:e6:ee:0b:2b:50:de:c3:fa:2d:23:37:5e: 15:85:ad:f5:0f:4c:c3:6f:a3:a6:be:2b:06:02:a2:82:b5:c4: 65:d0:ac:bf:4f:8d:3f:10:3e:48:96:d8:21:b6:21:ea:ad:08: 21:02:ee:40:9e:11:45:81:73:0f:78:8d:21:a8:d3:97:cd:71: 7e:83:17:29:08:9d:66:c5:3d:91:62:ae:99:4a:d0:75:fb:75: 65:5a:c1:8b:ef:fd:43:d6:7a:56:c0:38:8b:43:b3:7a:37:81: 44:a8:71:9f:04:11:9b:ec:90:13:d7:51:cc:0b:c8:5e:ad:a4: 1c:7b:15:8d:40:34:1a:2b:9c:ae:a2:37:2f:27:e0:3c:0c:23: b1:fb:80:87:ee:d4:cb:f4:26:65:70:36:81:74:46:2b:10:05: aa:59:22:27:0e:7d:5f:a6:a9:31:26:5c:83:ad:f8:2e:3a:3c: d6:83:95:b0:2b:00:ab:f1:3b:c1:d6:fb:d4:2a:da:db:55:92: 1f:4d:db:22:8b:86:4d:eb:7b:54:fc:a8:fd:6a:96:db:a9:60: b0:61:1f:18:e1:be:01:e9:8c:73:fa:87:c4:87:cb:c9:f5:7d: fd:3c:04:5e -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBREQy NzI2REQ2RkY5RjVBNDU5QUU1QjBBOUVFOEU3RERGQzdGMDdDMB4XDTI1MDUxNzAz MjU0N1oXDTI2MDUxNjEwMDYxN1owMzExMC8GA1UEAxMoNDA2MjU3OEFCMERBRkRF RkJCODNBMkNBQ0Y5MTg3NDgxOTI0MkI3NTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAM7FppBrDDCTYRWkF5ao84/QKrvFD2K7UoTYUnwcAkG3Kjz4AXJP mURw/fcrzaiTqJqGXv7RiiXHgFf2YOu0+OafuVnxa7bX0kBHVC8V7Kzb+24f0ml9 XpgyX67tYgpS3TT60SgzHH+K68f38zwE5LwOV2DY13YQ8bX9Q2Xo1nREb2ct33bP hFqDDiB+qaJXrTu+S+nm6MoHj3J2ZYMkHMwKhhxh1TFB3dADR5rKEueDBgQ3oHDX SAlW8ynjXTtblPWsaA2h8rkKx3y9VKEBHq7wczkqOVtxft51Iod8nM8GHhgZN39X MHTcTfxo6MRgqGj+KVIjEHVFR2dxKzQUg8kCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRAYleKsNr977uDosrPkYdIGSQrdTAfBgNVHSMEGDAWgBSt0nJt1v+fWkWa5bCp 7o5938fwfDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjI4 L3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvcmRKeWJkYl9uMXBGbXVXd3FlNk9mZF9IOEh3LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIyOC9RR0pYaXJEYV9lLTdn NkxLejVHSFNCa2tLM1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAK/7BMA0GCSqGSIb3DQEBCwUAA4IBAQA/7jQKekNIvyTDQc7oRRwRL1L4ZNsm jxvm7gsrUN7D+i0jN14Vha31D0zDb6OmvisGAqKCtcRl0Ky/T40/ED5IltghtiHq rQghAu5AnhFFgXMPeI0hqNOXzXF+gxcpCJ1mxT2RYq6ZStB1+3VlWsGL7/1D1npW wDiLQ7N6N4FEqHGfBBGb7JAT11HMC8heraQcexWNQDQaK5yuojcvJ+A8DCOx+4CH 7tTL9CZlcDaBdEYrEAWqWSInDn1fpqkxJlyDrfguOjzWg5WwKwCr8TvB1vvUKtrb VZIfTdsii4ZN63tU/Kj9apbbqWCwYR8Y4b4B6Yxz+ofEh8vJ9X39PARe -----END CERTIFICATE-----Generated at Sun May 18 03:31:15 2025 by rpki-client