$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/gtRuRxwwUiCOHIWJD1JzwqrjwxI.roa File: gtRuRxwwUiCOHIWJD1JzwqrjwxI.roa (raw, json) Hash identifier: Uuiwwjualgtrbriy02ts61oCZooeze+AJZazJXGuq18= Subject key identifier: 82:D4:6E:47:1C:30:52:20:8E:1C:85:89:0F:52:73:C2:AA:E3:C3:12 Certificate issuer: /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Certificate serial: 0B Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/gtRuRxwwUiCOHIWJD1JzwqrjwxI.roa Signing time: Sat 17 May 2025 03:22:23 +0000 ROA not before: Sat 17 May 2025 03:22:23 +0000 ROA not after: Sat 16 May 2026 10:06:17 +0000 asID: 14618 IP address blocks: 43.254.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 19:07:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11 (0xb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C Validity Not Before: May 17 03:22:23 2025 GMT Not After : May 16 10:06:17 2026 GMT Subject: CN=82D46E471C3052208E1C85890F5273C2AAE3C312 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:18:6c:42:5f:46:25:cf:d2:d5:62:47:37:98: 05:57:c9:59:e8:a2:58:0f:59:83:3d:e9:e1:97:c5: ec:ee:c0:d3:68:0e:62:7a:22:ed:ca:fa:f4:3b:31: d0:7b:3e:f4:c9:41:c6:c3:2b:45:de:ec:88:04:38: 4c:e6:0c:3f:40:5b:58:06:69:83:b6:16:34:f1:63: 37:50:54:d2:04:00:01:77:8c:82:c7:c1:0f:58:21: 7c:50:82:3c:3e:ff:7b:4b:46:c3:bb:0b:c5:e4:c2: 3b:b0:db:eb:83:00:36:d7:d4:41:ef:d9:ba:88:28: 99:66:ff:ed:bf:11:aa:c5:a1:db:77:8a:c6:c4:c6: 80:ec:c2:b3:b2:03:c8:b6:3f:b1:37:06:a0:a2:c7: d4:e0:9d:ff:54:7b:7d:f9:f3:34:3b:9e:25:de:ab: cb:7b:bb:83:34:09:18:31:ff:6b:62:36:d0:ba:e2: be:cf:4b:f0:ab:fe:bb:2e:11:a6:ec:94:d4:9f:ce: f2:27:0f:a3:19:a1:02:63:58:b3:b2:0f:57:96:b3: 15:f7:f6:af:ac:b9:ff:b9:fa:0c:0e:84:e5:24:49: 05:35:16:56:b0:34:74:70:1a:56:74:45:33:b2:a0: ca:da:b0:06:02:8b:85:ed:4a:04:1f:fb:ed:5a:4e: 5a:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:D4:6E:47:1C:30:52:20:8E:1C:85:89:0F:52:73:C2:AA:E3:C3:12 X509v3 Authority Key Identifier: keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/gtRuRxwwUiCOHIWJD1JzwqrjwxI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.192.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:b6:16:76:6c:fc:31:16:95:fd:bb:06:ae:a6:cb:56:93:56: 5d:a6:24:fd:41:20:b1:8f:5c:cd:27:3e:56:3e:b0:a3:22:21: 11:76:55:9b:e9:18:a8:95:63:19:9d:ca:f3:40:cf:77:33:2d: d9:06:2a:e7:6a:35:b0:c8:fc:70:07:e2:c4:b4:55:cf:ee:06: 94:9c:c0:84:9f:95:73:31:6a:fb:c9:7f:6b:21:0f:86:28:e1: 6f:d9:14:7f:ff:fc:a9:81:f0:7c:a0:c5:7b:d3:e9:f8:bf:9a: 1e:56:16:b6:b9:8d:59:d1:98:59:81:2b:10:ca:bb:37:9d:88: 61:99:a8:14:75:7a:10:fd:15:3b:81:d8:bf:6d:d8:6a:81:e5: d7:c5:93:5f:ae:2c:ba:ec:20:d5:22:4b:44:5d:31:43:63:d8: f9:e1:c3:22:9e:35:64:af:c8:19:37:09:e7:34:db:f5:e6:b6: 93:16:69:bf:e4:5a:88:ca:03:df:3a:96:19:f5:a7:46:6a:7d: 2f:d5:0f:c3:6d:7e:18:0c:8e:ba:2a:4e:b2:55:99:e9:dc:db: 6b:81:26:3f:23:47:bf:9c:4d:98:22:df:92:03:d5:a5:f5:51: a7:ba:c8:10:3c:1f:da:a4:cc:3c:ef:a3:1e:9f:37:85:8b:63: f4:19:92:ca -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBREQy NzI2REQ2RkY5RjVBNDU5QUU1QjBBOUVFOEU3RERGQzdGMDdDMB4XDTI1MDUxNzAz MjIyM1oXDTI2MDUxNjEwMDYxN1owMzExMC8GA1UEAxMoODJENDZFNDcxQzMwNTIy MDhFMUM4NTg5MEY1MjczQzJBQUUzQzMxMjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAL8YbEJfRiXP0tViRzeYBVfJWeiiWA9Zgz3p4ZfF7O7A02gOYnoi 7cr69Dsx0Hs+9MlBxsMrRd7siAQ4TOYMP0BbWAZpg7YWNPFjN1BU0gQAAXeMgsfB D1ghfFCCPD7/e0tGw7sLxeTCO7Db64MANtfUQe/ZuogomWb/7b8RqsWh23eKxsTG gOzCs7IDyLY/sTcGoKLH1OCd/1R7ffnzNDueJd6ry3u7gzQJGDH/a2I20Lrivs9L 8Kv+uy4RpuyU1J/O8icPoxmhAmNYs7IPV5azFff2r6y5/7n6DA6E5SRJBTUWVrA0 dHAaVnRFM7KgytqwBgKLhe1KBB/77VpOWo8CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSC1G5HHDBSII4chYkPUnPCquPDEjAfBgNVHSMEGDAWgBSt0nJt1v+fWkWa5bCp 7o5938fwfDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjI4 L3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvcmRKeWJkYl9uMXBGbXVXd3FlNk9mZF9IOEh3LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIyOC9ndFJ1Unh3d1VpQ09I SVdKRDFKendxcmp3eEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAK/7AMA0GCSqGSIb3DQEBCwUAA4IBAQAbthZ2bPwxFpX9uwaupstWk1ZdpiT9 QSCxj1zNJz5WPrCjIiERdlWb6RiolWMZncrzQM93My3ZBirnajWwyPxwB+LEtFXP 7gaUnMCEn5VzMWr7yX9rIQ+GKOFv2RR///ypgfB8oMV70+n4v5oeVha2uY1Z0ZhZ gSsQyrs3nYhhmagUdXoQ/RU7gdi/bdhqgeXXxZNfriy67CDVIktEXTFDY9j54cMi njVkr8gZNwnnNNv15raTFmm/5FqIygPfOpYZ9adGan0v1Q/DbX4YDI66Kk6yVZnp 3NtrgSY/I0e/nE2YIt+SA9Wl9VGnusgQPB/apMw876MenzeFi2P0GZLK -----END CERTIFICATE-----Generated at Sun May 18 18:48:12 2025 by rpki-client