$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2662/ihz4sFLDfkN7Fk9DCBqiadh-ivQ.roa File: ihz4sFLDfkN7Fk9DCBqiadh-ivQ.roa (raw, json) Hash identifier: gR5LOmN4JF2dPB94elxL+UoXokAkI2kc2RKlgGd4ebs= Subject key identifier: 8A:1C:F8:B0:52:C3:7E:43:7B:16:4F:43:08:1A:A2:69:D8:7E:8A:F4 Certificate issuer: /CN=BDC4D981FB5837F21DD951063F59B475DD562536 Certificate serial: 03 Authority key identifier: BD:C4:D9:81:FB:58:37:F2:1D:D9:51:06:3F:59:B4:75:DD:56:25:36 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/ihz4sFLDfkN7Fk9DCBqiadh-ivQ.roa Signing time: Thu 08 May 2025 12:04:51 +0000 ROA not before: Thu 08 May 2025 12:04:51 +0000 ROA not after: Fri 08 May 2026 11:58:22 +0000 asID: 23650 IP address blocks: 103.73.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 09:42:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BDC4D981FB5837F21DD951063F59B475DD562536 Validity Not Before: May 8 12:04:51 2025 GMT Not After : May 8 11:58:22 2026 GMT Subject: CN=8A1CF8B052C37E437B164F43081AA269D87E8AF4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a6:a4:f2:62:fa:c9:b6:2e:9a:3b:35:89:ae: c7:96:a3:0b:b4:76:d8:47:12:99:16:bf:f9:91:59: cb:3b:8a:00:f7:e4:c8:4a:4e:70:3a:26:85:0b:c8: 33:1a:8e:b9:ef:03:3d:c6:22:78:5d:f6:87:81:6c: c2:f5:e3:5a:45:65:6b:a6:f0:1b:62:22:e6:8c:cb: 6e:ae:60:ee:ff:81:a0:ca:a9:e1:bc:e1:e4:34:7b: d2:b3:31:03:8f:65:1e:50:e6:82:11:59:30:ea:82: ca:fa:dc:8a:2b:06:fa:8c:74:26:71:b4:3e:66:ce: d6:30:b9:2d:f4:d2:7f:0b:12:9e:1a:56:09:72:2f: a9:09:81:d0:87:1f:4b:37:55:bf:42:97:7c:f5:d3: 61:5d:b7:51:94:d5:a4:dc:81:28:f5:61:1d:1e:1b: b9:2e:ca:43:66:21:25:81:62:4e:f4:08:17:b1:00: 2e:fe:7c:60:31:a0:ae:9c:9d:34:4c:d5:d9:10:96: 71:f0:07:d3:72:18:25:69:df:9f:0e:0f:df:96:04: 96:12:fc:13:e2:d5:8f:d3:fa:62:ab:be:dd:5f:89: 94:e9:8f:20:95:cc:f0:78:d2:20:01:6b:2e:d2:6c: 78:05:f7:aa:9d:ff:ba:e3:7a:c9:d7:5f:c4:bc:ed: bc:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:1C:F8:B0:52:C3:7E:43:7B:16:4F:43:08:1A:A2:69:D8:7E:8A:F4 X509v3 Authority Key Identifier: keyid:BD:C4:D9:81:FB:58:37:F2:1D:D9:51:06:3F:59:B4:75:DD:56:25:36 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/ihz4sFLDfkN7Fk9DCBqiadh-ivQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.73.144.0/22 Signature Algorithm: sha256WithRSAEncryption 36:5d:74:88:19:60:33:a9:43:27:a0:c8:92:11:eb:87:d9:6b: d5:08:07:5f:a2:25:85:17:70:66:eb:7b:bf:cd:c0:90:00:a6: 90:12:28:6a:20:c5:d5:b6:b2:d5:c6:90:17:68:bf:56:ab:7b: d1:63:05:43:b7:32:30:c2:6d:de:df:20:ea:ea:96:8d:49:65: 47:6f:b3:61:9c:d8:39:e7:cb:10:f2:e6:96:61:10:f5:fa:eb: ce:1c:a5:6f:a4:69:b4:9a:11:e5:88:56:1c:a5:1c:d2:68:c8: 48:ac:09:66:5a:96:ce:75:2e:f3:ac:c7:d7:bc:72:bc:e5:d5: 40:70:e0:9f:32:43:70:b8:e7:a9:68:55:3f:d0:d3:2e:1d:b8: 80:c0:12:83:6c:1b:1c:9c:fe:e4:04:51:0e:87:37:6f:9d:77: cc:14:cb:ca:c9:1c:38:de:7a:b5:ef:a0:e5:75:f5:83:71:8c: 25:21:64:7a:d3:02:87:b9:3a:e0:30:23:3f:3c:9c:3f:2b:95: 38:46:84:21:e7:99:40:9e:53:3c:dc:fa:47:f4:46:5d:47:71: d3:b9:ee:e0:b1:2e:bf:6a:9c:5c:9d:45:e7:89:2d:a1:43:9c: 8f:d9:0c:03:d5:4f:94:4e:43:0e:3e:4d:34:53:de:a1:a0:d3: 52:44:6e:a9 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCREM0 RDk4MUZCNTgzN0YyMUREOTUxMDYzRjU5QjQ3NURENTYyNTM2MB4XDTI1MDUwODEy MDQ1MVoXDTI2MDUwODExNTgyMlowMzExMC8GA1UEAxMoOEExQ0Y4QjA1MkMzN0U0 MzdCMTY0RjQzMDgxQUEyNjlEODdFOEFGNDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALympPJi+sm2Lpo7NYmux5ajC7R22EcSmRa/+ZFZyzuKAPfkyEpO cDomhQvIMxqOue8DPcYieF32h4FswvXjWkVla6bwG2Ii5ozLbq5g7v+BoMqp4bzh 5DR70rMxA49lHlDmghFZMOqCyvrciisG+ox0JnG0PmbO1jC5LfTSfwsSnhpWCXIv qQmB0IcfSzdVv0KXfPXTYV23UZTVpNyBKPVhHR4buS7KQ2YhJYFiTvQIF7EALv58 YDGgrpydNEzV2RCWcfAH03IYJWnfnw4P35YElhL8E+LVj9P6Yqu+3V+JlOmPIJXM 8HjSIAFrLtJseAX3qp3/uuN6yddfxLztvPMCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBSKHPiwUsN+Q3sWT0MIGqJp2H6K9DAfBgNVHSMEGDAWgBS9xNmB+1g38h3ZUQY/ WbR13VYlNjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjYy L3ZjVFpnZnRZTl9JZDJWRUdQMW0wZGQxV0pUWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdmNUWmdmdFlOX0lkMlZFR1AxbTBkZDFXSlRZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY2Mi9paHo0c0ZMRGZrTjdG azlEQ0JxaWFkaC1pdlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ0mQMA0GCSqGSIb3DQEBCwUAA4IBAQA2XXSIGWAzqUMnoMiSEeuH2WvVCAdf oiWFF3Bm63u/zcCQAKaQEihqIMXVtrLVxpAXaL9Wq3vRYwVDtzIwwm3e3yDq6paN SWVHb7NhnNg558sQ8uaWYRD1+uvOHKVvpGm0mhHliFYcpRzSaMhIrAlmWpbOdS7z rMfXvHK85dVAcOCfMkNwuOepaFU/0NMuHbiAwBKDbBscnP7kBFEOhzdvnXfMFMvK yRw43nq176DldfWDcYwlIWR60wKHuTrgMCM/PJw/K5U4RoQh55lAnlM83PpH9EZd R3HTue7gsS6/apxcnUXniS2hQ5yP2QwD1U+UTkMOPk00U96hoNNSRG6p -----END CERTIFICATE-----Generated at Mon May 19 09:32:43 2025 by rpki-client