$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/84OESJEvqUtyu2kJzzDeEU65K24.roa File: 84OESJEvqUtyu2kJzzDeEU65K24.roa (raw, json) Hash identifier: H+C1pRtiT7+W6VLa+kSNyDI8smQnUbTsCAk9FZOxj40= Subject key identifier: F3:83:84:48:91:2F:A9:4B:72:BB:69:09:CF:30:DE:11:4E:B9:2B:6E Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 17A1 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/84OESJEvqUtyu2kJzzDeEU65K24.roa Signing time: Tue 29 Apr 2025 08:21:35 +0000 ROA not before: Tue 29 Apr 2025 08:21:35 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 18811 IP address blocks: 180.223.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 04:39:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6049 (0x17a1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Apr 29 08:21:35 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F3838448912FA94B72BB6909CF30DE114EB92B6E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:2d:0e:14:c7:90:d6:fb:e7:b0:ae:83:3d:2c: cf:a8:8d:e9:4a:9d:c0:02:bb:6f:6a:af:bf:b0:e2: e5:a8:bf:e0:87:99:f7:95:51:dc:51:a0:8a:75:1d: 18:d9:82:74:d2:5b:2b:03:b9:02:cf:70:7d:d6:37: b2:56:60:ff:46:ad:e4:85:70:54:d6:54:c3:04:6f: 09:1b:1a:1c:46:fa:88:f8:54:7e:3f:4c:61:8f:bb: 2e:db:60:b7:80:e1:3c:ea:df:b6:8c:2f:13:f9:ff: b2:76:9b:05:da:86:51:7b:fd:a7:29:41:4a:c7:2e: 26:b0:59:72:d4:2d:a5:6c:1f:58:8b:5b:a9:42:60: ee:83:ec:a1:67:a7:7c:28:54:25:66:21:9c:a9:9b: 77:ea:60:3f:a9:3e:74:3d:7b:6b:49:80:ab:75:2a: 2e:1c:da:07:c0:87:fb:f3:d6:5e:5c:fe:9f:f1:e4: 50:d9:36:b1:48:83:09:cf:b2:93:c5:7d:bb:7e:58: 0f:f7:c3:a6:ef:79:d0:12:f8:aa:12:ae:6f:c1:bc: ad:62:9e:85:39:fa:b0:fa:16:af:59:4d:39:d4:d6: 5d:c6:1d:5f:2e:9b:35:d2:82:8c:4a:4a:2a:42:2d: 64:8a:46:82:bc:8d:62:6f:46:78:94:d0:d1:3d:27: 1f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:83:84:48:91:2F:A9:4B:72:BB:69:09:CF:30:DE:11:4E:B9:2B:6E X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/84OESJEvqUtyu2kJzzDeEU65K24.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.64.0/18 Signature Algorithm: sha256WithRSAEncryption d9:fb:08:8a:c2:be:82:24:42:85:d4:69:5d:fe:7d:54:3f:10: 6a:0e:eb:c8:30:19:22:0c:d5:f0:09:ab:a9:95:ed:24:6a:bc: 32:5d:e6:72:68:45:a0:4d:e3:e2:59:0b:0f:9b:75:ff:3b:81: 7b:cb:1a:c9:5f:e8:1a:a8:bc:61:09:af:0c:21:e7:50:09:1c: 33:bb:ee:59:c6:f0:e9:61:f4:64:0e:8b:36:72:c7:32:65:8c: d9:c3:3e:b7:a4:39:f9:86:bb:3e:e9:07:25:f7:36:93:06:bf: 63:dd:d6:3a:f0:69:00:e1:c1:9d:19:3e:c3:47:4e:bc:37:8c: 7a:db:71:3f:60:81:00:38:1a:21:49:6d:92:87:1d:9b:f3:f8: 5c:5d:0b:4f:17:25:df:92:0b:10:c0:01:df:9f:4f:12:58:63: c8:f3:0a:f8:a6:58:ec:28:53:d1:5f:fc:7f:18:ed:f2:8f:ca: 06:8b:00:fe:ed:02:8e:66:46:01:cc:6a:7b:74:ad:29:cb:90: f8:1a:0a:83:72:6c:46:7c:25:ca:ec:e4:86:f0:6a:cd:23:34: 93:40:a5:2c:f3:f3:54:5c:78:c2:4f:ca:3d:2b:e0:ab:9f:79: ed:40:07:76:4e:2a:5f:4e:3f:c1:62:89:89:bf:60:fe:7b:48: 7d:30:05:e2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA0Mjkw ODIxMzVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEYzODM4NDQ4OTEyRkE5 NEI3MkJCNjkwOUNGMzBERTExNEVCOTJCNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCYLQ4Ux5DW++ewroM9LM+ojelKncACu29qr7+w4uWov+CHmfeV UdxRoIp1HRjZgnTSWysDuQLPcH3WN7JWYP9GreSFcFTWVMMEbwkbGhxG+oj4VH4/ TGGPuy7bYLeA4Tzq37aMLxP5/7J2mwXahlF7/acpQUrHLiawWXLULaVsH1iLW6lC YO6D7KFnp3woVCVmIZypm3fqYD+pPnQ9e2tJgKt1Ki4c2gfAh/vz1l5c/p/x5FDZ NrFIgwnPspPFfbt+WA/3w6bvedAS+KoSrm/BvK1inoU5+rD6Fq9ZTTnU1l3GHV8u mzXSgoxKSipCLWSKRoK8jWJvRniU0NE9Jx9TAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU84OESJEvqUtyu2kJzzDeEU65K24wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvODRPRVNKRXZxVXR5 dTJrSnp6RGVFVTY1SzI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBrTfQDANBgkqhkiG9w0BAQsFAAOCAQEA2fsIisK+giRChdRpXf59VD8Qag7r yDAZIgzV8AmrqZXtJGq8Ml3mcmhFoE3j4lkLD5t1/zuBe8sayV/oGqi8YQmvDCHn UAkcM7vuWcbw6WH0ZA6LNnLHMmWM2cM+t6Q5+Ya7PukHJfc2kwa/Y93WOvBpAOHB nRk+w0dOvDeMettxP2CBADgaIUltkocdm/P4XF0LTxcl35ILEMAB359PElhjyPMK +KZY7ChT0V/8fxjt8o/KBosA/u0CjmZGAcxqe3StKcuQ+BoKg3JsRnwlyuzkhvBq zSM0k0ClLPPzVFx4wk/KPSvgq5957UAHdk4qX04/wWKJib9g/ntIfTAF4g== -----END CERTIFICATE-----Generated at Sun May 18 04:04:32 2025 by rpki-client