$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/b2RsGZEfS8AGRFOyyIuTMcaWQww.roa File: b2RsGZEfS8AGRFOyyIuTMcaWQww.roa (raw, json) Hash identifier: TuF8ngzwVPQL+6wq+G2TcY8ZRasFALQTZT+FQvRkPEM= Subject key identifier: 6F:64:6C:19:91:1F:4B:C0:06:44:53:B2:C8:8B:93:31:C6:96:43:0C Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 179F Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/b2RsGZEfS8AGRFOyyIuTMcaWQww.roa Signing time: Tue 29 Apr 2025 08:21:35 +0000 ROA not before: Tue 29 Apr 2025 08:21:35 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 398704 IP address blocks: 180.223.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 11:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6047 (0x179f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Apr 29 08:21:35 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=6F646C19911F4BC0064453B2C88B9331C696430C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:91:dc:43:c0:0b:37:32:30:65:fc:3c:0a:b3: d8:42:13:a3:fd:e5:dc:c5:3d:42:54:eb:e5:a9:4b: 12:6d:ab:04:9b:ff:5e:d0:49:a7:fd:b6:63:d6:a1: a4:6d:64:f5:6e:6e:ba:fd:c4:5c:b6:84:48:32:46: 7d:2f:cb:a9:b2:ff:f8:71:e6:99:40:99:be:61:8c: 62:65:a0:31:7b:13:4a:db:79:06:0f:fd:cd:db:85: 20:95:29:02:35:45:cf:a6:a3:29:71:a9:72:22:bf: bd:43:e5:f1:b0:49:0b:4d:1e:8d:c1:9c:91:4a:b5: 8c:3d:13:2e:70:78:ed:96:f7:d8:2e:fd:28:4b:70: ec:57:4e:9e:74:9a:92:fe:35:5b:bc:85:21:b7:69: 54:3a:1a:2a:15:ef:93:fb:5b:6e:41:fd:ed:d8:b3: ae:05:5e:0f:6a:e0:79:ac:52:84:cc:a6:ab:27:3b: 53:2e:22:a4:16:53:33:2f:2c:03:42:f9:98:21:62: 01:2d:df:68:17:fb:33:72:45:df:c4:b0:a3:3c:1c: fc:39:0d:40:5a:98:13:56:c6:28:ad:95:8d:b7:08: c9:ab:ba:be:da:f8:78:85:9b:79:09:4b:b5:59:90: ab:2f:0f:f1:0a:a2:4e:c9:40:9b:31:51:dd:4a:bc: 6f:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:64:6C:19:91:1F:4B:C0:06:44:53:B2:C8:8B:93:31:C6:96:43:0C X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/b2RsGZEfS8AGRFOyyIuTMcaWQww.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.64.0/18 Signature Algorithm: sha256WithRSAEncryption 17:ba:be:ce:f5:fc:2e:c0:fc:19:af:e3:33:13:cc:b0:1f:9d: 35:db:b2:45:ba:21:ee:04:b0:e3:d1:b5:8f:76:7e:62:d8:6f: a9:f7:f2:c4:72:e8:ed:a8:7a:56:e1:cb:b1:80:90:e1:99:0b: 8b:f1:9b:78:c5:8f:f0:f4:1b:68:04:c1:2e:f1:8d:fd:08:0d: ca:b6:0b:16:64:b1:99:1e:61:d3:55:99:9b:eb:c6:b4:27:d1: c7:e0:58:5b:31:d1:16:74:ff:a2:76:a7:27:59:1a:65:b7:14: 4f:b6:a9:11:4a:f3:c0:aa:ee:2a:9d:59:8d:8a:59:8f:1b:8b: 36:93:49:37:30:0e:39:64:f6:f3:94:b0:8f:35:1b:6d:ce:83: a0:43:27:17:b9:10:9d:d2:9c:b1:85:42:d3:78:fb:00:16:ae: 2c:04:0e:54:d9:60:08:01:ff:a3:cc:05:08:e7:0f:12:d0:ba: ae:e8:00:b6:78:2d:b3:0e:e8:f0:d7:e1:0a:91:da:f3:e0:d5: 34:20:07:c1:b7:db:75:75:c3:26:c3:95:55:19:49:f3:4f:0d: 4a:c8:be:14:ff:28:fc:5c:19:c2:00:b8:a4:07:be:22:15:22: 7f:1d:8e:b7:1f:80:c4:02:60:c3:24:2b:49:76:66:19:1c:85: 84:d2:ac:d5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF58wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTA0Mjkw ODIxMzVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDZGNjQ2QzE5OTExRjRC QzAwNjQ0NTNCMkM4OEI5MzMxQzY5NjQzMEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPkdxDwAs3MjBl/DwKs9hCE6P95dzFPUJU6+WpSxJtqwSb/17Q Saf9tmPWoaRtZPVubrr9xFy2hEgyRn0vy6my//hx5plAmb5hjGJloDF7E0rbeQYP /c3bhSCVKQI1Rc+moylxqXIiv71D5fGwSQtNHo3BnJFKtYw9Ey5weO2W99gu/ShL cOxXTp50mpL+NVu8hSG3aVQ6GioV75P7W25B/e3Ys64FXg9q4HmsUoTMpqsnO1Mu IqQWUzMvLANC+ZghYgEt32gX+zNyRd/EsKM8HPw5DUBamBNWxiitlY23CMmrur7a +HiFm3kJS7VZkKsvD/EKok7JQJsxUd1KvG+tAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUb2RsGZEfS8AGRFOyyIuTMcaWQwwwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvYjJSc0daRWZTOEFH UkZPeXlJdVRNY2FXUXd3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBrTfQDANBgkqhkiG9w0BAQsFAAOCAQEAF7q+zvX8LsD8Ga/jMxPMsB+dNduy Rboh7gSw49G1j3Z+YthvqffyxHLo7ah6VuHLsYCQ4ZkLi/GbeMWP8PQbaATBLvGN /QgNyrYLFmSxmR5h01WZm+vGtCfRx+BYWzHRFnT/onanJ1kaZbcUT7apEUrzwKru Kp1ZjYpZjxuLNpNJNzAOOWT285SwjzUbbc6DoEMnF7kQndKcsYVC03j7ABauLAQO VNlgCAH/o8wFCOcPEtC6rugAtngtsw7o8NfhCpHa8+DVNCAHwbfbdXXDJsOVVRlJ 808NSsi+FP8o/FwZwgC4pAe+IhUifx2Otx+AxAJgwyQrSXZmGRyFhNKs1Q== -----END CERTIFICATE-----Generated at Sat May 17 10:43:56 2025 by rpki-client