$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/BSzA5_XL5MzQ0vmdKKZ9S82FIPA.roa File: BSzA5_XL5MzQ0vmdKKZ9S82FIPA.roa (raw, json) Hash identifier: u9IRQpDr9YYScvhqP56jleJPt4sSXUwfbsKWWioIK9s= Subject key identifier: 05:2C:C0:E7:F5:CB:E4:CC:D0:D2:F9:9D:28:A6:7D:4B:CD:85:20:F0 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 11EF Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/BSzA5_XL5MzQ0vmdKKZ9S82FIPA.roa Signing time: Tue 29 Apr 2025 17:03:54 +0000 ROA not before: Tue 29 Apr 2025 17:03:54 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 15:39:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4591 (0x11ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Apr 29 17:03:54 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=052CC0E7F5CBE4CCD0D2F99D28A67D4BCD8520F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a3:28:a3:9e:c5:74:9c:72:36:ec:79:5f:f8: 5e:21:dd:12:09:58:47:9d:95:2a:97:6c:dd:c4:69: 71:d3:4d:bf:38:de:c4:34:db:e8:e2:39:cb:b1:09: 8b:e7:ac:3b:62:95:e1:83:56:a4:ee:c9:c5:4a:ce: bd:d1:38:98:74:c7:6b:f2:bd:70:49:7c:34:ea:8a: f1:00:1a:1c:b4:e0:06:e2:cf:44:b6:9b:e9:c1:b4: 07:23:8c:4b:29:43:b4:d2:9a:36:48:a3:d7:79:74: 92:e4:3c:a8:7e:3e:ee:e5:00:5d:b3:f0:d2:24:e7: c8:56:10:73:f7:5c:53:79:d5:f7:3d:c4:af:e0:18: e5:4c:bb:d4:56:8f:d7:bb:b5:67:c0:b9:e6:9e:60: cd:b7:81:77:99:b4:bb:0c:55:f3:2e:22:82:ef:6c: dd:95:7c:58:5d:05:95:bb:ee:d5:84:25:d9:37:28: c4:a9:2f:a2:a3:82:fc:26:a0:ec:a3:5c:82:a8:0f: 1a:ca:78:f9:c0:d1:71:a7:1f:f7:82:df:29:d3:95: 57:1d:df:a8:f4:30:99:fd:27:0b:38:d5:39:b0:25: 85:39:24:24:69:96:c4:ce:d1:06:48:e1:bf:6f:fc: b9:9c:8b:9d:b6:4b:01:c3:0f:ac:6c:8e:4f:dd:33: 2d:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:2C:C0:E7:F5:CB:E4:CC:D0:D2:F9:9D:28:A6:7D:4B:CD:85:20:F0 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/BSzA5_XL5MzQ0vmdKKZ9S82FIPA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.4.0/22 Signature Algorithm: sha256WithRSAEncryption 06:44:0a:8b:e9:92:64:2e:25:47:07:12:a3:fa:56:a7:bd:5b: 38:70:32:8f:fe:11:61:74:21:c2:90:ab:bb:29:e6:6a:98:29: 7c:33:7a:29:37:c6:c6:f1:3d:3f:23:a7:85:6a:e4:2c:03:46: d1:4b:d7:74:93:df:f1:99:a0:57:b3:c4:97:be:54:f7:6a:6e: e7:b3:a2:ac:71:38:e6:c1:dc:01:04:b6:5a:74:1d:21:5d:66: 0d:5d:fc:d6:7f:fb:49:cf:3f:ec:28:57:8e:78:11:ae:bd:69: c6:7f:d4:a7:5b:58:0a:0e:73:ba:d8:91:60:e5:f2:3b:99:c0: 30:38:81:ce:ae:91:e9:47:b5:c9:ef:2c:80:90:15:32:f2:30: 92:56:6b:0c:5a:f2:0f:ae:58:58:97:81:22:ba:d7:21:9f:8b: 81:e9:f9:7f:cd:f1:06:97:50:0e:11:8a:f9:61:79:dc:bf:42: 94:a8:41:ea:36:e2:a9:f9:21:5a:ec:89:72:9d:c4:bb:9a:47: 39:91:26:c9:c6:80:79:51:ea:d4:98:c9:80:df:9d:ad:b2:71: 01:70:9f:4b:ae:e1:55:00:ba:f8:ab:16:aa:72:f8:d0:f7:64: 3c:a1:16:80:02:25:0f:d7:b0:65:32:1e:55:8f:fe:e2:f5:12: c0:4f:4c:84 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA0Mjkx NzAzNTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA1MkNDMEU3RjVDQkU0 Q0NEMEQyRjk5RDI4QTY3RDRCQ0Q4NTIwRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCoyijnsV0nHI27Hlf+F4h3RIJWEedlSqXbN3EaXHTTb843sQ0 2+jiOcuxCYvnrDtileGDVqTuycVKzr3ROJh0x2vyvXBJfDTqivEAGhy04Abiz0S2 m+nBtAcjjEspQ7TSmjZIo9d5dJLkPKh+Pu7lAF2z8NIk58hWEHP3XFN51fc9xK/g GOVMu9RWj9e7tWfAueaeYM23gXeZtLsMVfMuIoLvbN2VfFhdBZW77tWEJdk3KMSp L6KjgvwmoOyjXIKoDxrKePnA0XGnH/eC3ynTlVcd36j0MJn9Jws41TmwJYU5JCRp lsTO0QZI4b9v/Lmci522SwHDD6xsjk/dMy21AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUBSzA5/XL5MzQ0vmdKKZ9S82FIPAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0JTekE1X1hMNU16UTB2 bWRLS1o5UzgyRklQQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6AQwDQYJKoZIhvcNAQELBQADggEBAAZECovpkmQuJUcHEqP6Vqe9WzhwMo/+ EWF0IcKQq7sp5mqYKXwzeik3xsbxPT8jp4Vq5CwDRtFL13ST3/GZoFezxJe+VPdq buezoqxxOObB3AEEtlp0HSFdZg1d/NZ/+0nPP+woV454Ea69acZ/1KdbWAoOc7rY kWDl8juZwDA4gc6ukelHtcnvLICQFTLyMJJWawxa8g+uWFiXgSK61yGfi4Hp+X/N 8QaXUA4Rivlhedy/QpSoQeo24qn5IVrsiXKdxLuaRzmRJsnGgHlR6tSYyYDfna2y cQFwn0uu4VUAuvirFqpy+ND3ZDyhFoACJQ/XsGUyHlWP/uL1EsBPTIQ= -----END CERTIFICATE-----Generated at Sat May 17 15:39:28 2025 by rpki-client