$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/DdYgL6IFvv-m23a8DhvSwpmU0kA.roa File: DdYgL6IFvv-m23a8DhvSwpmU0kA.roa (raw, json) Hash identifier: /9npghtkQp6u7lDGCO4C3sHR/H2tknjaiofKbhA7Zw4= Subject key identifier: 0D:D6:20:2F:A2:05:BE:FF:A6:DB:76:BC:0E:1B:D2:C2:99:94:D2:40 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1263 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/DdYgL6IFvv-m23a8DhvSwpmU0kA.roa Signing time: Fri 16 May 2025 11:01:13 +0000 ROA not before: Fri 16 May 2025 11:01:13 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.84.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:09:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4707 (0x1263) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: May 16 11:01:13 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0DD6202FA205BEFFA6DB76BC0E1BD2C29994D240 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:fe:5e:90:4e:92:d0:c9:6f:3c:fd:d6:4e:84: 55:97:83:19:af:e0:87:fb:f7:2e:9b:87:e5:43:f8: c7:cb:58:ac:96:1a:4f:e8:70:fd:0e:f6:aa:fb:f8: 26:e3:0c:92:05:ec:5c:48:9a:7d:d4:4c:78:17:e6: fb:f6:d1:f4:24:ae:d4:22:33:1b:49:1e:80:85:57: 47:a0:d2:2d:0e:50:fb:17:44:db:15:54:60:e9:29: b9:26:68:4d:8e:ef:f5:e7:da:53:db:99:49:a6:5f: 3b:d8:46:4a:fb:86:fc:ac:3c:04:f2:15:df:8f:bb: 18:52:1e:6b:7c:fd:98:31:c5:28:14:98:6b:d6:b9: 50:4d:9e:b0:9e:40:b1:d6:33:b5:76:6b:5f:5c:89: 30:30:74:7a:66:c4:0b:c5:c2:e0:47:0d:f2:40:7b: da:05:ab:bc:1e:b5:82:14:93:6d:40:ce:f1:01:e7: 7b:70:e0:5c:51:f6:a8:87:08:7f:13:dc:bf:1e:52: 29:02:09:65:d6:98:9f:bf:0e:83:dc:83:07:4f:12: f5:fb:28:ed:29:f6:d2:e1:5e:e1:a7:ed:c2:ee:ab: 8a:c7:e2:8c:2a:3d:d1:87:64:9f:ea:79:27:6e:2b: 19:6f:1b:1f:51:2b:06:03:15:ce:2f:79:56:93:f4: e7:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:D6:20:2F:A2:05:BE:FF:A6:DB:76:BC:0E:1B:D2:C2:99:94:D2:40 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/DdYgL6IFvv-m23a8DhvSwpmU0kA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.84.0/22 Signature Algorithm: sha256WithRSAEncryption 04:9b:3f:53:53:e2:9b:8e:d6:e8:b6:d6:77:3d:f0:64:45:f4: bb:d8:92:e3:25:2e:97:66:b9:42:83:26:fe:b0:ef:90:78:fa: bf:4d:b1:8d:c4:03:d0:4c:f2:28:97:30:1e:77:48:e6:2d:ee: f6:00:fb:d2:0d:fa:36:e6:82:9e:17:98:f5:43:7c:59:d7:0c: 05:e2:ef:bf:82:d9:c3:10:66:78:09:98:c0:47:f0:17:1d:13: 32:97:a8:2d:78:d2:3d:be:c0:0e:02:eb:27:8c:00:ed:6e:fd: 4d:26:ce:3a:d9:7c:16:c3:60:48:cd:2c:b3:03:cd:f5:23:7a: 9d:01:ee:56:7f:b1:5a:5c:f9:0d:8d:92:93:a3:56:f9:7c:1e: c1:32:d4:7f:d6:6d:9f:68:7a:12:b4:64:d4:c2:7d:ee:7e:61: 07:7b:f1:f2:c6:7f:43:de:2d:9d:80:54:20:80:ca:22:51:5c: 42:98:26:95:65:52:f4:83:82:52:73:5e:48:58:a0:80:79:0c: d8:e4:7c:56:5e:a0:c3:6e:35:45:5e:31:d0:62:74:6b:53:2b: 32:9f:39:02:3c:b9:e9:c2:0b:dd:58:34:c2:42:7f:3d:8c:e8: 5f:13:27:d8:db:24:f6:c9:a1:65:d9:38:ab:48:1c:95:a7:ab: 3c:df:bf:16 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEmMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA1MTYx MTAxMTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBERDYyMDJGQTIwNUJF RkZBNkRCNzZCQzBFMUJEMkMyOTk5NEQyNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4/l6QTpLQyW88/dZOhFWXgxmv4If79y6bh+VD+MfLWKyWGk/o cP0O9qr7+CbjDJIF7FxImn3UTHgX5vv20fQkrtQiMxtJHoCFV0eg0i0OUPsXRNsV VGDpKbkmaE2O7/Xn2lPbmUmmXzvYRkr7hvysPATyFd+PuxhSHmt8/ZgxxSgUmGvW uVBNnrCeQLHWM7V2a19ciTAwdHpmxAvFwuBHDfJAe9oFq7wetYIUk21AzvEB53tw 4FxR9qiHCH8T3L8eUikCCWXWmJ+/DoPcgwdPEvX7KO0p9tLhXuGn7cLuq4rH4owq PdGHZJ/qeSduKxlvGx9RKwYDFc4veVaT9OcRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDdYgL6IFvv+m23a8DhvSwpmU0kAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0RkWWdMNklGdnYtbTIz YThEaHZTd3BtVTBrQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6FQwDQYJKoZIhvcNAQELBQADggEBAASbP1NT4puO1ui21nc98GRF9LvYkuMl LpdmuUKDJv6w75B4+r9NsY3EA9BM8iiXMB53SOYt7vYA+9IN+jbmgp4XmPVDfFnX DAXi77+C2cMQZngJmMBH8BcdEzKXqC140j2+wA4C6yeMAO1u/U0mzjrZfBbDYEjN LLMDzfUjep0B7lZ/sVpc+Q2NkpOjVvl8HsEy1H/WbZ9oehK0ZNTCfe5+YQd78fLG f0PeLZ2AVCCAyiJRXEKYJpVlUvSDglJzXkhYoIB5DNjkfFZeoMNuNUVeMdBidGtT KzKfOQI8uenCC91YNMJCfz2M6F8TJ9jbJPbJoWXZOKtIHJWnqzzfvxY= -----END CERTIFICATE-----Generated at Sat May 17 20:01:13 2025 by rpki-client