$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/Jx-sn7uf3YKss1sEK59h2pwN25k.roa File: Jx-sn7uf3YKss1sEK59h2pwN25k.roa (raw, json) Hash identifier: iyJpJoSQKatJCacDHwmjKzUAO4nb+qvFK+Ly6RyAPb4= Subject key identifier: 27:1F:AC:9F:BB:9F:DD:82:AC:B3:5B:04:2B:9F:61:DA:9C:0D:DB:99 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 125D Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Jx-sn7uf3YKss1sEK59h2pwN25k.roa Signing time: Fri 16 May 2025 10:59:33 +0000 ROA not before: Fri 16 May 2025 10:59:33 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.72.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 03:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4701 (0x125d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: May 16 10:59:33 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=271FAC9FBB9FDD82ACB35B042B9F61DA9C0DDB99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:77:ce:b2:c9:fe:17:b4:02:d9:1d:00:d7:ac: 36:a0:6c:7b:ce:09:31:d1:a3:c7:ac:53:4f:09:48: 73:26:22:ec:fe:87:c2:2a:b9:ae:f6:e8:96:ce:02: 36:7a:d8:a9:6f:3f:5c:fd:58:28:ad:f8:87:47:2d: b0:bc:03:06:9b:3b:89:b5:16:33:44:b3:d5:69:f7: b2:56:5f:b1:e7:2a:e5:10:d4:18:1f:29:2f:53:a2: 1d:0f:42:df:f9:13:1d:14:26:82:f9:a3:57:56:47: cd:05:32:63:a5:fd:47:81:34:c6:a8:43:70:fa:25: 74:ce:e6:68:43:d9:c5:67:ca:4c:ca:71:95:41:8e: f8:41:59:8a:e7:1b:0e:ae:c3:98:3d:97:c2:e6:18: 08:b3:4a:6c:1b:6f:89:72:03:cb:bd:9d:d1:4f:b3: 8a:f7:1a:71:4f:4e:84:ad:de:b4:e8:7e:e3:f8:f7: 60:0a:29:92:ec:30:b8:fc:e2:eb:20:08:8c:05:3a: 39:50:6a:ec:8f:34:59:1c:f5:3f:e0:87:9e:30:7d: 60:f5:d2:57:c1:90:15:ac:48:48:ee:99:5f:73:05: 58:cb:6d:0c:dc:22:64:70:11:fc:dd:e6:da:6e:52: f4:af:da:e7:67:81:f4:67:a4:49:ce:81:2a:49:c3: b4:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:1F:AC:9F:BB:9F:DD:82:AC:B3:5B:04:2B:9F:61:DA:9C:0D:DB:99 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/Jx-sn7uf3YKss1sEK59h2pwN25k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.72.0/22 Signature Algorithm: sha256WithRSAEncryption 25:b9:dd:f7:f9:8f:f9:e1:77:df:26:1a:c2:bc:bb:89:d4:42: dc:1f:9e:a4:89:c7:12:97:2f:df:f1:d3:49:84:3e:0b:c8:3e: 80:aa:e0:c4:de:00:dd:ff:9a:1e:11:a5:c8:0f:9d:91:f4:fd: e8:af:2c:eb:e0:5a:56:1c:3d:93:9a:f1:82:5b:9a:92:cf:5d: 8a:d7:72:2c:98:ed:58:14:24:d6:d0:32:b3:3a:71:cb:9f:20: 1e:d1:be:28:a7:d5:cd:af:ff:fb:81:02:52:53:88:b5:20:96: a8:dd:3e:7b:67:0b:3c:a2:24:d1:98:86:ef:a4:de:41:83:29: 6f:a1:29:a7:d2:0b:dd:f1:14:bd:cf:ee:e5:a3:6b:24:a9:c4: 65:9a:b2:d8:86:fa:a4:f1:97:f9:93:da:d2:bb:a1:d7:4e:83: 8d:6e:b3:a8:85:ed:89:c4:8e:f0:c7:55:c5:39:fd:c5:88:24: ff:fc:d5:cc:09:11:9d:b3:50:b6:c4:06:9f:11:12:fe:c9:a3: 7c:71:bb:8b:cf:75:0e:12:c0:87:1b:ea:57:fa:02:1e:6c:9f: 50:3b:8f:a8:53:84:a0:6b:f4:31:19:4f:a1:01:47:84:80:98: 7f:38:f6:71:fb:a9:e8:68:98:8b:ea:7b:81:b7:bb:3f:50:a7: 32:72:47:6c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA1MTYx MDU5MzNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI3MUZBQzlGQkI5RkRE ODJBQ0IzNUIwNDJCOUY2MURBOUMwRERCOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCd86yyf4XtALZHQDXrDagbHvOCTHRo8esU08JSHMmIuz+h8Iq ua726JbOAjZ62KlvP1z9WCit+IdHLbC8AwabO4m1FjNEs9Vp97JWX7HnKuUQ1Bgf KS9Toh0PQt/5Ex0UJoL5o1dWR80FMmOl/UeBNMaoQ3D6JXTO5mhD2cVnykzKcZVB jvhBWYrnGw6uw5g9l8LmGAizSmwbb4lyA8u9ndFPs4r3GnFPToSt3rTofuP492AK KZLsMLj84usgCIwFOjlQauyPNFkc9T/gh54wfWD10lfBkBWsSEjumV9zBVjLbQzc ImRwEfzd5tpuUvSv2udngfRnpEnOgSpJw7RJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUJx+sn7uf3YKss1sEK59h2pwN25kwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL0p4LXNuN3VmM1lLc3Mx c0VLNTloMnB3TjI1ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6EgwDQYJKoZIhvcNAQELBQADggEBACW53ff5j/nhd98mGsK8u4nUQtwfnqSJ xxKXL9/x00mEPgvIPoCq4MTeAN3/mh4RpcgPnZH0/eivLOvgWlYcPZOa8YJbmpLP XYrXciyY7VgUJNbQMrM6ccufIB7Rviin1c2v//uBAlJTiLUglqjdPntnCzyiJNGY hu+k3kGDKW+hKafSC93xFL3P7uWjaySpxGWastiG+qTxl/mT2tK7oddOg41us6iF 7YnEjvDHVcU5/cWIJP/81cwJEZ2zULbEBp8REv7Jo3xxu4vPdQ4SwIcb6lf6Ah5s n1A7j6hThKBr9DEZT6EBR4SAmH849nH7qehomIvqe4G3uz9QpzJyR2w= -----END CERTIFICATE-----Generated at Sun May 18 01:59:40 2025 by rpki-client