$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/T1BPF3gOgVJRC7tWJ43e_1ZWEVo.roa File: T1BPF3gOgVJRC7tWJ43e_1ZWEVo.roa (raw, json) Hash identifier: +GV4Zu/cWxqJdi3FKDO4Zg4idS9miRM+Zl8mbT0tMGg= Subject key identifier: 4F:50:4F:17:78:0E:81:52:51:0B:BB:56:27:8D:DE:FF:56:56:11:5A Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1223 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/T1BPF3gOgVJRC7tWJ43e_1ZWEVo.roa Signing time: Tue 06 May 2025 08:43:37 +0000 ROA not before: Tue 06 May 2025 08:43:37 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.48.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 20:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4643 (0x1223) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: May 6 08:43:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=4F504F17780E8152510BBB56278DDEFF5656115A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:34:d3:fc:c3:2c:af:8d:28:52:b5:f4:89:13: 13:6d:be:be:ff:56:1e:20:f8:ee:19:7e:dc:c4:d3: 6a:53:58:1e:05:d0:7a:23:35:62:74:17:40:20:0a: 96:db:0c:2f:7b:70:48:22:66:2b:4c:43:63:93:4e: 92:8d:ef:91:63:26:18:0e:eb:fb:6a:96:cf:08:92: a7:69:d8:85:f9:61:b2:dd:04:96:6d:f5:c5:9d:55: 4d:5f:90:88:92:93:62:39:82:a7:ea:d2:3a:df:2b: f2:b1:25:34:a2:13:66:c9:26:08:1c:80:81:fb:b3: da:c7:a4:7b:08:1a:11:e7:a0:8d:ed:da:03:82:7e: 3e:97:9e:c4:9a:fb:02:49:fc:c6:87:87:8c:59:05: c7:04:0d:92:81:93:f3:0d:b3:4e:cd:6c:7c:08:1f: 5f:85:d5:28:aa:27:c1:ae:7e:a7:28:62:75:0f:f7: 5c:d2:6b:82:2e:74:7c:d0:04:cb:2a:fe:8f:49:57: 40:28:4b:cd:dd:3d:c2:90:50:db:5c:e9:c2:da:ab: fa:dc:f4:30:c3:67:ed:28:54:30:e9:56:f2:d5:b9: 97:de:6a:f1:02:1c:cf:b0:3d:60:a6:6d:af:44:95: d3:16:62:20:d3:27:20:4b:ae:63:68:32:45:b0:43: 17:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:50:4F:17:78:0E:81:52:51:0B:BB:56:27:8D:DE:FF:56:56:11:5A X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/T1BPF3gOgVJRC7tWJ43e_1ZWEVo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.48.0/22 Signature Algorithm: sha256WithRSAEncryption 9d:e9:b0:c1:b8:61:d4:45:48:38:1f:e4:b9:29:a0:2d:e6:40: 50:c7:6b:21:0e:0f:9e:b5:e8:df:45:dd:40:2b:a3:fe:87:7b: d7:5f:13:68:90:ec:70:95:fc:1d:27:7f:12:97:a5:62:f1:2e: 9e:af:ae:3a:7c:c4:1c:a3:c1:19:fc:54:a1:2e:da:40:21:21: 04:7a:6d:c1:cd:8b:64:3a:ec:5d:01:2e:60:d1:15:8a:28:f8: 97:e5:68:0c:af:97:8e:d7:fd:8d:75:45:35:7e:38:a6:ef:83: 76:21:1d:1a:b9:96:0f:01:15:fa:41:09:fe:ac:7a:08:6c:71: 9f:32:b7:b8:2f:c3:10:d6:e3:a3:da:c4:fa:b2:ff:65:79:b9: 77:59:67:47:e2:2e:11:c1:5d:2d:e7:a5:0f:dc:bc:3f:76:9e: 07:ed:9d:b9:8d:8d:64:56:78:79:15:c4:6c:d0:60:27:16:79: ba:f1:6a:5c:f2:6c:18:fc:28:da:6d:d8:f9:b0:0b:49:ae:52: 79:48:1f:e6:fc:f9:e8:e6:46:6f:92:e7:bd:8d:32:62:b3:4b: b4:60:73:1a:89:f9:12:b5:3d:31:ee:ef:01:55:9c:56:8c:a2: 40:1d:15:bb:9b:81:d7:28:ac:91:78:2f:d9:f5:50:00:11:04: 6a:93:7d:11 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEiMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA1MDYw ODQzMzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRGNTA0RjE3NzgwRTgx NTI1MTBCQkI1NjI3OERERUZGNTY1NjExNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDINNP8wyyvjShStfSJExNtvr7/Vh4g+O4ZftzE02pTWB4F0Hoj NWJ0F0AgCpbbDC97cEgiZitMQ2OTTpKN75FjJhgO6/tqls8Ikqdp2IX5YbLdBJZt 9cWdVU1fkIiSk2I5gqfq0jrfK/KxJTSiE2bJJggcgIH7s9rHpHsIGhHnoI3t2gOC fj6XnsSa+wJJ/MaHh4xZBccEDZKBk/MNs07NbHwIH1+F1SiqJ8GufqcoYnUP91zS a4IudHzQBMsq/o9JV0AoS83dPcKQUNtc6cLaq/rc9DDDZ+0oVDDpVvLVuZfeavEC HM+wPWCmba9EldMWYiDTJyBLrmNoMkWwQxcTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUT1BPF3gOgVJRC7tWJ43e/1ZWEVowHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1QxQlBGM2dPZ1ZKUkM3 dFdKNDNlXzFaV0VWby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6DAwDQYJKoZIhvcNAQELBQADggEBAJ3psMG4YdRFSDgf5LkpoC3mQFDHayEO D5616N9F3UAro/6He9dfE2iQ7HCV/B0nfxKXpWLxLp6vrjp8xByjwRn8VKEu2kAh IQR6bcHNi2Q67F0BLmDRFYoo+JflaAyvl47X/Y11RTV+OKbvg3YhHRq5lg8BFfpB Cf6seghscZ8yt7gvwxDW46PaxPqy/2V5uXdZZ0fiLhHBXS3npQ/cvD92ngftnbmN jWRWeHkVxGzQYCcWebrxalzybBj8KNpt2PmwC0muUnlIH+b8+ejmRm+S572NMmKz S7RgcxqJ+RK1PTHu7wFVnFaMokAdFbubgdcorJF4L9n1UAARBGqTfRE= -----END CERTIFICATE-----Generated at Sun May 18 19:25:20 2025 by rpki-client