$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/tCk0O9Fa9uk7CmzmSraufeYWXSA.roa File: tCk0O9Fa9uk7CmzmSraufeYWXSA.roa (raw, json) Hash identifier: sh1PFfN0mAGJywuerZ93gmMQ8nDYmg1GTlAIYOOmt0Y= Subject key identifier: B4:29:34:3B:D1:5A:F6:E9:3B:0A:6C:E6:4A:B6:AE:7D:E6:16:5D:20 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1213 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/tCk0O9Fa9uk7CmzmSraufeYWXSA.roa Signing time: Mon 05 May 2025 12:06:13 +0000 ROA not before: Mon 05 May 2025 12:06:13 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 16:13:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4627 (0x1213) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: May 5 12:06:13 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=B429343BD15AF6E93B0A6CE64AB6AE7DE6165D20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:74:de:ff:5f:5b:ae:45:83:59:6c:ea:9a:0f: 04:2b:4b:b6:a6:4b:f1:61:93:0a:1b:1b:c1:20:9a: db:a4:73:2a:ae:4a:84:bf:c0:16:47:3c:d4:ea:1c: 8b:ca:ac:7a:7f:ab:da:c7:c4:0e:fb:a3:ee:d5:fa: 73:ec:03:16:8d:aa:60:d8:de:0d:cf:43:ea:b7:77: 3b:93:2a:3a:8b:80:17:bd:d1:88:d7:b7:ed:d6:25: 37:97:15:04:31:ca:85:0f:6e:3d:27:29:3f:a9:a0: 39:86:93:88:55:37:30:21:55:d5:e9:17:9d:a4:e1: 03:36:da:b0:cc:46:2e:40:9a:ef:48:c3:0b:ea:68: 56:f2:db:62:49:70:6b:08:cc:35:7f:33:f4:c1:c0: 08:25:5e:11:66:8c:e7:57:c5:88:6d:bf:94:cf:54: ce:c4:f2:fa:57:9b:99:5a:ef:a7:b9:82:ee:f5:f9: 74:c4:6f:71:fd:b9:15:03:64:3b:e8:f4:bc:5c:49: 40:8b:0c:5b:c4:4d:74:ed:3f:38:79:71:b9:ff:cf: ee:20:70:81:2e:00:9a:48:0a:94:28:f5:74:8f:59: 68:5c:92:50:8a:a8:17:bd:dd:00:90:20:e3:d0:36: 65:44:b6:80:b4:a6:23:79:0b:61:d2:bc:f3:8a:5f: 09:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:29:34:3B:D1:5A:F6:E9:3B:0A:6C:E6:4A:B6:AE:7D:E6:16:5D:20 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/tCk0O9Fa9uk7CmzmSraufeYWXSA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.104.0/22 Signature Algorithm: sha256WithRSAEncryption 27:64:80:28:2f:7e:19:a0:8c:87:39:79:1b:2c:c1:b5:9b:4d: b0:f4:e9:c2:9b:d4:8e:62:62:d2:ba:0a:d9:60:c7:b0:95:fa: 57:46:4f:9f:43:57:b3:62:d9:0e:39:8c:a2:6c:db:e8:9b:ba: 2c:e9:70:dc:7e:35:5e:3e:6f:df:a3:39:2e:08:4b:04:13:90: 6f:21:72:d7:a5:7d:ba:6c:f6:0b:00:a5:78:c7:ea:77:f8:a0: 22:bf:d1:04:8d:b7:d9:4d:45:eb:6c:2c:1f:16:3b:da:9d:40: d9:41:59:d4:59:ab:32:c1:1e:5c:54:39:68:91:85:1b:f7:f0: 1e:e1:1c:2a:ed:af:38:b9:a2:51:32:de:b6:c7:6e:42:72:13: 75:02:72:aa:17:c7:08:c7:a4:aa:e5:1f:85:87:d5:82:80:a1: 2a:87:7b:c8:09:34:ba:5c:9f:0e:3b:6b:7b:15:98:af:5a:5e: d3:5e:50:e7:04:6f:de:f2:2d:c6:b1:cd:86:0c:9b:1e:38:99: ba:23:1c:de:13:c2:61:2f:42:5c:b9:03:3c:e3:d0:2b:da:5c: 7f:e7:b1:14:95:94:17:2b:24:30:a5:9c:be:21:02:ec:4d:0b: e4:ef:b0:8e:2f:0e:ed:84:44:3a:f7:a1:4f:eb:29:90:76:73: f5:b1:31:00 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEhMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA1MDUx MjA2MTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI0MjkzNDNCRDE1QUY2 RTkzQjBBNkNFNjRBQjZBRTdERTYxNjVEMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhdN7/X1uuRYNZbOqaDwQrS7amS/FhkwobG8EgmtukcyquSoS/ wBZHPNTqHIvKrHp/q9rHxA77o+7V+nPsAxaNqmDY3g3PQ+q3dzuTKjqLgBe90YjX t+3WJTeXFQQxyoUPbj0nKT+poDmGk4hVNzAhVdXpF52k4QM22rDMRi5Amu9Iwwvq aFby22JJcGsIzDV/M/TBwAglXhFmjOdXxYhtv5TPVM7E8vpXm5la76e5gu71+XTE b3H9uRUDZDvo9LxcSUCLDFvETXTtPzh5cbn/z+4gcIEuAJpICpQo9XSPWWhcklCK qBe93QCQIOPQNmVEtoC0piN5C2HSvPOKXwkzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUtCk0O9Fa9uk7CmzmSraufeYWXSAwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL3RDazBPOUZhOXVrN0Nt em1TcmF1ZmVZV1hTQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6GgwDQYJKoZIhvcNAQELBQADggEBACdkgCgvfhmgjIc5eRsswbWbTbD06cKb 1I5iYtK6Ctlgx7CV+ldGT59DV7Ni2Q45jKJs2+ibuizpcNx+NV4+b9+jOS4ISwQT kG8hctelfbps9gsApXjH6nf4oCK/0QSNt9lNRetsLB8WO9qdQNlBWdRZqzLBHlxU OWiRhRv38B7hHCrtrzi5olEy3rbHbkJyE3UCcqoXxwjHpKrlH4WH1YKAoSqHe8gJ NLpcnw47a3sVmK9aXtNeUOcEb97yLcaxzYYMmx44mbojHN4TwmEvQly5Azzj0Cva XH/nsRSVlBcrJDClnL4hAuxNC+TvsI4vDu2ERDr3oU/rKZB2c/WxMQA= -----END CERTIFICATE-----Generated at Fri May 16 14:53:01 2025 by rpki-client