$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/hupfjQ63h23ICmImLBC5es1nYIw.roa File: hupfjQ63h23ICmImLBC5es1nYIw.roa (raw, json) Hash identifier: ykdtrsnnH4nmPBvWy1l0lXTYMFNI/WidqmyzBbLfPHE= Subject key identifier: 86:EA:5F:8D:0E:B7:87:6D:C8:0A:62:26:2C:10:B9:7A:CD:67:60:8C Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 0BD8 Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/hupfjQ63h23ICmImLBC5es1nYIw.roa Signing time: Tue 13 May 2025 06:43:33 +0000 ROA not before: Tue 13 May 2025 06:43:33 +0000 ROA not after: Thu 09 Apr 2026 06:41:00 +0000 asID: 63567 IP address blocks: 103.37.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 09:41:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3032 (0xbd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: May 13 06:43:33 2025 GMT Not After : Apr 9 06:41:00 2026 GMT Subject: CN=86EA5F8D0EB7876DC80A62262C10B97ACD67608C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:fb:58:5f:37:a7:8d:33:a1:5b:c7:2a:27:e0: 62:6f:55:a9:7e:89:dd:27:f4:80:35:09:a0:26:ee: 49:d3:70:da:36:6f:a3:be:86:ae:42:24:78:91:65: a5:6d:66:33:2e:6e:a6:ef:25:99:e0:4a:8d:46:4a: 7d:f6:de:76:48:ea:3c:93:15:9e:dc:9a:a8:f0:d3: bb:f8:2a:3b:b9:0e:2a:e3:57:f6:93:ce:01:55:e1: f0:b8:dc:9c:82:9a:5f:62:cd:7a:18:c6:85:4b:89: f9:68:07:51:4d:ba:11:ab:a9:bc:c5:ca:23:e4:f6: 9c:82:ae:d1:84:61:02:78:3e:dc:e2:02:84:1f:37: 10:05:05:e1:93:10:5a:9d:da:f7:94:a5:03:4d:9c: 6b:68:71:b2:67:db:b2:20:d2:af:06:b4:72:7d:16: 9a:31:39:a8:9a:33:be:cc:14:7b:af:81:20:ea:9d: 61:42:e6:00:a7:af:cc:23:ad:02:fe:d0:fd:db:e6: c5:1c:da:bd:9a:b5:3b:7d:df:48:30:f2:ef:c9:1b: 36:9b:f0:fc:55:06:ac:f4:43:f3:a2:ae:84:28:d0: 75:c9:9d:33:0d:70:f3:fc:05:99:c6:ef:c5:ed:ff: 56:f5:f1:88:ed:0d:bb:f4:95:b3:29:aa:87:75:6a: 4f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:EA:5F:8D:0E:B7:87:6D:C8:0A:62:26:2C:10:B9:7A:CD:67:60:8C X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/hupfjQ63h23ICmImLBC5es1nYIw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.37.44.0/22 Signature Algorithm: sha256WithRSAEncryption 74:f4:9a:f4:a1:97:aa:38:d8:b2:41:b7:bf:1b:5e:52:8d:74: 03:a0:5b:c8:9a:66:6a:98:e6:c3:a3:0d:40:06:fd:d8:a7:14: 1c:45:70:25:68:65:0d:33:31:f7:0a:c0:c9:98:89:1e:12:21: 85:a7:ad:d1:c8:55:bb:1b:5f:d5:3d:9a:28:7b:04:15:27:c0: e8:d6:9b:3c:81:7c:10:fa:32:9e:a1:bc:46:1a:fe:e9:f1:9b: 70:9a:62:f9:d8:25:be:45:cd:88:f1:87:5e:1d:00:cb:d0:6b: ea:fe:ee:f6:40:85:aa:bd:cb:5d:c7:15:ad:5a:a6:1a:a7:2f: ba:19:8b:d1:89:6b:27:93:3a:ed:9f:e9:1c:ed:31:d7:8a:9b: 1b:08:af:65:19:f9:09:db:a3:3f:aa:18:ae:9d:19:e3:27:b1: 64:8c:08:d8:bc:9c:64:d7:88:eb:03:45:80:70:52:f9:5d:5c: 6a:15:2c:65:ba:87:5d:dd:3c:6a:7f:46:53:90:85:8c:aa:9d: a8:4b:2b:23:60:eb:76:0d:8d:e4:b9:99:30:98:08:97:00:32: 46:50:70:d4:8c:61:b2:87:39:0a:28:e4:f2:ea:46:cc:85:1e: 8e:df:7a:e6:72:00:1d:e5:c0:5d:ab:49:e1:1f:08:09:54:fb: 6e:27:d2:31 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICC9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA1MTMw NjQzMzNaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKDg2RUE1RjhEMEVCNzg3 NkRDODBBNjIyNjJDMTBCOTdBQ0Q2NzYwOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH+1hfN6eNM6Fbxyon4GJvVal+id0n9IA1CaAm7knTcNo2b6O+ hq5CJHiRZaVtZjMubqbvJZngSo1GSn323nZI6jyTFZ7cmqjw07v4Kju5DirjV/aT zgFV4fC43JyCml9izXoYxoVLifloB1FNuhGrqbzFyiPk9pyCrtGEYQJ4PtziAoQf NxAFBeGTEFqd2veUpQNNnGtocbJn27Ig0q8GtHJ9FpoxOaiaM77MFHuvgSDqnWFC 5gCnr8wjrQL+0P3b5sUc2r2atTt930gw8u/JGzab8PxVBqz0Q/OiroQo0HXJnTMN cPP8BZnG78Xt/1b18YjtDbv0lbMpqod1ak9rAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUhupfjQ63h23ICmImLBC5es1nYIwwHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL2h1cGZqUTYzaDIzSUNt SW1MQkM1ZXMxbllJdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnJSwwDQYJKoZIhvcNAQELBQADggEBAHT0mvShl6o42LJBt78bXlKNdAOgW8ia ZmqY5sOjDUAG/dinFBxFcCVoZQ0zMfcKwMmYiR4SIYWnrdHIVbsbX9U9mih7BBUn wOjWmzyBfBD6Mp6hvEYa/unxm3CaYvnYJb5FzYjxh14dAMvQa+r+7vZAhaq9y13H Fa1aphqnL7oZi9GJayeTOu2f6RztMdeKmxsIr2UZ+Qnboz+qGK6dGeMnsWSMCNi8 nGTXiOsDRYBwUvldXGoVLGW6h13dPGp/RlOQhYyqnahLKyNg63YNjeS5mTCYCJcA MkZQcNSMYbKHOQoo5PLqRsyFHo7feuZyAB3lwF2rSeEfCAlU+24n0jE= -----END CERTIFICATE-----Generated at Sun May 18 07:19:39 2025 by rpki-client