$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/890/tpR70pazrp5ziP0cGXwVLY77nKo.roa File: tpR70pazrp5ziP0cGXwVLY77nKo.roa (raw, json) Hash identifier: qkg0hL/sdz49NH5A6jozlKE/jn8E0fdMHsJGJKkksLE= Subject key identifier: B6:94:7B:D2:96:B3:AE:9E:73:88:FD:1C:19:7C:15:2D:8E:FB:9C:AA Certificate issuer: /CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Certificate serial: 0BB3 Authority key identifier: DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/tpR70pazrp5ziP0cGXwVLY77nKo.roa Signing time: Tue 06 May 2025 05:40:16 +0000 ROA not before: Tue 06 May 2025 05:40:16 +0000 ROA not after: Thu 09 Apr 2026 06:41:00 +0000 asID: 63567 IP address blocks: 43.248.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 19:10:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2995 (0xbb3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DBB4C5FA96B8741BF68B48BF004DBD6FD9636FAD Validity Not Before: May 6 05:40:16 2025 GMT Not After : Apr 9 06:41:00 2026 GMT Subject: CN=B6947BD296B3AE9E7388FD1C197C152D8EFB9CAA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:30:3b:6e:ac:99:2d:76:9e:bf:72:1b:5f:dd: 06:44:2b:ea:a2:3b:69:e7:51:8c:ec:30:4f:3f:32: 89:41:23:d1:80:e8:a2:7c:5d:16:05:64:91:ab:a4: 7f:e0:37:3a:31:30:db:97:9a:c6:87:f5:b3:63:80: 66:45:58:a7:08:1f:69:2b:02:6e:1b:0d:9e:96:da: 11:61:4c:16:ac:30:62:3d:b7:8c:15:a0:c8:91:f7: 37:6f:d0:4b:7b:c4:0c:e6:87:27:12:72:8c:86:6e: 2f:8d:c9:90:e1:b5:23:55:89:4d:99:b6:c8:02:fe: 4d:6f:88:60:aa:d4:b3:ef:41:d1:9e:9d:c2:76:48: fd:e6:10:3c:c3:6e:40:fa:f7:ec:14:46:43:28:c0: 8d:83:2e:f3:38:34:32:15:d4:98:d8:73:40:cc:c3: 55:9e:f7:53:53:8c:c0:24:2d:6a:1a:ea:3d:87:97: e8:7b:38:ac:3c:0e:82:47:1e:18:33:9d:b2:d0:1a: f2:68:60:b4:b5:54:89:37:02:39:5f:9c:09:e7:1e: 37:71:65:dd:85:c6:ce:80:ce:8e:9c:94:39:47:ec: be:4d:b3:0a:a5:8e:2e:23:64:a5:44:94:45:3b:fb: 9b:03:d2:6e:a1:a4:b2:ac:62:1c:75:61:ce:22:e6: be:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:94:7B:D2:96:B3:AE:9E:73:88:FD:1C:19:7C:15:2D:8E:FB:9C:AA X509v3 Authority Key Identifier: keyid:DB:B4:C5:FA:96:B8:74:1B:F6:8B:48:BF:00:4D:BD:6F:D9:63:6F:AD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/27TF-pa4dBv2i0i_AE29b9ljb60.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27TF-pa4dBv2i0i_AE29b9ljb60.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/890/tpR70pazrp5ziP0cGXwVLY77nKo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.248.176.0/20 Signature Algorithm: sha256WithRSAEncryption b2:11:ff:dd:c0:55:f9:d4:da:06:d5:36:b0:71:18:42:70:09: 2c:ca:28:01:82:08:94:b6:bd:25:96:a6:ea:8b:27:9b:1d:27: bb:72:78:51:1e:0a:9c:24:0c:17:f3:50:a8:5d:e5:55:b5:7c: 36:c2:da:a4:9c:bf:44:65:52:45:d8:65:21:69:b5:96:42:75: 1e:9b:1d:d1:df:56:a8:62:22:89:ce:8a:3d:d6:66:6c:95:fc: 22:9a:47:73:ba:33:9e:3c:59:0f:89:57:df:f3:4e:3d:b2:ae: 7b:e1:52:71:5b:46:d4:88:59:43:1a:6d:cf:d5:84:3a:7e:54: d7:68:ca:b8:78:b7:bb:10:73:bf:f4:63:26:19:3f:6e:22:07: 0b:a2:06:79:b2:86:90:27:3c:ff:55:36:ce:74:d0:90:f2:44: 50:88:42:7d:c5:f2:ea:e7:21:ff:f8:16:bf:81:eb:8e:30:cc: 9c:8e:56:f3:df:49:cc:61:24:be:99:56:81:f0:dc:97:b4:7b: b9:c4:13:9a:f8:0a:ca:29:88:1d:a1:5b:f4:10:11:e3:f1:56: b9:e2:09:5f:25:bb:d9:45:4b:1e:fa:3a:6b:3b:b8:13:51:38: 17:55:b6:7d:e1:08:3d:d9:1b:b8:03:1d:e2:01:73:a2:de:91: fe:5a:c7:9f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICC7MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREJC NEM1RkE5NkI4NzQxQkY2OEI0OEJGMDA0REJENkZEOTYzNkZBRDAeFw0yNTA1MDYw NTQwMTZaFw0yNjA0MDkwNjQxMDBaMDMxMTAvBgNVBAMTKEI2OTQ3QkQyOTZCM0FF OUU3Mzg4RkQxQzE5N0MxNTJEOEVGQjlDQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCaMDturJktdp6/chtf3QZEK+qiO2nnUYzsME8/MolBI9GA6KJ8 XRYFZJGrpH/gNzoxMNuXmsaH9bNjgGZFWKcIH2krAm4bDZ6W2hFhTBasMGI9t4wV oMiR9zdv0Et7xAzmhycScoyGbi+NyZDhtSNViU2ZtsgC/k1viGCq1LPvQdGencJ2 SP3mEDzDbkD69+wURkMowI2DLvM4NDIV1JjYc0DMw1We91NTjMAkLWoa6j2Hl+h7 OKw8DoJHHhgznbLQGvJoYLS1VIk3AjlfnAnnHjdxZd2Fxs6Azo6clDlH7L5Nswql ji4jZKVElEU7+5sD0m6hpLKsYhx1Yc4i5r7tAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUtpR70pazrp5ziP0cGXwVLY77nKowHwYDVR0jBBgwFoAU27TF+pa4dBv2i0i/ AE29b9ljb60wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkw LzI3VEYtcGE0ZEJ2MmkwaV9BRTI5YjlsamI2MC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMjdURi1wYTRkQnYyaTBpX0FFMjliOWxqYjYwLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODkwL3RwUjcwcGF6cnA1emlQ MGNHWHdWTFk3N25Lby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAQr+LAwDQYJKoZIhvcNAQELBQADggEBALIR/93AVfnU2gbVNrBxGEJwCSzKKAGC CJS2vSWWpuqLJ5sdJ7tyeFEeCpwkDBfzUKhd5VW1fDbC2qScv0RlUkXYZSFptZZC dR6bHdHfVqhiIonOij3WZmyV/CKaR3O6M548WQ+JV9/zTj2yrnvhUnFbRtSIWUMa bc/VhDp+VNdoyrh4t7sQc7/0YyYZP24iBwuiBnmyhpAnPP9VNs500JDyRFCIQn3F 8urnIf/4Fr+B644wzJyOVvPfScxhJL6ZVoHw3Je0e7nEE5r4CsopiB2hW/QQEePx VrniCV8lu9lFSx76Oms7uBNROBdVtn3hCD3ZG7gDHeIBc6Lekf5ax58= -----END CERTIFICATE-----Generated at Sat May 17 17:51:42 2025 by rpki-client