$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/hScwhISbbD05P3MsLEqTbc-dDTs.roa File: hScwhISbbD05P3MsLEqTbc-dDTs.roa (raw, json) Hash identifier: gmUbfsswTFyRVEoA8qaEC9fKflGoEEuvkYKxch/4fkY= Subject key identifier: 85:27:30:84:84:9B:6C:3D:39:3F:73:2C:2C:4A:93:6D:CF:9D:0D:3B Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1576 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/hScwhISbbD05P3MsLEqTbc-dDTs.roa Signing time: Fri 17 Jan 2025 01:27:47 +0000 ROA not before: Fri 17 Jan 2025 01:27:47 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 180.223.216.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:38:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5494 (0x1576) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jan 17 01:27:47 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=85273084849B6C3D393F732C2C4A936DCF9D0D3B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:48:9a:4a:bd:87:e5:cc:dc:0d:54:fd:12:18: 91:22:f4:53:b7:58:5f:12:08:7e:b0:28:f6:ca:f0: d4:1d:17:60:e7:51:35:5f:c1:cb:85:1b:7d:af:58: 05:2c:f9:bb:0d:ea:d3:5c:2f:58:5a:04:65:20:e4: 5c:bb:ae:cf:2e:24:d4:ad:5c:12:44:83:89:64:f5: a2:6a:b2:39:88:1c:5c:f3:da:74:a4:02:f8:55:48: 2b:68:52:2d:50:e8:65:80:f2:38:f1:b8:b6:e4:4a: 8d:ab:b9:56:b2:58:5b:92:86:34:4e:82:e8:a6:75: 37:f1:a4:3e:3f:b8:ad:cc:9d:88:4d:8b:46:a2:57: 32:03:22:4f:dd:63:b0:47:78:2b:cb:99:49:10:a7: 92:78:87:70:57:e4:96:20:93:69:c2:7d:ed:15:fb: 10:90:67:c9:d2:57:37:96:63:c4:11:a0:43:34:c7: f4:9b:86:fa:e0:81:73:2a:b6:f1:cf:32:35:06:12: 55:07:eb:e0:5b:3a:ab:31:c8:5f:8b:c1:5d:a5:02: d9:54:c4:6b:07:81:f6:52:18:80:21:d8:5d:b5:2e: 61:8c:57:b9:17:bc:46:98:2b:b8:a4:6e:b2:00:dd: 5a:6e:c7:98:3c:76:64:5c:63:39:46:c3:9e:a9:e6: ab:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:27:30:84:84:9B:6C:3D:39:3F:73:2C:2C:4A:93:6D:CF:9D:0D:3B X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/hScwhISbbD05P3MsLEqTbc-dDTs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.216.0/21 Signature Algorithm: sha256WithRSAEncryption a5:e9:6a:f1:e8:b6:42:51:a6:18:34:5f:74:9c:b3:29:a3:5c: 93:7b:89:5f:a0:2e:16:bb:a7:b7:c8:f6:9b:f7:35:d3:25:8f: 60:05:e4:a9:93:1e:4d:c4:95:ed:7c:a8:28:b4:67:5f:ac:f3: 98:fb:c4:5a:7d:71:40:83:37:ff:47:71:48:ec:f1:1a:b1:3d: 9f:7c:08:66:db:0c:fa:5e:67:04:ee:3e:41:c6:f4:e5:33:9a: 7e:ea:59:a6:83:a2:1a:f2:a9:94:48:2a:d6:69:f3:7f:2c:c3: 15:77:85:62:cf:2b:88:17:e7:3c:0e:30:30:ce:80:ff:9e:ed: 58:45:69:ce:f4:ed:90:fe:5a:bf:f7:b9:ab:3e:c2:79:db:66: b4:5e:b6:14:37:07:0b:43:02:1c:b3:47:65:64:45:2d:2e:da: fe:9c:7e:69:e9:ba:d1:e4:96:5e:26:6a:05:9f:06:23:a9:ff: 39:ef:92:56:ef:2b:41:0d:54:11:27:e7:1d:a7:14:47:b2:9d: 51:4c:a9:5b:69:04:6b:c9:b1:28:ad:7c:20:b2:90:a6:73:2f: 54:33:2e:49:a6:4c:7c:f4:ae:d4:0b:b3:18:d8:32:9e:0e:2c: c0:4a:d3:88:ef:e2:ca:4f:af:e1:4c:f2:75:f7:cb:a1:e5:6c: b1:1b:e5:f2 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNTAxMTcw MTI3NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg1MjczMDg0ODQ5QjZD M0QzOTNGNzMyQzJDNEE5MzZEQ0Y5RDBEM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFSJpKvYflzNwNVP0SGJEi9FO3WF8SCH6wKPbK8NQdF2DnUTVf wcuFG32vWAUs+bsN6tNcL1haBGUg5Fy7rs8uJNStXBJEg4lk9aJqsjmIHFzz2nSk AvhVSCtoUi1Q6GWA8jjxuLbkSo2ruVayWFuShjROguimdTfxpD4/uK3MnYhNi0ai VzIDIk/dY7BHeCvLmUkQp5J4h3BX5JYgk2nCfe0V+xCQZ8nSVzeWY8QRoEM0x/Sb hvrggXMqtvHPMjUGElUH6+BbOqsxyF+LwV2lAtlUxGsHgfZSGIAh2F21LmGMV7kX vEaYK7ikbrIA3Vpux5g8dmRcYzlGw56p5qtDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUhScwhISbbD05P3MsLEqTbc+dDTswHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvaFNjd2hJU2JiRDA1 UDNNc0xFcVRiYy1kRFRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf2DANBgkqhkiG9w0BAQsFAAOCAQEApelq8ei2QlGmGDRfdJyzKaNck3uJ X6AuFrunt8j2m/c10yWPYAXkqZMeTcSV7XyoKLRnX6zzmPvEWn1xQIM3/0dxSOzx GrE9n3wIZtsM+l5nBO4+Qcb05TOafupZpoOiGvKplEgq1mnzfyzDFXeFYs8riBfn PA4wMM6A/57tWEVpzvTtkP5av/e5qz7CedtmtF62FDcHC0MCHLNHZWRFLS7a/px+ aem60eSWXiZqBZ8GI6n/Oe+SVu8rQQ1UESfnHacUR7KdUUypW2kEa8mxKK18ILKQ pnMvVDMuSaZMfPSu1AuzGNgyng4swErTiO/iyk+v4UzydffLoeVssRvl8g== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:26 2025 by rpki-client on console.sobornost.net