$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3205/Gd_YNMTdXkKb4ixlYKoNtqNUCY0.roa File: Gd_YNMTdXkKb4ixlYKoNtqNUCY0.roa (raw, json) Hash identifier: W2YpQBXDkvhHWd0uywxBgMOGXe/0d59l+p8ldWdL96I= Subject key identifier: 19:DF:D8:34:C4:DD:5E:42:9B:E2:2C:65:60:AA:0D:B6:A3:54:09:8D Certificate issuer: /CN=581041F42679F5E17F19C37E490A7794863B2BEB Certificate serial: 0ACA Authority key identifier: 58:10:41:F4:26:79:F5:E1:7F:19:C3:7E:49:0A:77:94:86:3B:2B:EB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/Gd_YNMTdXkKb4ixlYKoNtqNUCY0.roa Signing time: Fri 17 Jan 2025 01:23:37 +0000 ROA not before: Fri 17 Jan 2025 01:23:37 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4812 IP address blocks: 103.96.224.0/23 maxlen: 24 103.96.224.0/24 maxlen: 24 103.96.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:38:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2762 (0xaca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=581041F42679F5E17F19C37E490A7794863B2BEB Validity Not Before: Jan 17 01:23:37 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=19DFD834C4DD5E429BE22C6560AA0DB6A354098D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:fe:20:a8:69:5d:c7:93:19:dd:fc:28:63:6f: bf:89:86:a6:8e:1c:34:18:d0:0d:fc:21:55:13:c1: 78:da:96:7c:27:8f:17:2e:30:81:44:5a:ff:c2:69: 1b:b1:c7:0a:55:92:21:cf:58:cb:b4:02:b3:15:24: 9e:5c:b5:af:b3:2b:cd:f9:9e:5e:fa:7b:5e:fb:a5: b9:c3:b9:1a:ce:7a:a8:3e:24:3f:c9:14:bd:d3:56: cf:2a:68:0b:93:b9:28:72:b2:40:dd:13:95:a0:1f: 36:9b:b5:c3:be:73:7e:c6:b1:5f:93:a7:d2:c0:84: 26:34:33:e9:ac:ec:f0:22:26:63:be:22:c1:5f:19: dc:cf:f2:d3:70:60:0d:f0:d8:81:f6:fb:ef:2f:15: c1:fc:b3:80:35:51:d1:18:12:3c:50:ce:87:4c:04: 51:3a:2b:4a:12:62:43:9c:ad:04:6e:1f:5e:88:0f: 2d:13:02:2a:5d:7c:1b:00:71:11:5c:2b:b0:f9:eb: 53:40:76:78:59:64:76:80:56:2a:10:0e:84:f2:a5: 84:42:68:f6:6a:16:b5:91:d9:aa:3a:bd:df:21:4c: 7f:eb:43:d0:5d:60:f8:52:c8:77:c7:f5:26:27:bd: 04:9e:e9:07:79:2f:4f:ea:e4:2c:24:46:ca:c6:85: 0e:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:DF:D8:34:C4:DD:5E:42:9B:E2:2C:65:60:AA:0D:B6:A3:54:09:8D X509v3 Authority Key Identifier: keyid:58:10:41:F4:26:79:F5:E1:7F:19:C3:7E:49:0A:77:94:86:3B:2B:EB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/Gd_YNMTdXkKb4ixlYKoNtqNUCY0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.96.224.0/23 Signature Algorithm: sha256WithRSAEncryption 0e:10:f7:08:89:8a:a1:e2:25:16:df:b6:40:10:34:81:37:75: 68:07:31:ae:5c:fa:a5:8d:c5:ca:55:1c:83:ca:b4:5c:13:f4: 3b:64:4b:e2:c4:e2:e6:73:0a:ef:fa:92:f8:be:cf:d7:34:92: 68:b5:1a:d6:14:7e:e6:98:f4:8a:8b:6d:cc:12:67:f6:b6:a6: af:37:e3:f3:af:db:64:9b:4a:f2:02:25:56:b2:9f:28:d0:4b: fd:1a:67:66:4e:c1:79:01:98:ec:0c:cb:8e:e5:34:31:88:58: 80:f6:d1:66:6b:87:4a:bd:ad:fc:e2:77:0a:cd:84:b7:bf:f9: 3d:00:75:9c:c5:12:ce:ed:d7:28:69:78:68:52:a6:a4:ce:ff: b7:1e:6d:69:8a:73:6a:97:68:2a:a7:a3:8d:a5:78:1e:19:0a: 97:18:7c:3b:6e:77:20:88:de:78:78:27:99:1b:62:cf:13:8f: f2:cb:1e:dd:f3:91:00:d8:34:d6:c4:c8:82:04:20:a4:59:b2: 30:44:74:47:96:13:1e:19:91:de:6d:85:4c:8e:8d:53:9a:20: d6:75:b8:13:d4:db:7e:53:cb:83:a2:fc:02:fe:17:bd:45:40: 2c:66:6a:2b:5c:e7:ca:0c:dd:5f:18:9e:91:f9:d9:4d:2d:81: f3:2c:0d:38 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTgx MDQxRjQyNjc5RjVFMTdGMTlDMzdFNDkwQTc3OTQ4NjNCMkJFQjAeFw0yNTAxMTcw MTIzMzdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE5REZEODM0QzRERDVF NDI5QkUyMkM2NTYwQUEwREI2QTM1NDA5OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDH/iCoaV3Hkxnd/Chjb7+JhqaOHDQY0A38IVUTwXjalnwnjxcu MIFEWv/CaRuxxwpVkiHPWMu0ArMVJJ5cta+zK835nl76e177pbnDuRrOeqg+JD/J FL3TVs8qaAuTuShyskDdE5WgHzabtcO+c37GsV+Tp9LAhCY0M+ms7PAiJmO+IsFf GdzP8tNwYA3w2IH2++8vFcH8s4A1UdEYEjxQzodMBFE6K0oSYkOcrQRuH16IDy0T AipdfBsAcRFcK7D561NAdnhZZHaAVioQDoTypYRCaPZqFrWR2ao6vd8hTH/rQ9Bd YPhSyHfH9SYnvQSe6Qd5L0/q5CwkRsrGhQ6jAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUGd/YNMTdXkKb4ixlYKoNtqNUCY0wHwYDVR0jBBgwFoAUWBBB9CZ59eF/GcN+ SQp3lIY7K+swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzIw NS9XQkJCOUNaNTllRl9HY04tU1FwM2xJWTdLLXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1dCQkI5Q1o1OWVGX0djTi1TUXAzbElZN0stcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyMDUvR2RfWU5NVGRYa0ti NGl4bFlLb050cU5VQ1kwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdg4DANBgkqhkiG9w0BAQsFAAOCAQEADhD3CImKoeIlFt+2QBA0gTd1aAcx rlz6pY3FylUcg8q0XBP0O2RL4sTi5nMK7/qS+L7P1zSSaLUa1hR+5pj0iottzBJn 9ramrzfj86/bZJtK8gIlVrKfKNBL/RpnZk7BeQGY7AzLjuU0MYhYgPbRZmuHSr2t /OJ3Cs2Et7/5PQB1nMUSzu3XKGl4aFKmpM7/tx5taYpzapdoKqejjaV4HhkKlxh8 O253IIjeeHgnmRtizxOP8sse3fORANg01sTIggQgpFmyMER0R5YTHhmR3m2FTI6N U5og1nW4E9TbflPLg6L8Av4XvUVALGZqK1znygzdXxiekfnZTS2B8ywNOA== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:26 2025 by rpki-client on console.sobornost.net