$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2187/DIfl7bXQFvsh3gCOalGnbUgUcMk.roa File: DIfl7bXQFvsh3gCOalGnbUgUcMk.roa (raw, json) Hash identifier: +BdTskyWDVY72kL9VxG7J9DMW9izo6rXOBqj4uLMOeI= Subject key identifier: 0C:87:E5:ED:B5:D0:16:FB:21:DE:00:8E:6A:51:A7:6D:48:14:70:C9 Certificate issuer: /CN=45CF5B262A56F85134C8FE95D64DF089F1B762E7 Certificate serial: 06CB Authority key identifier: 45:CF:5B:26:2A:56:F8:51:34:C8:FE:95:D6:4D:F0:89:F1:B7:62:E7 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rc9bJipW-FE0yP6V1k3wifG3Yuc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2187/DIfl7bXQFvsh3gCOalGnbUgUcMk.roa Signing time: Sat 05 Jul 2025 08:43:20 +0000 ROA not before: Sat 05 Jul 2025 08:43:20 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 124.14.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2187/Rc9bJipW-FE0yP6V1k3wifG3Yuc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2187/Rc9bJipW-FE0yP6V1k3wifG3Yuc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rc9bJipW-FE0yP6V1k3wifG3Yuc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 20 Jul 2025 22:40:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1739 (0x6cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=45CF5B262A56F85134C8FE95D64DF089F1B762E7 Validity Not Before: Jul 5 08:43:20 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=0C87E5EDB5D016FB21DE008E6A51A76D481470C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c4:5f:f0:17:ef:3f:4f:42:45:a7:1b:3f:7c: ee:d6:af:e6:59:1b:61:aa:8d:36:b5:2a:80:c8:74: 23:a7:9c:6e:31:a9:ee:b7:70:f8:e2:41:33:e7:21: 56:71:b7:2f:a0:99:d2:1c:f6:cc:11:c5:6d:06:fb: e4:dd:85:44:15:5f:67:f6:6e:11:98:73:70:75:96: 9e:e5:87:ce:99:fe:94:83:65:b7:e0:eb:d0:f9:0e: 3b:5f:7a:c0:b2:d1:89:4f:a2:30:79:6b:b4:fc:f8: 62:8b:88:f4:6b:47:16:96:86:67:02:de:94:70:c8: 12:9c:ef:3c:16:14:90:b1:3e:97:d6:65:d2:7b:78: 2e:05:65:af:16:4c:90:a6:79:d7:a7:a0:88:57:0e: ab:6c:ef:43:18:c2:54:6d:e3:b8:a4:6d:49:77:56: a9:0e:37:3f:b9:8a:c9:9e:70:51:d3:66:ec:4a:82: ab:c2:3a:50:f1:66:ca:4f:66:1e:31:c8:a2:56:8a: b0:e3:d1:fe:98:c5:b7:9c:ca:31:73:a1:fa:fd:27: 33:71:79:d8:ef:98:05:73:86:4f:31:3a:67:77:e8: 0f:48:97:48:9a:69:aa:53:42:6f:07:12:30:49:13: 6e:6c:8a:ac:41:3c:f6:08:46:5a:77:46:59:bc:83: 8c:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:87:E5:ED:B5:D0:16:FB:21:DE:00:8E:6A:51:A7:6D:48:14:70:C9 X509v3 Authority Key Identifier: keyid:45:CF:5B:26:2A:56:F8:51:34:C8:FE:95:D6:4D:F0:89:F1:B7:62:E7 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2187/Rc9bJipW-FE0yP6V1k3wifG3Yuc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Rc9bJipW-FE0yP6V1k3wifG3Yuc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2187/DIfl7bXQFvsh3gCOalGnbUgUcMk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.14.1.0/24 Signature Algorithm: sha256WithRSAEncryption 6f:11:4b:ae:38:4f:50:a2:b5:ad:84:b8:a1:d6:77:3d:33:bc: bc:5e:98:2a:c0:68:6f:c1:0f:24:24:80:fd:e5:e1:95:8e:3e: c2:02:d8:47:6d:22:c1:bc:ff:0f:57:33:68:89:02:60:d8:2c: d1:6d:2d:85:2c:ee:56:c8:db:5a:e6:cc:da:b5:24:c2:ff:ed: fc:54:48:d9:7f:c4:d6:d0:b9:52:12:53:e6:4d:04:ad:f5:61: 1e:42:12:63:3b:b6:34:f0:cf:7b:92:3f:63:af:5f:c8:e9:2f: ce:41:80:5f:46:10:3e:95:f9:4b:12:de:e3:bd:12:5e:9e:57: 20:40:bc:c2:74:86:1f:c9:60:b8:71:ff:9d:46:c9:cb:90:e5: 94:72:4f:4f:a6:71:e7:16:55:77:20:35:31:f8:93:62:5a:73: 1b:c3:cc:02:2f:1f:37:12:ca:ee:61:24:0f:95:2d:15:8b:83: 18:c8:a2:23:41:01:ae:82:b2:59:e2:a1:97:ff:6c:db:25:20: 4b:4f:c8:be:d0:0e:71:d3:6d:19:85:f5:be:73:63:89:86:5a: 6b:82:d8:4e:9a:9c:f5:ac:bc:c8:32:48:cb:17:f9:11:c2:f8: 5d:9f:03:b4:f7:ea:cf:2e:15:02:d2:c9:0b:3a:d2:92:b8:99: a6:37:ec:04 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDVD RjVCMjYyQTU2Rjg1MTM0QzhGRTk1RDY0REYwODlGMUI3NjJFNzAeFw0yNTA3MDUw ODQzMjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBDODdFNUVEQjVEMDE2 RkIyMURFMDA4RTZBNTFBNzZENDgxNDcwQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsxF/wF+8/T0JFpxs/fO7Wr+ZZG2GqjTa1KoDIdCOnnG4xqe63 cPjiQTPnIVZxty+gmdIc9swRxW0G++TdhUQVX2f2bhGYc3B1lp7lh86Z/pSDZbfg 69D5DjtfesCy0YlPojB5a7T8+GKLiPRrRxaWhmcC3pRwyBKc7zwWFJCxPpfWZdJ7 eC4FZa8WTJCmedenoIhXDqts70MYwlRt47ikbUl3VqkONz+5ismecFHTZuxKgqvC OlDxZspPZh4xyKJWirDj0f6YxbecyjFzofr9JzNxedjvmAVzhk8xOmd36A9Il0ia aapTQm8HEjBJE25siqxBPPYIRlp3Rlm8g4wXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDIfl7bXQFvsh3gCOalGnbUgUcMkwHwYDVR0jBBgwFoAURc9bJipW+FE0yP6V 1k3wifG3YucwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjE4 Ny9SYzliSmlwVy1GRTB5UDZWMWszd2lmRzNZdWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1JjOWJKaXBXLUZFMHlQNlYxazN3aWZHM1l1Yy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxODcvRElmbDdiWFFGdnNo M2dDT2FsR25iVWdVY01rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHwOATANBgkqhkiG9w0BAQsFAAOCAQEAbxFLrjhPUKK1rYS4odZ3PTO8vF6Y KsBob8EPJCSA/eXhlY4+wgLYR20iwbz/D1czaIkCYNgs0W0thSzuVsjbWubM2rUk wv/t/FRI2X/E1tC5UhJT5k0ErfVhHkISYzu2NPDPe5I/Y69fyOkvzkGAX0YQPpX5 SxLe470SXp5XIEC8wnSGH8lguHH/nUbJy5DllHJPT6Zx5xZVdyA1MfiTYlpzG8PM Ai8fNxLK7mEkD5UtFYuDGMiiI0EBroKyWeKhl/9s2yUgS0/IvtAOcdNtGYX1vnNj iYZaa4LYTpqc9ay8yDJIyxf5EcL4XZ8DtPfqzy4VAtLJCzrSkriZpjfsBA== -----END CERTIFICATE-----Generated at Sun Jul 20 19:19:06 2025 by rpki-client