$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/TGpPZx1ww8lW2mKRZ-93CBlUOhw.roa File: TGpPZx1ww8lW2mKRZ-93CBlUOhw.roa (raw, json) Hash identifier: 4X/bwQBxm2EEo2XuX5P6q+VUpO3hZQDVpWWa27WjSWg= Subject key identifier: 4C:6A:4F:67:1D:70:C3:C9:56:DA:62:91:67:EF:77:08:19:54:3A:1C Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 01B9 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/TGpPZx1ww8lW2mKRZ-93CBlUOhw.roa Signing time: Tue 01 Apr 2025 18:48:42 +0000 ROA not before: Tue 01 Apr 2025 18:48:42 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 24413 IP address blocks: 114.28.201.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 02:37:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 441 (0x1b9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 1 18:48:42 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=4C6A4F671D70C3C956DA629167EF770819543A1C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:75:39:55:60:7c:be:21:70:d9:40:d2:0e:d3: 6c:9d:76:15:86:cf:0e:18:e5:c8:0b:ae:f5:0e:80: 45:1d:ff:44:93:e5:e3:d6:12:1d:6c:71:2f:33:1f: cc:f2:ea:80:10:ce:fc:fa:6a:9f:cd:ea:00:08:54: 23:c8:55:e9:f8:4a:36:4e:8d:9f:a5:5e:8f:58:f6: fa:e8:54:01:31:9b:97:11:54:39:0d:db:91:97:38: 2b:8b:86:df:e8:d3:34:3d:27:c6:ef:b1:e8:9b:ae: 3e:c8:9b:1f:59:d5:f1:55:a6:ad:31:a1:8a:6b:af: 09:d5:65:7d:c4:1c:99:03:a1:36:48:90:6b:3e:b9: 3f:39:b9:50:71:19:34:76:bf:59:95:ed:94:72:35: 4c:bd:d2:ab:bc:e5:4f:7b:24:4a:5e:62:34:8e:c9: 09:05:89:c7:b6:ac:a7:b5:57:9c:ee:01:4e:82:c7: 22:f8:de:d7:90:5e:d4:cc:16:27:8c:d4:d4:76:89: 4e:ed:db:f7:70:68:d6:cb:da:09:4b:09:7a:c8:a6: 59:38:13:4d:44:42:47:59:b0:13:2a:99:75:44:03: fd:93:5f:0d:11:fa:b8:17:8e:23:88:27:94:21:eb: be:f0:c5:d9:a3:20:76:d3:4a:65:22:d0:87:79:38: 44:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:6A:4F:67:1D:70:C3:C9:56:DA:62:91:67:EF:77:08:19:54:3A:1C X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/TGpPZx1ww8lW2mKRZ-93CBlUOhw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.201.0/24 Signature Algorithm: sha256WithRSAEncryption ba:71:0d:fb:79:cf:da:c6:8f:2d:00:82:80:a9:3f:4e:7e:b7: 54:b5:e5:d1:ec:b9:8c:28:11:73:e6:66:89:43:3d:88:ef:1c: 40:22:1f:2a:57:f9:9d:af:a0:e1:7b:42:f7:69:c8:52:22:b4: a1:fe:72:68:fe:9b:f0:a8:f5:8b:c7:55:97:a0:34:e0:09:3d: 7c:4c:c2:fe:c0:bb:e8:78:20:92:36:ea:6d:ed:45:64:d9:3a: 31:e6:37:da:19:4b:10:06:de:4b:73:42:99:e4:20:df:80:5e: fe:3e:e4:aa:84:9d:c4:72:dc:67:af:84:0b:01:92:45:ac:1f: 16:d9:89:62:e4:a0:fa:73:10:49:3d:17:05:af:57:af:58:c0: 92:e1:ed:ac:02:57:4f:77:56:e0:5f:6e:9c:f6:0b:05:0b:35: eb:da:1d:35:aa:a3:07:ab:ac:f2:ca:77:3a:13:4a:10:f1:17: 2a:12:5c:bd:4f:28:fe:3e:e2:be:58:fc:b8:a3:f7:e2:49:e7: 91:dc:fa:5d:fb:78:fc:84:83:d5:33:6d:93:40:f8:67:02:57: be:96:37:39:bb:9b:93:87:42:c4:01:99:ac:6f:f1:52:3f:f1: bd:9c:f2:3f:00:3b:e2:79:8c:50:5d:46:9f:81:e5:7b:32:92: c0:03:2e:52 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAbkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MDEx ODQ4NDJaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDRDNkE0RjY3MUQ3MEMz Qzk1NkRBNjI5MTY3RUY3NzA4MTk1NDNBMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDOdTlVYHy+IXDZQNIO02yddhWGzw4Y5cgLrvUOgEUd/0ST5ePW Eh1scS8zH8zy6oAQzvz6ap/N6gAIVCPIVen4SjZOjZ+lXo9Y9vroVAExm5cRVDkN 25GXOCuLht/o0zQ9J8bvseibrj7Imx9Z1fFVpq0xoYprrwnVZX3EHJkDoTZIkGs+ uT85uVBxGTR2v1mV7ZRyNUy90qu85U97JEpeYjSOyQkFice2rKe1V5zuAU6CxyL4 3teQXtTMFieM1NR2iU7t2/dwaNbL2glLCXrIplk4E01EQkdZsBMqmXVEA/2TXw0R +rgXjiOIJ5Qh677wxdmjIHbTSmUi0Id5OESDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUTGpPZx1ww8lW2mKRZ+93CBlUOhwwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL1RHcFBaeDF3dzhsVzJt S1JaLTkzQ0JsVU9ody5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHMkwDQYJKoZIhvcNAQELBQADggEBALpxDft5z9rGjy0AgoCpP05+t1S15dHs uYwoEXPmZolDPYjvHEAiHypX+Z2voOF7QvdpyFIitKH+cmj+m/Co9YvHVZegNOAJ PXxMwv7Au+h4IJI26m3tRWTZOjHmN9oZSxAG3ktzQpnkIN+AXv4+5KqEncRy3Gev hAsBkkWsHxbZiWLkoPpzEEk9FwWvV69YwJLh7awCV093VuBfbpz2CwULNevaHTWq owerrPLKdzoTShDxFyoSXL1PKP4+4r5Y/Lij9+JJ55Hc+l37ePyEg9UzbZNA+GcC V76WNzm7m5OHQsQBmaxv8VI/8b2c8j8AO+J5jFBdRp+B5XsyksADLlI= -----END CERTIFICATE-----Generated at Wed Apr 23 00:17:51 2025 by rpki-client