$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/plj4h6VJRl_xUalf0ulWubT4YSk.roa File: plj4h6VJRl_xUalf0ulWubT4YSk.roa (raw, json) Hash identifier: iWAQhoZ9eLQrp93ZcwCNmFDmjJoRhBvYr7ebppkeWl8= Subject key identifier: A6:58:F8:87:A5:49:46:5F:F1:51:A9:5F:D2:E9:56:B9:B4:F8:61:29 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 01BB Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/plj4h6VJRl_xUalf0ulWubT4YSk.roa Signing time: Tue 01 Apr 2025 19:09:07 +0000 ROA not before: Tue 01 Apr 2025 19:09:07 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 24413 IP address blocks: 114.28.200.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 02:37:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 443 (0x1bb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 1 19:09:07 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=A658F887A549465FF151A95FD2E956B9B4F86129 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b6:e3:dd:ea:20:19:fe:72:c1:dc:1b:29:85: 98:ae:a5:68:11:cf:41:21:ff:e4:99:b0:75:00:8c: e4:a7:aa:c6:cd:58:89:9b:78:42:a0:0a:2e:50:69: 3b:b7:3f:fe:2f:25:cc:6a:a9:57:31:68:a3:14:7a: 8f:22:e5:a2:68:99:4c:78:eb:99:66:9d:09:98:43: c5:49:6b:34:61:47:b9:78:b1:10:02:ff:32:0a:a8: fa:92:43:24:5d:ba:03:85:f3:ae:38:70:e6:d4:f2: b1:0f:4f:39:97:95:e9:26:c7:e0:5c:ad:9e:ea:79: 7e:22:64:cf:1a:65:89:d4:5e:56:e0:75:15:cf:3c: c3:c5:7a:7b:96:b8:73:70:96:40:9a:27:f2:65:b4: 15:04:9a:e3:78:1b:7e:45:6f:29:41:a7:08:21:48: fe:4a:58:f6:e6:76:ca:92:6f:e6:a3:92:b9:cd:2f: 3a:ad:df:2b:a9:b0:6f:e4:f9:02:ba:f6:8b:7f:f5: 86:aa:93:11:76:76:6a:ce:91:2f:06:1b:3e:db:6f: 89:56:6d:dc:6f:32:ff:98:05:8a:36:12:9b:ed:4f: 80:f0:8f:1c:77:1d:d9:4d:09:a5:83:17:72:9d:38: 38:4e:7d:76:99:c4:f5:09:89:94:a7:15:c3:ab:11: 51:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:58:F8:87:A5:49:46:5F:F1:51:A9:5F:D2:E9:56:B9:B4:F8:61:29 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/plj4h6VJRl_xUalf0ulWubT4YSk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.200.0/24 Signature Algorithm: sha256WithRSAEncryption 51:90:61:b0:1c:f0:c4:49:5d:21:84:65:a1:bd:09:57:91:5a: c1:d5:76:dd:1d:ec:2f:4c:e7:7c:a1:e5:31:a8:5a:9d:3c:94: 74:33:f4:7f:f1:e6:59:0b:1d:14:ea:ab:af:42:1d:fd:7b:67: 4d:32:db:69:1c:65:d7:c4:ac:30:80:c3:62:33:b4:89:d9:80: 7e:54:6c:a8:73:6b:92:5a:b8:0d:77:4d:40:30:99:1e:eb:0d: 66:e9:2e:e8:ae:9a:81:36:ec:1f:b8:d5:aa:8f:61:2b:63:9f: 49:3e:2e:f6:55:00:9d:c5:96:94:3b:b5:22:8d:04:ec:0e:ba: 7b:bb:24:d2:94:80:79:aa:ea:d1:63:99:fa:0d:be:15:00:68: 84:f9:68:b6:3c:2e:08:9d:39:98:ee:c3:72:d7:8e:d9:96:5e: 6c:91:72:cc:b8:e1:85:14:db:0d:33:db:68:af:81:12:3b:dd: d9:3d:8b:be:5b:61:e0:f1:db:e4:3b:c2:ea:b3:d3:98:ea:29: 38:52:64:51:22:8a:0b:3d:f8:fd:18:cb:40:33:b7:9f:07:83: 47:04:40:ec:83:ae:60:ec:94:4f:6e:87:7a:aa:dc:7d:1d:96: 45:f8:d0:ac:d3:4b:bc:0c:be:12:8a:22:6b:b2:42:d0:43:83: a2:6d:f8:8a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAbswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MDEx OTA5MDdaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKEE2NThGODg3QTU0OTQ2 NUZGMTUxQTk1RkQyRTk1NkI5QjRGODYxMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCtuPd6iAZ/nLB3BsphZiupWgRz0Eh/+SZsHUAjOSnqsbNWImb eEKgCi5QaTu3P/4vJcxqqVcxaKMUeo8i5aJomUx465lmnQmYQ8VJazRhR7l4sRAC /zIKqPqSQyRdugOF8644cObU8rEPTzmXlekmx+BcrZ7qeX4iZM8aZYnUXlbgdRXP PMPFenuWuHNwlkCaJ/JltBUEmuN4G35FbylBpwghSP5KWPbmdsqSb+ajkrnNLzqt 3yupsG/k+QK69ot/9YaqkxF2dmrOkS8GGz7bb4lWbdxvMv+YBYo2EpvtT4Dwjxx3 HdlNCaWDF3KdODhOfXaZxPUJiZSnFcOrEVFBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUplj4h6VJRl/xUalf0ulWubT4YSkwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL3BsajRoNlZKUmxfeFVh bGYwdWxXdWJUNFlTay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHMgwDQYJKoZIhvcNAQELBQADggEBAFGQYbAc8MRJXSGEZaG9CVeRWsHVdt0d 7C9M53yh5TGoWp08lHQz9H/x5lkLHRTqq69CHf17Z00y22kcZdfErDCAw2IztInZ gH5UbKhza5JauA13TUAwmR7rDWbpLuiumoE27B+41aqPYStjn0k+LvZVAJ3FlpQ7 tSKNBOwOunu7JNKUgHmq6tFjmfoNvhUAaIT5aLY8LgidOZjuw3LXjtmWXmyRcsy4 4YUU2w0z22ivgRI73dk9i75bYeDx2+Q7wuqz05jqKThSZFEiigs9+P0Yy0Azt58H g0cEQOyDrmDslE9uh3qq3H0dlkX40KzTS7wMvhKKImuyQtBDg6Jt+Io= -----END CERTIFICATE-----Generated at Wed Apr 23 00:17:19 2025 by rpki-client