$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/mLygT07bsPXyMhSB7dYVubjMrR0.roa File: mLygT07bsPXyMhSB7dYVubjMrR0.roa (raw, json) Hash identifier: LNtyMviZ7C3D1tBvV3qAzxQU+QGTsqC8HClJmei0gnU= Subject key identifier: 98:BC:A0:4F:4E:DB:B0:F5:F2:32:14:81:ED:D6:15:B9:B8:CC:AD:1D Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Certificate serial: 1D87 Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/mLygT07bsPXyMhSB7dYVubjMrR0.roa Signing time: Thu 03 Apr 2025 08:53:56 +0000 ROA not before: Thu 03 Apr 2025 08:53:56 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63689 IP address blocks: 202.160.140.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7559 (0x1d87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Validity Not Before: Apr 3 08:53:56 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=98BCA04F4EDBB0F5F2321481EDD615B9B8CCAD1D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:72:39:3d:ac:12:59:9f:6c:30:b2:bc:09:77: 31:69:37:56:e0:33:09:a4:ce:6f:45:64:b5:20:75: 29:1f:6b:bb:c7:69:e7:0e:6d:4e:c8:18:ac:21:20: 21:a9:41:41:c7:e9:2d:49:1c:34:4e:88:c6:aa:43: 37:2f:89:18:ef:02:cc:ae:27:dc:97:fc:9d:ed:06: fd:81:7e:8e:f7:82:0c:35:e2:ac:66:ad:d5:0f:50: dc:c1:76:d9:25:65:99:f8:a4:f9:33:21:06:00:f0: 9e:4a:11:ec:b4:e7:85:51:d4:c7:ba:26:45:ec:76: b2:9a:e6:08:bc:ad:af:f2:50:48:c8:9a:43:db:06: 6b:b8:61:d2:3e:b2:53:a2:e1:7c:86:db:43:7d:9f: 60:9d:49:9a:4e:f2:0c:45:48:0a:4b:05:8f:64:85: 2e:f3:df:fc:52:40:c0:1d:38:4f:99:a7:ec:79:18: b4:3e:cc:7a:5d:75:fb:b7:cf:5b:af:fc:56:ca:94: cd:22:ef:d6:0c:65:4c:78:73:5b:89:1e:2a:39:f2: 7f:08:c3:6e:52:66:d4:04:f4:62:51:c6:74:6f:cf: a1:77:e1:81:00:c8:8e:34:2e:01:25:1f:39:ba:01: 6d:96:b8:b8:0a:13:df:c8:c9:33:be:08:b8:17:e9: 6f:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:BC:A0:4F:4E:DB:B0:F5:F2:32:14:81:ED:D6:15:B9:B8:CC:AD:1D X509v3 Authority Key Identifier: keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/mLygT07bsPXyMhSB7dYVubjMrR0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.160.140.0/22 Signature Algorithm: sha256WithRSAEncryption 24:72:b9:45:fb:fc:68:bb:c2:cf:b2:ea:89:54:0e:44:72:6b: 87:5f:7f:19:55:34:c8:ff:b4:d1:5d:18:02:bc:51:15:a0:a9: f1:a8:23:fe:d5:ad:f1:ab:72:88:5d:60:aa:08:eb:ba:6a:85: fa:17:6e:69:ae:15:7f:29:c1:40:be:79:4d:ce:f0:86:aa:4e: 7a:87:ef:9f:f5:19:72:b1:fd:67:3b:ef:02:66:af:f8:75:9a: ae:9b:08:5c:6b:eb:86:4f:31:b9:fa:0e:6e:65:8e:f9:3b:a0: 81:28:40:fd:d2:91:ef:86:0b:5b:0b:f9:15:3c:e6:db:ca:93: c9:19:51:ee:f5:bc:62:60:05:b7:01:02:5d:7f:65:1c:f8:8c: 8c:24:9d:dc:66:6c:27:1b:25:cf:4d:6d:a9:e1:dc:08:a4:4e: aa:36:25:16:49:01:87:b6:01:e8:67:e8:5b:b2:33:55:6a:00: ee:ad:5d:b4:15:38:49:6e:e9:fa:c3:78:ce:07:7a:f8:de:7e: d4:89:57:2f:f6:2f:1c:62:85:1a:bd:d0:e4:fd:07:c9:4f:f0: c0:b5:85:aa:2c:ad:73:24:22:7e:20:e3:dc:0c:d7:b0:44:c3: c6:ae:2d:3d:d1:66:2e:6d:a8:d4:a7:58:81:c5:b6:f2:1f:f8: 98:5f:53:ea -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHYcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNTA0MDMw ODUzNTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk4QkNBMDRGNEVEQkIw RjVGMjMyMTQ4MUVERDYxNUI5QjhDQ0FEMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCucjk9rBJZn2wwsrwJdzFpN1bgMwmkzm9FZLUgdSkfa7vHaecO bU7IGKwhICGpQUHH6S1JHDROiMaqQzcviRjvAsyuJ9yX/J3tBv2Bfo73ggw14qxm rdUPUNzBdtklZZn4pPkzIQYA8J5KEey054VR1Me6JkXsdrKa5gi8ra/yUEjImkPb Bmu4YdI+slOi4XyG20N9n2CdSZpO8gxFSApLBY9khS7z3/xSQMAdOE+Zp+x5GLQ+ zHpddfu3z1uv/FbKlM0i79YMZUx4c1uJHio58n8Iw25SZtQE9GJRxnRvz6F34YEA yI40LgElHzm6AW2WuLgKE9/IyTO+CLgX6W9tAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUmLygT07bsPXyMhSB7dYVubjMrR0wHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvbUx5Z1QwN2JzUFh5 TWhTQjdkWVZ1YmpNclIwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAsqgjDANBgkqhkiG9w0BAQsFAAOCAQEAJHK5Rfv8aLvCz7LqiVQORHJrh19/ GVU0yP+00V0YArxRFaCp8agj/tWt8atyiF1gqgjrumqF+hduaa4VfynBQL55Tc7w hqpOeofvn/UZcrH9ZzvvAmav+HWarpsIXGvrhk8xufoObmWO+TuggShA/dKR74YL Wwv5FTzm28qTyRlR7vW8YmAFtwECXX9lHPiMjCSd3GZsJxslz01tqeHcCKROqjYl FkkBh7YB6GfoW7IzVWoA7q1dtBU4SW7p+sN4zgd6+N5+1IlXL/YvHGKFGr3Q5P0H yU/wwLWFqiytcyQifiDj3AzXsETDxq4tPdFmLm2o1KdYgcW28h/4mF9T6g== -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:37 2025 by rpki-client