$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/JvgxkMD8uDPSN5J2IBVUSXcq1CQ.roa File: JvgxkMD8uDPSN5J2IBVUSXcq1CQ.roa (raw, json) Hash identifier: LGZkzecS/oOZB/jgNue3M7MGauHxK1CsafE7hzqN+lM= Subject key identifier: 26:F8:31:90:C0:FC:B8:33:D2:37:92:76:20:15:54:49:77:2A:D4:24 Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 1D51 Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/JvgxkMD8uDPSN5J2IBVUSXcq1CQ.roa Signing time: Wed 26 Mar 2025 02:11:18 +0000 ROA not before: Wed 26 Mar 2025 02:11:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63641 IP address blocks: 123.49.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 19:05:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7505 (0x1d51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Mar 26 02:11:18 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=26F83190C0FCB833D237927620155449772AD424 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:a2:95:60:b1:33:35:61:eb:cb:27:2e:c7:95: 9f:33:dc:93:2e:8c:ac:03:5f:02:4e:b5:94:bf:f5: 65:10:92:ea:73:d6:6d:a6:b0:72:8b:92:f2:cb:dc: de:dd:09:dc:80:32:4f:ff:53:e3:ae:b5:8a:70:a9: b8:cd:c4:8d:43:cf:81:ee:9e:ac:91:7a:af:76:12: 4a:cc:28:dd:48:78:97:31:ff:3a:8f:fb:e1:b1:fe: cb:85:77:32:9d:0f:9f:d9:78:49:d3:a4:8c:57:b0: 44:d2:ea:4f:2f:35:8d:37:36:25:70:12:92:29:c9: 9c:7c:81:8c:9a:2c:96:48:26:18:2f:7a:16:2f:64: 00:9b:f7:38:98:77:2c:4f:85:44:98:7d:94:df:44: 04:1a:65:75:40:70:8d:a8:92:f5:f5:4e:88:53:50: b2:0a:d4:90:e0:1f:57:df:2b:ac:93:25:fc:5c:92: 1e:e3:e7:18:4a:63:f7:16:b1:e9:8a:bc:eb:86:db: 8e:f1:95:6b:41:a4:83:e1:70:57:da:e9:fe:48:f1: 40:f8:9b:e3:07:9b:7a:9b:87:7b:bb:32:3e:35:5d: 21:7a:99:5d:cd:ce:81:c1:6a:5e:66:14:7a:33:68: 19:b8:5f:43:93:75:be:db:0c:17:d9:97:e8:e4:1d: 8f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:F8:31:90:C0:FC:B8:33:D2:37:92:76:20:15:54:49:77:2A:D4:24 X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/JvgxkMD8uDPSN5J2IBVUSXcq1CQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.247.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:bf:03:05:9c:67:aa:f5:fe:3c:93:e0:ba:fc:83:fc:30:80: 82:7b:f7:e6:77:50:ff:f1:c6:de:87:fa:0b:0d:2c:26:9d:79: f0:ab:51:c3:e4:78:94:81:cf:de:68:40:32:5c:ac:6d:d7:ed: 7d:b1:44:ca:3d:79:68:33:9d:8e:9d:88:63:85:fa:4b:4f:4e: 3b:4e:46:31:fa:a4:f0:65:2a:25:44:1e:b0:0b:72:48:5d:93: e9:f2:f2:7e:c4:dd:ac:62:82:ff:96:e7:c0:6a:da:85:d5:46: f0:8c:21:2d:39:27:b0:fd:4a:dc:0d:09:3c:fb:82:5b:8b:cc: 11:4f:31:ac:49:23:f1:24:de:84:13:9b:cc:24:c4:da:b8:2c: d2:9b:c8:18:2f:cc:9e:79:0f:45:91:02:d2:da:b7:b6:29:ce: e0:7a:ea:ff:99:f2:64:6b:7d:3a:60:5b:96:8d:63:9b:c1:51: ea:00:12:72:0f:6a:1c:8e:a7:73:80:53:b0:cd:e0:d5:cc:98: 03:d4:a8:e1:62:7d:7b:cc:46:cb:a6:2a:d3:26:5f:b4:b9:72: 9c:ee:5f:91:01:e3:31:f8:40:8a:94:be:3a:ed:f3:f6:3c:47: 02:41:f5:16:5b:f8:75:7e:14:46:79:6a:84:6d:4a:26:ef:50: 90:ef:51:70 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTAzMjYw MjExMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI2RjgzMTkwQzBGQ0I4 MzNEMjM3OTI3NjIwMTU1NDQ5NzcyQUQ0MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvopVgsTM1YevLJy7HlZ8z3JMujKwDXwJOtZS/9WUQkupz1m2m sHKLkvLL3N7dCdyAMk//U+OutYpwqbjNxI1Dz4HunqyReq92EkrMKN1IeJcx/zqP ++Gx/suFdzKdD5/ZeEnTpIxXsETS6k8vNY03NiVwEpIpyZx8gYyaLJZIJhgvehYv ZACb9ziYdyxPhUSYfZTfRAQaZXVAcI2okvX1TohTULIK1JDgH1ffK6yTJfxckh7j 5xhKY/cWsemKvOuG247xlWtBpIPhcFfa6f5I8UD4m+MHm3qbh3u7Mj41XSF6mV3N zoHBal5mFHozaBm4X0OTdb7bDBfZl+jkHY+pAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUJvgxkMD8uDPSN5J2IBVUSXcq1CQwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvSnZneGtNRDh1RFBT TjVKMklCVlVTWGNxMUNRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHsx9zANBgkqhkiG9w0BAQsFAAOCAQEAXb8DBZxnqvX+PJPguvyD/DCAgnv3 5ndQ//HG3of6Cw0sJp158KtRw+R4lIHP3mhAMlysbdftfbFEyj15aDOdjp2IY4X6 S09OO05GMfqk8GUqJUQesAtySF2T6fLyfsTdrGKC/5bnwGrahdVG8IwhLTknsP1K 3A0JPPuCW4vMEU8xrEkj8STehBObzCTE2rgs0pvIGC/MnnkPRZEC0tq3tinO4Hrq /5nyZGt9OmBblo1jm8FR6gAScg9qHI6nc4BTsM3g1cyYA9So4WJ9e8xGy6Yq0yZf tLlynO5fkQHjMfhAipS+Ou3z9jxHAkH1Flv4dX4URnlqhG1KJu9QkO9RcA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:55 2025 by rpki-client