$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/eYu8i8WLsCDl0cpHYV0xiV9KgPk.roa File: eYu8i8WLsCDl0cpHYV0xiV9KgPk.roa (raw, json) Hash identifier: Hgl/czQiJR245QlSg4cy6iaWEpWFiq9ORvftoROwGWQ= Subject key identifier: 79:8B:BC:8B:C5:8B:B0:20:E5:D1:CA:47:61:5D:31:89:5F:4A:80:F9 Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 1D50 Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/eYu8i8WLsCDl0cpHYV0xiV9KgPk.roa Signing time: Wed 26 Mar 2025 02:11:18 +0000 ROA not before: Wed 26 Mar 2025 02:11:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4515 IP address blocks: 123.49.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 19:05:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7504 (0x1d50) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Mar 26 02:11:18 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=798BBC8BC58BB020E5D1CA47615D31895F4A80F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:7b:9f:0e:24:0e:7f:f1:8f:48:0e:22:21:b5: 04:88:1d:06:51:bc:27:fb:88:bc:41:2f:27:73:8b: 9f:5f:b8:55:b0:6f:c6:c0:01:c7:dc:64:b7:e0:f1: 98:67:d4:14:73:3c:bc:fb:ad:4b:53:91:a1:34:04: f9:80:38:7e:15:91:9a:3d:4c:8b:65:50:bf:8c:e5: 56:dc:07:f7:49:31:e3:0e:5c:fe:62:eb:7a:c1:c5: a7:a4:ec:29:a6:cf:17:0b:8e:d8:45:7a:91:f4:7d: f2:3c:77:e3:d6:fc:17:88:33:8c:92:3a:a7:1e:20: f0:60:2e:af:82:f2:64:9f:b9:77:66:76:59:5a:67: d8:5f:f7:fb:49:33:82:74:ba:2a:0d:ef:d9:d3:4c: fd:80:62:75:aa:c3:8a:d9:b0:b8:22:4a:43:74:e8: 80:48:10:f7:07:7a:2e:ac:8d:a1:49:3e:3b:50:bd: dd:3a:0a:57:d3:21:20:f0:e4:61:1e:41:0d:1c:11: 2f:d3:b9:12:d5:20:68:5f:92:3a:04:58:c6:82:2f: 71:05:3e:eb:63:f8:4a:34:e3:ec:e9:0c:ee:60:54: 62:d5:f8:97:8f:95:0c:a1:fe:97:2b:b8:b1:e9:f2: 9b:bb:d9:b7:be:90:19:f2:6c:4f:61:88:ec:42:d4: ba:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:8B:BC:8B:C5:8B:B0:20:E5:D1:CA:47:61:5D:31:89:5F:4A:80:F9 X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/eYu8i8WLsCDl0cpHYV0xiV9KgPk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.247.0/24 Signature Algorithm: sha256WithRSAEncryption 14:48:03:4a:d7:f1:78:f9:bf:10:05:6e:06:09:de:d3:7b:23: 3f:7b:0a:c6:0b:3b:e0:09:a3:43:20:6a:1e:d6:d4:41:a9:a5: 17:38:6c:29:de:79:8c:14:41:99:a4:29:5c:95:fb:b5:ee:8a: b6:02:58:05:63:af:31:57:5a:e0:4d:66:ff:35:a2:2d:ce:62: ce:71:36:9e:aa:0b:03:e6:d8:ab:6c:bd:34:16:3d:b9:35:42: 82:e6:8d:ee:4e:4a:58:b0:2a:0a:de:7c:bc:1d:80:74:98:4b: 5b:10:6e:0f:06:1a:57:ab:ab:82:07:6b:a5:e4:c4:70:28:d0: 35:45:8d:5a:d8:71:be:ef:d9:0c:0b:f6:a9:52:47:5f:05:1e: e5:31:ec:cf:6a:44:4a:ac:fb:a5:5c:65:0a:8d:8a:28:04:92: 4f:85:ad:b2:61:b4:9d:52:ea:44:81:15:96:54:44:1f:39:7f: 98:6d:9f:73:ba:fb:78:dc:f0:2c:04:c4:4c:42:0f:d7:7c:bf: a3:0a:4f:4a:de:ee:c5:f4:d7:cd:a8:04:72:c6:bf:5c:76:40: 4e:e9:42:b4:c4:ff:b4:df:cf:98:4f:10:d5:b2:b2:df:80:93: 92:01:ea:c6:ed:4a:46:1d:de:40:0a:4b:6c:ac:5c:2f:66:3f: e2:72:55:b0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHVAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTAzMjYw MjExMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDc5OEJCQzhCQzU4QkIw MjBFNUQxQ0E0NzYxNUQzMTg5NUY0QTgwRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDhe58OJA5/8Y9IDiIhtQSIHQZRvCf7iLxBLydzi59fuFWwb8bA AcfcZLfg8Zhn1BRzPLz7rUtTkaE0BPmAOH4VkZo9TItlUL+M5VbcB/dJMeMOXP5i 63rBxaek7CmmzxcLjthFepH0ffI8d+PW/BeIM4ySOqceIPBgLq+C8mSfuXdmdlla Z9hf9/tJM4J0uioN79nTTP2AYnWqw4rZsLgiSkN06IBIEPcHei6sjaFJPjtQvd06 ClfTISDw5GEeQQ0cES/TuRLVIGhfkjoEWMaCL3EFPutj+Eo04+zpDO5gVGLV+JeP lQyh/pcruLHp8pu72be+kBnybE9hiOxC1Lr5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUeYu8i8WLsCDl0cpHYV0xiV9KgPkwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvZVl1OGk4V0xzQ0Rs MGNwSFlWMHhpVjlLZ1BrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHsx9zANBgkqhkiG9w0BAQsFAAOCAQEAFEgDStfxePm/EAVuBgne03sjP3sK xgs74AmjQyBqHtbUQamlFzhsKd55jBRBmaQpXJX7te6KtgJYBWOvMVda4E1m/zWi Lc5iznE2nqoLA+bYq2y9NBY9uTVCguaN7k5KWLAqCt58vB2AdJhLWxBuDwYaV6ur ggdrpeTEcCjQNUWNWthxvu/ZDAv2qVJHXwUe5THsz2pESqz7pVxlCo2KKASST4Wt smG0nVLqRIEVllREHzl/mG2fc7r7eNzwLATETEIP13y/owpPSt7uxfTXzagEcsa/ XHZATulCtMT/tN/PmE8Q1bKy34CTkgHqxu1KRh3eQApLbKxcL2Y/4nJVsA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:44 2025 by rpki-client