$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/kDW1cRo86YzzeBsDbuuqb0TPbSY.roa File: kDW1cRo86YzzeBsDbuuqb0TPbSY.roa (raw, json) Hash identifier: zH0Bb/tnJndPjBUYLdvYRyQIrO9oLPTeV3JZ/lVlA58= Subject key identifier: 90:35:B5:71:1A:3C:E9:8C:F3:78:1B:03:6E:EB:AA:6F:44:CF:6D:26 Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 1D53 Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/kDW1cRo86YzzeBsDbuuqb0TPbSY.roa Signing time: Wed 26 Mar 2025 02:11:19 +0000 ROA not before: Wed 26 Mar 2025 02:11:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4515 IP address blocks: 123.49.237.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7507 (0x1d53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Mar 26 02:11:19 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9035B5711A3CE98CF3781B036EEBAA6F44CF6D26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:84:69:55:d4:53:fe:d7:98:88:29:7e:56:fc: da:36:9d:04:42:4b:03:54:c6:fa:5d:4e:eb:67:be: ab:06:a9:8b:b1:2a:c7:3c:59:b4:23:56:89:c5:c9: be:29:a8:89:ed:dc:7a:41:1b:e3:09:d3:0b:7a:b2: 20:e2:08:1c:4d:d7:23:ed:6d:70:81:b1:ad:41:84: 9f:7a:d4:90:34:b4:72:e5:ad:b6:ae:ce:e0:4c:18: 72:5e:73:08:c4:8a:08:c3:e1:cd:a1:8f:62:ab:49: 5d:2b:1b:2c:5f:61:32:91:d4:fd:bd:31:dd:7c:1f: c3:54:5d:94:6c:16:38:ba:db:0d:6c:20:5c:12:2e: 7c:72:26:1f:02:80:d7:59:13:9f:45:80:f2:6c:d6: 24:7c:9a:4e:f2:a2:7b:f6:eb:5e:60:ff:d0:68:3a: db:66:58:7e:ea:c5:67:c7:41:84:70:d2:6d:87:31: 3d:70:d6:d1:74:87:ac:01:d8:13:5b:61:1f:ea:85: 52:48:ed:47:be:03:a2:39:2e:b8:5d:73:5d:f4:a5: 80:18:49:4a:93:92:3a:d2:4f:c5:87:22:c3:26:9e: d3:3f:25:97:d2:36:a2:ee:c4:dd:83:22:f8:ec:9e: 53:fd:5d:72:3d:29:90:86:85:d9:c0:76:61:38:1f: 76:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:35:B5:71:1A:3C:E9:8C:F3:78:1B:03:6E:EB:AA:6F:44:CF:6D:26 X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/kDW1cRo86YzzeBsDbuuqb0TPbSY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.237.0/24 Signature Algorithm: sha256WithRSAEncryption 6c:06:f7:86:24:ac:fd:86:7c:75:ea:8c:0f:a6:3e:92:47:52: 35:90:76:0a:37:fc:79:5c:30:26:e9:fe:68:91:79:f3:0a:a6: df:81:a6:75:91:27:37:4b:01:e9:b3:9c:0d:ba:56:95:3c:15: 5d:90:57:4a:65:f5:d7:8a:54:e8:7e:88:56:b3:6b:9e:92:9b: a3:56:06:91:67:f2:f7:a4:57:2c:59:4b:cf:7c:2f:d0:85:6a: a0:ee:a5:99:65:98:e5:9a:2a:33:72:b9:2c:e7:2f:b4:d0:6f: 2f:60:c7:ff:55:6c:67:c9:8c:6f:bd:d8:d0:aa:5a:df:c7:91: 53:84:a2:e3:53:19:f4:60:dd:aa:04:a1:44:01:dc:b3:42:25: f6:b2:22:e5:40:c1:3f:04:91:2e:6f:8f:c7:36:de:7b:b6:0d: cb:e5:1d:d1:c2:ef:b5:61:a1:3c:20:6e:b2:a4:3c:0f:95:35: 07:25:de:cf:de:5e:69:9e:f4:15:4c:ad:5b:74:50:95:e2:6f: a0:d3:12:64:79:50:19:3f:95:c8:6b:c4:5a:88:ff:4a:a9:d9: 21:81:72:d4:f7:72:ed:05:49:56:8e:2b:60:ef:fe:30:92:32: 43:fc:2a:c9:19:47:d9:87:33:ff:fc:65:37:94:8e:10:ba:d6: 0e:74:dd:a6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHVMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTAzMjYw MjExMTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkwMzVCNTcxMUEzQ0U5 OENGMzc4MUIwMzZFRUJBQTZGNDRDRjZEMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDbhGlV1FP+15iIKX5W/No2nQRCSwNUxvpdTutnvqsGqYuxKsc8 WbQjVonFyb4pqInt3HpBG+MJ0wt6siDiCBxN1yPtbXCBsa1BhJ961JA0tHLlrbau zuBMGHJecwjEigjD4c2hj2KrSV0rGyxfYTKR1P29Md18H8NUXZRsFji62w1sIFwS LnxyJh8CgNdZE59FgPJs1iR8mk7yonv2615g/9BoOttmWH7qxWfHQYRw0m2HMT1w 1tF0h6wB2BNbYR/qhVJI7Ue+A6I5Lrhdc130pYAYSUqTkjrST8WHIsMmntM/JZfS NqLuxN2DIvjsnlP9XXI9KZCGhdnAdmE4H3alAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUkDW1cRo86YzzeBsDbuuqb0TPbSYwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIva0RXMWNSbzg2WXp6 ZUJzRGJ1dXFiMFRQYlNZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHsx7TANBgkqhkiG9w0BAQsFAAOCAQEAbAb3hiSs/YZ8deqMD6Y+kkdSNZB2 Cjf8eVwwJun+aJF58wqm34GmdZEnN0sB6bOcDbpWlTwVXZBXSmX114pU6H6IVrNr npKbo1YGkWfy96RXLFlLz3wv0IVqoO6lmWWY5ZoqM3K5LOcvtNBvL2DH/1VsZ8mM b73Y0Kpa38eRU4Si41MZ9GDdqgShRAHcs0Il9rIi5UDBPwSRLm+Pxzbee7YNy+Ud 0cLvtWGhPCBusqQ8D5U1ByXez95eaZ70FUytW3RQleJvoNMSZHlQGT+VyGvEWoj/ SqnZIYFy1Pdy7QVJVo4rYO/+MJIyQ/wqyRlH2Ycz//xlN5SOELrWDnTdpg== -----END CERTIFICATE-----Generated at Wed Jun 4 00:52:10 2025 by rpki-client