$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/I5n1NWJVBvFwHjRL1bty30hEFOo.roa File: I5n1NWJVBvFwHjRL1bty30hEFOo.roa (raw, json) Hash identifier: drvwiQtO0StE5Q0z1cTQ0UnCfs5kaJGrqnyQSTY83zo= Subject key identifier: 23:99:F5:35:62:55:06:F1:70:1E:34:4B:D5:BB:72:DF:48:44:14:EA Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 0654 Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/I5n1NWJVBvFwHjRL1bty30hEFOo.roa Signing time: Tue 04 Mar 2025 06:58:43 +0000 ROA not before: Tue 04 Mar 2025 06:58:43 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 7641 IP address blocks: 42.204.0.0/14 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1620 (0x654) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: Mar 4 06:58:43 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2399F535625506F1701E344BD5BB72DF484414EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:e2:b1:e9:21:d3:e5:79:e7:41:b7:ce:a8:aa: 1f:e3:1a:40:a6:45:ca:56:91:94:d1:82:4a:09:1f: e1:25:09:48:c3:7d:5d:ee:fb:09:48:18:c0:ac:82: 8f:d7:d3:7e:0a:f7:64:66:84:3f:37:93:6d:9b:a4: 6a:67:93:94:4a:ee:00:1d:e1:47:5b:6c:f8:dd:ba: d0:09:3b:98:e6:c6:9b:48:44:86:56:ac:fb:c0:c8: 6b:93:31:2b:5b:d6:d4:77:af:d8:57:e8:eb:e5:43: 89:f7:d7:77:a4:42:9d:4f:88:3b:a7:15:87:d9:ce: 1e:14:9f:0f:be:6e:56:a5:f4:19:06:9e:aa:eb:b8: d5:cb:3a:41:20:08:25:2b:90:29:a7:ea:78:87:fa: 93:52:b6:6d:d0:c9:ec:ba:8c:93:13:5e:09:a7:bd: 5e:bc:7c:83:fc:f1:09:d1:9b:d6:60:5c:80:0e:23: 02:ed:88:ea:2d:db:d4:4a:b4:d8:f8:ba:95:09:75: 59:62:0c:10:3d:0a:90:81:b1:73:08:d5:23:39:2d: 35:9f:d5:21:4f:92:f5:dc:d8:f0:1c:84:96:ca:4b: 92:42:a2:f7:b8:f4:ad:14:6d:a1:a0:db:09:1e:f9: 11:0d:f6:fb:92:05:a8:86:32:59:1b:23:0d:58:e1: 5c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:99:F5:35:62:55:06:F1:70:1E:34:4B:D5:BB:72:DF:48:44:14:EA X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/I5n1NWJVBvFwHjRL1bty30hEFOo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.204.0.0/14 Signature Algorithm: sha256WithRSAEncryption 09:95:29:c0:34:ab:12:38:53:90:b2:8a:b0:92:44:51:4b:04: 37:8e:48:c5:bf:27:b7:5b:6f:cc:e3:4a:30:6a:8b:5a:2d:60: d0:ae:95:6a:6a:5a:4e:a2:92:5c:cd:6f:3b:8c:2d:bc:b0:7a: be:e0:7f:af:00:5c:ca:e6:91:df:19:61:75:c3:7a:5b:49:58: 9b:e3:c8:75:b9:e1:4a:50:22:38:bd:07:06:89:43:4a:f3:32: a3:57:25:8b:7f:0f:d2:8b:96:37:6e:5e:d7:40:27:52:8f:e9: 74:91:ff:65:f0:10:1a:f3:f5:29:10:29:7c:86:93:0f:d9:f8: 43:79:43:ba:93:0e:06:ac:ab:0a:59:28:15:2e:ac:83:f4:05: 5e:03:c8:a8:d8:23:1f:d1:4f:6b:cf:cf:49:bf:52:dc:13:0b: 1d:31:b5:b7:39:e3:22:fe:90:75:a4:eb:8a:43:f1:b7:d9:cc: 48:ba:63:1f:23:19:3e:c3:59:2c:ab:a8:2b:68:fe:82:45:d8: 43:b0:df:b2:f9:e1:93:6e:b3:c9:57:f9:9e:cb:60:f3:df:e3: e4:f1:af:15:a8:17:3f:71:00:6b:16:51:83:e0:3f:b8:56:b1: 49:50:a4:92:c1:cc:d8:74:92:ec:90:96:c3:9d:9b:6c:aa:60: 8b:be:a3:39 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICBlQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTAzMDQw NjU4NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIzOTlGNTM1NjI1NTA2 RjE3MDFFMzQ0QkQ1QkI3MkRGNDg0NDE0RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCt4rHpIdPleedBt86oqh/jGkCmRcpWkZTRgkoJH+ElCUjDfV3u +wlIGMCsgo/X034K92RmhD83k22bpGpnk5RK7gAd4UdbbPjdutAJO5jmxptIRIZW rPvAyGuTMStb1tR3r9hX6OvlQ4n313ekQp1PiDunFYfZzh4Unw++blal9BkGnqrr uNXLOkEgCCUrkCmn6niH+pNStm3Qyey6jJMTXgmnvV68fIP88QnRm9ZgXIAOIwLt iOot29RKtNj4upUJdVliDBA9CpCBsXMI1SM5LTWf1SFPkvXc2PAchJbKS5JCove4 9K0UbaGg2wke+REN9vuSBaiGMlkbIw1Y4VyJAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQUI5n1NWJVBvFwHjRL1bty30hEFOowHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy9JNW4xTldKVkJ2RndIalJM MWJ0eTMwaEVGT28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMC KswwDQYJKoZIhvcNAQELBQADggEBAAmVKcA0qxI4U5CyirCSRFFLBDeOSMW/J7db b8zjSjBqi1otYNCulWpqWk6iklzNbzuMLbywer7gf68AXMrmkd8ZYXXDeltJWJvj yHW54UpQIji9BwaJQ0rzMqNXJYt/D9KLljduXtdAJ1KP6XSR/2XwEBrz9SkQKXyG kw/Z+EN5Q7qTDgasqwpZKBUurIP0BV4DyKjYIx/RT2vPz0m/UtwTCx0xtbc54yL+ kHWk64pD8bfZzEi6Yx8jGT7DWSyrqCto/oJF2EOw37L54ZNus8lX+Z7LYPPf4+Tx rxWoFz9xAGsWUYPgP7hWsUlQpJLBzNh0kuyQlsOdm2yqYIu+ozk= -----END CERTIFICATE-----Generated at Fri Apr 4 18:43:17 2025 by rpki-client