$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/KaWNUh_TG8Mk6sJVwRnXPmiEp0g.roa File: KaWNUh_TG8Mk6sJVwRnXPmiEp0g.roa (raw, json) Hash identifier: Qafk9mMby1vgCNhomBv1/D3xlTQb7JRe+cNcpklkkiU= Subject key identifier: 29:A5:8D:52:1F:D3:1B:C3:24:EA:C2:55:C1:19:D7:3E:68:84:A7:48 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: A9 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/KaWNUh_TG8Mk6sJVwRnXPmiEp0g.roa Signing time: Thu 13 Feb 2025 06:11:37 +0000 ROA not before: Thu 13 Feb 2025 06:11:37 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 142132 IP address blocks: 114.28.210.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:57:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 169 (0xa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Feb 13 06:11:37 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=29A58D521FD31BC324EAC255C119D73E6884A748 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:17:f1:e3:08:d2:76:92:a7:d0:f0:84:84:30: 47:d3:b7:63:a8:34:bc:5f:91:9c:ea:b8:44:e9:c8: 28:c2:23:05:ef:a7:c8:9c:79:61:01:e6:da:87:09: 4c:69:41:58:01:d7:e3:a3:48:40:9d:bc:41:0e:9c: 52:5d:5d:c8:4f:04:57:0c:0d:e1:8c:1a:40:20:dd: ed:e3:89:ab:0c:26:0f:5d:9e:ad:4c:41:8b:4f:e7: 8f:d3:af:78:66:89:ab:62:de:28:f2:80:29:61:d5: 96:4c:7c:93:58:49:61:7f:b2:a5:49:53:4a:fb:b1: 88:3b:65:18:d1:91:90:d5:70:84:b5:be:d5:93:b3: b0:6b:13:5b:34:54:a7:88:76:d2:b9:d8:9e:b4:58: 55:34:d2:b4:be:9e:51:5c:fb:a1:0b:64:ee:01:79: bd:52:fb:6b:40:12:bc:72:b2:08:3d:ba:68:f1:40: 23:ba:62:77:b3:dd:3a:56:26:4e:fa:3c:4d:71:03: aa:37:e4:14:5b:75:9c:14:69:2c:37:08:f5:52:f5: 01:3e:27:13:9b:45:8d:50:ad:54:91:e9:5c:f3:0e: 5b:41:78:e7:d4:1a:60:7e:91:3f:0b:f5:23:64:40: 9c:b6:72:d9:45:69:d2:86:3b:1b:7e:7c:9e:42:ff: e7:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:A5:8D:52:1F:D3:1B:C3:24:EA:C2:55:C1:19:D7:3E:68:84:A7:48 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/KaWNUh_TG8Mk6sJVwRnXPmiEp0g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.210.0/24 Signature Algorithm: sha256WithRSAEncryption cf:06:49:0e:f6:82:cd:0b:5c:4a:9b:23:04:10:21:a0:03:41: 2c:e8:d3:9e:44:21:d4:32:10:0c:b8:ea:7b:3d:79:3b:d1:6a: 00:80:d4:e9:02:00:fc:ad:09:ff:80:00:68:17:0e:a4:7c:25: f0:99:fb:c4:2d:d0:2c:e5:c2:ea:93:13:80:e8:99:ea:36:de: 88:00:d4:d3:b0:4d:a1:95:3d:16:b8:bd:32:e5:9e:80:fc:b6: 5f:c3:c3:67:20:02:17:84:b3:5e:52:a8:5f:30:9c:0e:49:11: 2e:06:2a:94:bb:28:a5:72:80:82:6c:ed:9f:c4:ea:e2:9f:4a: 5c:bf:cf:5e:1d:5d:83:90:0e:a2:4d:7e:60:f4:9a:26:b7:75: eb:1a:40:a0:ad:63:ec:3a:29:1a:02:c6:d5:c3:ea:61:38:b8: 78:5b:59:c9:05:1e:08:d5:16:5b:de:72:83:3e:0e:8b:de:41: 27:3d:bd:86:8e:91:cd:ae:40:db:d5:c3:68:2a:88:a4:ac:b1: c9:d1:31:e6:b9:87:19:0a:e7:aa:e3:a3:80:d0:62:d5:f7:67: d4:64:10:fe:82:a1:04:3c:f0:9c:06:d5:f1:a4:36:9e:30:61: 3c:3c:c1:4d:13:3e:11:d7:4a:2a:4e:98:9b:20:2f:20:ff:7c: dc:b1:b9:d1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAyMTMw NjExMzdaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDI5QTU4RDUyMUZEMzFC QzMyNEVBQzI1NUMxMTlENzNFNjg4NEE3NDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDoF/HjCNJ2kqfQ8ISEMEfTt2OoNLxfkZzquETpyCjCIwXvp8ic eWEB5tqHCUxpQVgB1+OjSECdvEEOnFJdXchPBFcMDeGMGkAg3e3jiasMJg9dnq1M QYtP54/Tr3hmiati3ijygClh1ZZMfJNYSWF/sqVJU0r7sYg7ZRjRkZDVcIS1vtWT s7BrE1s0VKeIdtK52J60WFU00rS+nlFc+6ELZO4Beb1S+2tAErxysgg9umjxQCO6 Ynez3TpWJk76PE1xA6o35BRbdZwUaSw3CPVS9QE+JxObRY1QrVSR6VzzDltBeOfU GmB+kT8L9SNkQJy2ctlFadKGOxt+fJ5C/+cJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKaWNUh/TG8Mk6sJVwRnXPmiEp0gwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL0thV05VaF9URzhNazZz SlZ3Um5YUG1pRXAwZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHNIwDQYJKoZIhvcNAQELBQADggEBAM8GSQ72gs0LXEqbIwQQIaADQSzo055E IdQyEAy46ns9eTvRagCA1OkCAPytCf+AAGgXDqR8JfCZ+8Qt0CzlwuqTE4Domeo2 3ogA1NOwTaGVPRa4vTLlnoD8tl/Dw2cgAheEs15SqF8wnA5JES4GKpS7KKVygIJs 7Z/E6uKfSly/z14dXYOQDqJNfmD0mia3desaQKCtY+w6KRoCxtXD6mE4uHhbWckF HgjVFlvecoM+DoveQSc9vYaOkc2uQNvVw2gqiKSsscnRMea5hxkK56rjo4DQYtX3 Z9RkEP6CoQQ88JwG1fGkNp4wYTw8wU0TPhHXSipOmJsgLyD/fNyxudE= -----END CERTIFICATE-----Generated at Wed Feb 19 20:34:37 2025 by rpki-client