$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/NBU-Fjpng-fIM7FOJ-bo-ZrSyeo.roa File: NBU-Fjpng-fIM7FOJ-bo-ZrSyeo.roa (raw, json) Hash identifier: NoAdiBRSj2MPKratBpWYTmG1nBombkXXFayuCYIwDFM= Subject key identifier: 34:15:3E:16:3A:67:83:E7:C8:33:B1:4E:27:E6:E8:F9:9A:D2:C9:EA Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 11 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/NBU-Fjpng-fIM7FOJ-bo-ZrSyeo.roa Signing time: Wed 15 Jan 2025 02:41:18 +0000 ROA not before: Wed 15 Jan 2025 02:41:18 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 142132 IP address blocks: 114.28.206.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 22:57:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Jan 15 02:41:18 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=34153E163A6783E7C833B14E27E6E8F99AD2C9EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:2c:d8:38:61:53:f1:4a:92:25:6d:d7:0d:33: 6d:08:f9:f1:61:d7:21:41:95:fb:7e:fd:0e:a1:9a: 9b:26:85:a0:9c:e1:bc:f0:69:3d:35:ab:22:b6:aa: ef:84:35:3f:d0:5e:7c:f5:ad:bf:0f:99:49:6e:90: 53:f3:3f:a0:64:71:b9:d1:50:c6:2f:0c:9b:68:8d: e4:6e:39:99:2b:e4:c7:0d:f6:2c:8a:71:e5:63:bb: 38:9b:7f:b9:04:90:2f:e0:7a:bc:7e:52:dd:c6:90: 5d:cb:48:b6:a4:6f:1a:61:65:78:4a:20:28:a2:0e: cc:2e:30:49:30:8a:0c:e4:73:8d:7c:53:02:d7:c1: 05:4f:d2:41:c1:51:6e:42:25:49:15:d7:05:f3:8a: 71:43:b2:cf:fe:f6:9f:e0:29:b2:ac:7b:69:1f:a1: 38:2b:ba:aa:a7:39:ec:ea:6f:bc:98:dd:65:10:07: 0a:81:ba:da:64:79:2e:57:9e:db:be:c9:14:ff:e4: 6e:af:64:d8:01:55:81:d6:67:23:c3:f4:55:2c:42: c0:12:11:95:27:fe:93:15:c2:86:3b:e3:55:99:cd: 4a:e3:74:f6:79:7a:1f:28:9d:33:57:06:22:1b:0f: 81:9c:b1:31:ca:19:b2:19:4f:55:cd:8a:c5:39:9b: 96:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:15:3E:16:3A:67:83:E7:C8:33:B1:4E:27:E6:E8:F9:9A:D2:C9:EA X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/NBU-Fjpng-fIM7FOJ-bo-ZrSyeo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.206.0/24 Signature Algorithm: sha256WithRSAEncryption a1:f0:e5:f7:83:46:1e:bf:41:0a:92:fd:63:20:7f:b4:c2:69: 6d:59:5b:bb:f3:c7:9b:2c:64:86:e3:bf:8e:3e:a1:68:51:b2: 5e:51:04:7c:80:ca:59:5a:a9:df:0b:59:d9:22:4e:0b:3b:b9: ff:4b:fa:d2:55:b9:2e:5a:8e:d3:23:64:df:47:a5:48:70:9f: 7f:76:6a:b2:13:ba:09:87:77:b4:51:92:ec:17:76:24:1a:75: d5:d8:e3:bc:b6:c9:40:e7:28:c6:bf:3b:40:84:4e:65:c4:73: 83:be:b5:92:8e:fe:57:73:ef:8f:e5:59:a8:e1:f4:94:e7:3d: 8f:8b:9b:30:2b:41:a0:ed:e8:6c:6c:36:68:59:82:81:45:9c: 27:95:dd:6f:c5:1d:c8:1c:cc:9f:c9:4f:6b:d4:55:d2:90:63: f0:4a:7f:95:0c:85:3c:12:df:f3:40:72:ec:c4:59:0f:f8:f5: 4a:20:50:98:aa:9d:9a:6b:eb:ee:9e:b9:84:62:c0:c2:ed:fe: 9a:65:45:de:c7:08:cd:51:f4:c9:78:87:c3:28:04:83:e2:06: bd:da:a4:a0:4b:66:f8:a7:56:52:f3:6a:43:4c:ab:f9:d2:44: aa:af:aa:55:35:23:81:ae:62:22:9e:be:89:8b:59:eb:2f:f5: 1e:97:ce:51 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzMDlD MkE5NDNCMjhEQzA4NThDMzlCOTIwOEExNjA5QzA5NzNFNDlBMB4XDTI1MDExNTAy NDExOFoXDTI2MDExMzAxMzUyNlowMzExMC8GA1UEAxMoMzQxNTNFMTYzQTY3ODNF N0M4MzNCMTRFMjdFNkU4Rjk5QUQyQzlFQTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAK0s2DhhU/FKkiVt1w0zbQj58WHXIUGV+379DqGamyaFoJzhvPBp PTWrIraq74Q1P9BefPWtvw+ZSW6QU/M/oGRxudFQxi8Mm2iN5G45mSvkxw32LIpx 5WO7OJt/uQSQL+B6vH5S3caQXctItqRvGmFleEogKKIOzC4wSTCKDORzjXxTAtfB BU/SQcFRbkIlSRXXBfOKcUOyz/72n+Apsqx7aR+hOCu6qqc57OpvvJjdZRAHCoG6 2mR5Llee277JFP/kbq9k2AFVgdZnI8P0VSxCwBIRlSf+kxXChjvjVZnNSuN09nl6 HyidM1cGIhsPgZyxMcoZshlPVc2KxTmblhMCAwEAAaOCAfEwggHtMB0GA1UdDgQW BBQ0FT4WOmeD58gzsU4n5uj5mtLJ6jAfBgNVHSMEGDAWgBQwnCqUOyjcCFjDm5II oWCcCXPkmjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjAv TUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9NSndxbERzbzNBaFl3NXVTQ0tGZ25BbHo1Sm8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82MjAvTkJVLUZqcG5nLWZJTTdG T0otYm8tWnJTeWVvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AHIczjANBgkqhkiG9w0BAQsFAAOCAQEAofDl94NGHr9BCpL9YyB/tMJpbVlbu/PH myxkhuO/jj6haFGyXlEEfIDKWVqp3wtZ2SJOCzu5/0v60lW5LlqO0yNk30elSHCf f3ZqshO6CYd3tFGS7Bd2JBp11djjvLbJQOcoxr87QIROZcRzg761ko7+V3Pvj+VZ qOH0lOc9j4ubMCtBoO3obGw2aFmCgUWcJ5Xdb8UdyBzMn8lPa9RV0pBj8Ep/lQyF PBLf80By7MRZD/j1SiBQmKqdmmvr7p65hGLAwu3+mmVF3scIzVH0yXiHwygEg+IG vdqkoEtm+KdWUvNqQ0yr+dJEqq+qVTUjga5iIp6+iYtZ6y/1HpfOUQ== -----END CERTIFICATE-----Generated at Wed Feb 19 20:31:56 2025 by rpki-client