$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/c8cUFZDH6O5exb6j4uFUNQZBVwA.roa File: c8cUFZDH6O5exb6j4uFUNQZBVwA.roa (raw, json) Hash identifier: ChxxrTVExxNhWtyTkhs7Lts9bjh8WwMtzGdZlOqpElw= Subject key identifier: 73:C7:14:15:90:C7:E8:EE:5E:C5:BE:A3:E2:E1:54:35:06:41:57:00 Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Certificate serial: 14CF Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/c8cUFZDH6O5exb6j4uFUNQZBVwA.roa Signing time: Wed 09 Apr 2025 06:48:38 +0000 ROA not before: Wed 09 Apr 2025 06:48:38 +0000 ROA not after: Thu 09 Apr 2026 06:41:24 +0000 asID: 34549 IP address blocks: 114.66.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5327 (0x14cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Validity Not Before: Apr 9 06:48:38 2025 GMT Not After : Apr 9 06:41:24 2026 GMT Subject: CN=73C7141590C7E8EE5EC5BEA3E2E1543506415700 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:eb:d2:a9:06:9a:e1:43:00:f2:99:98:90:00: 97:de:ff:de:75:34:82:93:75:51:6c:01:b2:9c:3d: 94:fa:47:61:a1:72:c5:40:c9:20:b2:2d:0c:27:f1: e6:1d:fe:81:92:e3:2a:05:54:85:cd:2f:29:96:df: 28:28:2c:59:a3:89:c3:7f:73:60:fe:6a:d5:16:8f: ee:26:cd:a3:0c:93:eb:1a:bc:c5:86:96:c8:97:74: ca:ff:b6:f3:aa:3e:bd:a3:6c:01:d0:4f:ae:7d:f7: 5e:7d:b9:b0:3d:30:e4:25:43:84:39:7f:b8:35:af: 58:28:8a:8d:b1:dc:de:f5:d6:89:88:ac:a2:db:ac: 96:73:3c:fc:01:d4:8f:2d:74:ec:6d:38:f8:b2:42: 9a:d9:16:94:64:49:54:80:a8:9d:74:dc:c9:85:dd: f6:68:58:6b:a8:9b:05:cf:65:85:ce:ed:7b:6b:3a: e5:bc:80:9d:57:46:d2:43:24:9d:e5:80:e5:82:5e: 2e:7f:4c:40:40:12:5a:9e:34:e2:08:c9:e6:d3:cb: c1:50:81:0d:33:78:a0:9e:88:e4:bb:0f:da:d1:59: d4:f9:c8:bf:8c:fc:16:6e:84:04:18:4b:cc:54:f7: e4:96:45:4f:6b:22:80:64:ce:fe:5c:2a:dd:20:5e: 34:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:C7:14:15:90:C7:E8:EE:5E:C5:BE:A3:E2:E1:54:35:06:41:57:00 X509v3 Authority Key Identifier: keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/c8cUFZDH6O5exb6j4uFUNQZBVwA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.66.212.0/24 Signature Algorithm: sha256WithRSAEncryption c4:c5:aa:09:b5:99:7b:4b:9e:ce:5d:ae:ae:98:e6:68:fd:6f: 95:bc:1e:33:a2:82:b6:c1:80:02:4d:72:62:f3:3a:fd:c0:1e: b7:87:3c:f3:b2:35:64:5d:f8:d0:01:6a:ef:3b:ab:05:63:de: 29:4d:80:82:a3:16:eb:86:b9:e2:5e:a0:b9:53:b9:62:af:2d: 83:8a:26:d1:f2:97:26:b8:4c:14:85:2e:d2:fa:4d:9d:6d:a8: e0:f2:be:6d:5b:18:62:f4:91:66:d8:0b:08:37:58:55:8e:e8: d3:fb:ea:47:bd:77:d2:26:18:17:5f:4f:f0:f5:2f:dc:bd:f2: 43:f6:bd:48:b6:72:96:a5:21:bd:5b:4b:61:33:82:a0:96:9a: f3:56:53:ce:00:b4:43:b0:07:6e:ea:57:92:23:57:64:57:fd: ba:8b:db:75:e2:11:b5:32:c3:3b:00:9f:d4:15:77:69:18:64: e9:d4:5b:d1:b5:5b:17:d6:f0:34:1f:64:94:25:15:6b:8c:7d: f6:f4:b9:04:51:fe:de:ce:5b:9b:1b:0e:15:8c:22:73:4f:77: c3:f1:f1:37:96:77:c6:cc:ac:e3:1d:61:9c:d9:8f:33:50:dc: 86:14:15:2f:26:d9:8a:95:7a:58:f1:17:94:01:69:7e:a8:d8: 51:96:92:54 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2 ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA0MDkw NjQ4MzhaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKDczQzcxNDE1OTBDN0U4 RUU1RUM1QkVBM0UyRTE1NDM1MDY0MTU3MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCU69KpBprhQwDymZiQAJfe/951NIKTdVFsAbKcPZT6R2GhcsVA ySCyLQwn8eYd/oGS4yoFVIXNLymW3ygoLFmjicN/c2D+atUWj+4mzaMMk+savMWG lsiXdMr/tvOqPr2jbAHQT6599159ubA9MOQlQ4Q5f7g1r1goio2x3N711omIrKLb rJZzPPwB1I8tdOxtOPiyQprZFpRkSVSAqJ103MmF3fZoWGuomwXPZYXO7XtrOuW8 gJ1XRtJDJJ3lgOWCXi5/TEBAElqeNOIIyebTy8FQgQ0zeKCeiOS7D9rRWdT5yL+M /BZuhAQYS8xU9+SWRU9rIoBkzv5cKt0gXjRjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUc8cUFZDH6O5exb6j4uFUNQZBVwAwHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvYzhjVUZaREg2TzVl eGI2ajR1RlVOUVpCVndBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJC1DANBgkqhkiG9w0BAQsFAAOCAQEAxMWqCbWZe0uezl2urpjmaP1vlbwe M6KCtsGAAk1yYvM6/cAet4c887I1ZF340AFq7zurBWPeKU2AgqMW64a54l6guVO5 Yq8tg4om0fKXJrhMFIUu0vpNnW2o4PK+bVsYYvSRZtgLCDdYVY7o0/vqR7130iYY F19P8PUv3L3yQ/a9SLZylqUhvVtLYTOCoJaa81ZTzgC0Q7AHbupXkiNXZFf9uovb deIRtTLDOwCf1BV3aRhk6dRb0bVbF9bwNB9klCUVa4x99vS5BFH+3s5bmxsOFYwi c093w/HxN5Z3xsys4x1hnNmPM1DchhQVLybZipV6WPEXlAFpfqjYUZaSVA== -----END CERTIFICATE-----Generated at Sat Apr 26 15:11:04 2025 by rpki-client