$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/tI94S2liWtgOiUzZTuhdRlTV3is.roa File: tI94S2liWtgOiUzZTuhdRlTV3is.roa (raw, json) Hash identifier: TeJKMyOhh/szTwGGXHEUIUrBALLZVyg5cmH6YuNr6l8= Subject key identifier: B4:8F:78:4B:69:62:5A:D8:0E:89:4C:D9:4E:E8:5D:46:54:D5:DE:2B Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1361 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/tI94S2liWtgOiUzZTuhdRlTV3is.roa Signing time: Mon 21 Apr 2025 07:31:48 +0000 ROA not before: Mon 21 Apr 2025 07:31:48 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146806 IP address blocks: 45.250.152.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:37:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4961 (0x1361) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Apr 21 07:31:48 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=B48F784B69625AD80E894CD94EE85D4654D5DE2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:24:76:a8:23:84:d0:34:52:95:d1:ee:1d:33: 28:77:0c:fd:93:55:96:7f:53:6c:56:60:03:c3:d1: b6:8c:8e:14:20:5f:a4:a7:7d:7c:fd:d6:9e:c8:29: aa:37:d3:bb:e2:77:94:f0:5f:ae:02:08:80:5f:94: ca:2d:f3:d9:fd:60:e2:50:00:6f:8e:31:a7:3a:d2: e7:35:65:bc:3c:74:0a:f0:7f:71:48:2a:8d:f6:6e: 39:f1:d4:40:f5:b5:34:00:4d:bc:1b:23:51:21:9c: 7e:e4:59:b4:d4:6d:93:f0:87:85:f1:d7:8b:21:79: 5a:c4:b8:3a:e6:3c:03:2f:1e:81:21:43:d7:e3:e0: 2f:83:66:c1:91:b1:0f:ae:cb:ba:a4:63:a5:62:8c: e3:c0:cc:5b:0a:19:7e:ca:29:04:b5:8b:f5:34:75: f9:95:86:3a:8a:79:4a:3f:a2:fd:ec:5f:3e:72:b3: b0:e1:90:99:32:98:db:ad:32:d9:2a:03:50:4d:ae: 4c:03:8f:30:26:5f:70:1f:07:de:88:4c:ff:40:16: 2e:b8:f5:c6:09:ae:28:a4:6e:38:d4:0a:6b:88:82: 81:31:1b:20:7e:18:04:e7:a2:87:17:14:21:6c:ee: ab:70:a6:9a:7d:66:f3:85:6e:12:53:6a:b8:ee:c2: 84:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:8F:78:4B:69:62:5A:D8:0E:89:4C:D9:4E:E8:5D:46:54:D5:DE:2B X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/tI94S2liWtgOiUzZTuhdRlTV3is.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.152.0/22 Signature Algorithm: sha256WithRSAEncryption 92:a8:5a:28:09:8d:e9:60:b2:16:b1:b4:be:b1:9a:28:98:e0: fb:bd:24:f5:e3:27:cd:5b:16:84:9b:88:dd:a6:69:05:c7:77: ef:6f:cc:49:a4:b4:31:87:33:13:0b:9b:3e:ac:fa:14:1c:a9: 41:8e:4a:7b:dd:ef:6a:dd:f2:61:c0:ea:8e:8f:bc:f5:33:c6: 7c:fc:59:8a:58:11:10:c0:00:53:8d:a0:c1:46:92:a7:2a:ba: 23:b7:bd:0b:1c:fe:a7:24:d8:76:2d:c3:bc:fa:5e:45:97:7c: 72:2c:cd:1d:52:45:07:dc:55:11:79:7e:db:71:47:c4:86:ec: 25:86:26:b2:fd:14:bb:d8:81:c1:ff:2b:25:6e:cc:d8:d2:84: 3b:23:c2:fc:d0:e8:df:ba:2d:0b:b2:14:28:51:61:44:fc:e9: ae:3a:b1:cb:a6:d6:ca:05:9e:e5:f2:d0:a2:92:9a:9d:64:71: eb:26:e1:47:27:4d:0a:00:01:e1:71:dd:f6:a6:1a:8d:46:c2: d2:b5:c7:a3:49:9c:ee:4c:88:97:47:5c:43:4f:ad:ea:a1:d3: a4:fa:a7:9b:6e:01:43:13:19:14:73:71:6b:b5:07:f9:55:4b: bf:c6:07:1b:ae:b3:c8:4d:57:0d:62:46:34:35:d1:ff:15:c0: f2:8b:ee:57 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE2EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA0MjEw NzMxNDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI0OEY3ODRCNjk2MjVB RDgwRTg5NENEOTRFRTg1RDQ2NTRENURFMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsJHaoI4TQNFKV0e4dMyh3DP2TVZZ/U2xWYAPD0baMjhQgX6Sn fXz91p7IKao307vid5TwX64CCIBflMot89n9YOJQAG+OMac60uc1Zbw8dArwf3FI Ko32bjnx1ED1tTQATbwbI1EhnH7kWbTUbZPwh4Xx14sheVrEuDrmPAMvHoEhQ9fj 4C+DZsGRsQ+uy7qkY6VijOPAzFsKGX7KKQS1i/U0dfmVhjqKeUo/ov3sXz5ys7Dh kJkymNutMtkqA1BNrkwDjzAmX3AfB96ITP9AFi649cYJriikbjjUCmuIgoExGyB+ GATnoocXFCFs7qtwppp9ZvOFbhJTarjuwoQfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUtI94S2liWtgOiUzZTuhdRlTV3iswHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvdEk5NFMybGlXdGdP aVV6WlR1aGRSbFRWM2lzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAi36mDANBgkqhkiG9w0BAQsFAAOCAQEAkqhaKAmN6WCyFrG0vrGaKJjg+70k 9eMnzVsWhJuI3aZpBcd372/MSaS0MYczEwubPqz6FBypQY5Ke93vat3yYcDqjo+8 9TPGfPxZilgREMAAU42gwUaSpyq6I7e9Cxz+pyTYdi3DvPpeRZd8cizNHVJFB9xV EXl+23FHxIbsJYYmsv0Uu9iBwf8rJW7M2NKEOyPC/NDo37otC7IUKFFhRPzprjqx y6bWygWe5fLQopKanWRx6ybhRydNCgAB4XHd9qYajUbC0rXHo0mc7kyIl0dcQ0+t 6qHTpPqnm24BQxMZFHNxa7UH+VVLv8YHG66zyE1XDWJGNDXR/xXA8ovuVw== -----END CERTIFICATE-----Generated at Sat Apr 26 14:37:04 2025 by rpki-client