$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/uq-MkZpoh2PJmcnyPDST0US-nnY.roa File: uq-MkZpoh2PJmcnyPDST0US-nnY.roa (raw, json) Hash identifier: r5OgYAcvqhHk44bTaajkhUNAOC+lQ7VxL+5woOsocso= Subject key identifier: BA:AF:8C:91:9A:68:87:63:C9:99:C9:F2:3C:34:93:D1:44:BE:9E:76 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1365 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/uq-MkZpoh2PJmcnyPDST0US-nnY.roa Signing time: Mon 21 Apr 2025 07:31:49 +0000 ROA not before: Mon 21 Apr 2025 07:31:49 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146806 IP address blocks: 45.250.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:37:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4965 (0x1365) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Apr 21 07:31:49 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=BAAF8C919A688763C999C9F23C3493D144BE9E76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1a:b8:5e:93:c7:d8:9e:17:c5:a1:1a:64:6d: ff:59:2a:cf:9f:0d:91:52:9f:8b:6b:a1:42:d3:8c: 20:bc:97:4e:f0:47:4b:48:34:81:7b:6f:6b:9c:61: 8f:d4:cd:2c:4c:44:a1:18:5e:de:4e:b3:dc:d4:68: c1:0a:1f:fd:e2:07:f1:e0:64:5b:a9:e9:0d:87:6a: 3a:09:1e:25:f5:7d:66:9f:87:ad:42:60:b8:9e:17: a6:d2:a5:a1:ef:e7:22:57:a2:92:9f:d8:a2:7e:f9: a3:0b:3b:69:07:ca:b6:96:6f:90:2e:fb:cc:54:82: 6c:a7:27:67:75:29:93:c1:3f:ff:f5:a0:84:a0:92: 51:90:0c:fe:8e:4e:4b:1f:83:96:93:c2:14:7f:c8: 18:56:33:bd:9b:3e:c5:43:eb:33:c9:1b:80:d1:3f: 03:b0:a6:57:dc:48:d3:a4:46:f8:79:d2:27:11:4d: ff:03:ae:9f:ff:70:5f:bf:0e:f2:b2:9a:63:28:15: 8d:47:26:d8:1e:9c:89:c8:30:32:38:2f:e0:0c:1a: 82:31:19:60:c2:85:7a:24:54:52:5f:2d:b3:35:4e: 26:47:6a:f7:35:8e:1f:5b:ea:99:a0:42:cb:7a:e9: 24:5f:81:cf:46:94:f1:22:e0:23:71:6d:88:31:f3: 2c:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:AF:8C:91:9A:68:87:63:C9:99:C9:F2:3C:34:93:D1:44:BE:9E:76 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/uq-MkZpoh2PJmcnyPDST0US-nnY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.154.0/24 Signature Algorithm: sha256WithRSAEncryption cc:0c:55:0d:48:32:15:de:a7:8a:85:d5:47:57:a3:57:93:03: c2:68:c5:67:aa:3b:81:5a:31:54:91:66:cd:e1:1c:9e:24:15: e5:ed:e6:ef:ed:90:1b:4f:8d:b6:13:8b:99:c8:9f:78:2c:cd: ea:7c:5b:1a:3e:34:3f:0e:1e:b1:a7:22:aa:59:bf:97:c9:7d: 95:a0:30:ae:3d:81:98:9f:62:76:9e:03:74:84:1b:7e:6d:20: 85:76:9a:76:72:9b:a2:4e:de:17:de:51:48:7a:cf:75:52:69: 9b:43:0e:63:a7:fe:5e:74:d1:be:04:08:f5:a1:f1:f2:a4:17: 8d:57:33:8e:87:5b:da:66:f6:dd:12:34:bc:18:85:d9:14:b6: 4d:64:0a:73:0c:9b:c7:14:a0:2c:2a:cc:7b:5b:60:98:16:4d: cb:e2:b8:f1:11:28:d7:7a:f3:f2:9f:58:81:2e:61:3c:ec:bb: b3:0f:dc:ef:ea:86:97:5b:79:db:be:83:8b:87:2a:91:c7:2f: 2b:a1:07:45:a5:4f:72:da:c8:d9:6c:f5:42:cf:15:50:93:59: 4a:8e:a4:cc:97:f6:1a:4a:48:72:85:78:5f:48:82:d9:85:3c: c4:4b:51:37:35:f6:fb:bd:c3:7e:66:a5:76:af:d6:e9:36:5a: b3:09:8c:bd -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA0MjEw NzMxNDlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEJBQUY4QzkxOUE2ODg3 NjNDOTk5QzlGMjNDMzQ5M0QxNDRCRTlFNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKGrhek8fYnhfFoRpkbf9ZKs+fDZFSn4troULTjCC8l07wR0tI NIF7b2ucYY/UzSxMRKEYXt5Os9zUaMEKH/3iB/HgZFup6Q2HajoJHiX1fWafh61C YLieF6bSpaHv5yJXopKf2KJ++aMLO2kHyraWb5Au+8xUgmynJ2d1KZPBP//1oISg klGQDP6OTksfg5aTwhR/yBhWM72bPsVD6zPJG4DRPwOwplfcSNOkRvh50icRTf8D rp//cF+/DvKymmMoFY1HJtgenInIMDI4L+AMGoIxGWDChXokVFJfLbM1TiZHavc1 jh9b6pmgQst66SRfgc9GlPEi4CNxbYgx8yxVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUuq+MkZpoh2PJmcnyPDST0US+nnYwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvdXEtTWtacG9oMlBK bWNueVBEU1QwVVMtbm5ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC36mjANBgkqhkiG9w0BAQsFAAOCAQEAzAxVDUgyFd6nioXVR1ejV5MDwmjF Z6o7gVoxVJFmzeEcniQV5e3m7+2QG0+NthOLmcifeCzN6nxbGj40Pw4esaciqlm/ l8l9laAwrj2BmJ9idp4DdIQbfm0ghXaadnKbok7eF95RSHrPdVJpm0MOY6f+XnTR vgQI9aHx8qQXjVczjodb2mb23RI0vBiF2RS2TWQKcwybxxSgLCrMe1tgmBZNy+K4 8REo13rz8p9YgS5hPOy7sw/c7+qGl1t5276Di4cqkccvK6EHRaVPctrI2Wz1Qs8V UJNZSo6kzJf2GkpIcoV4X0iC2YU8xEtRNzX2+73Dfmaldq/W6TZaswmMvQ== -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:26 2025 by rpki-client