$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/xcZ13sMBOCL9f3oVxJIqy0PBakg.roa File: xcZ13sMBOCL9f3oVxJIqy0PBakg.roa (raw, json) Hash identifier: rInPvaJnhm7w24z2yjKPV6t67OqR//YTuUZvSlHw0sE= Subject key identifier: C5:C6:75:DE:C3:01:38:22:FD:7F:7A:15:C4:92:2A:CB:43:C1:6A:48 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1362 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/xcZ13sMBOCL9f3oVxJIqy0PBakg.roa Signing time: Mon 21 Apr 2025 07:31:48 +0000 ROA not before: Mon 21 Apr 2025 07:31:48 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 146806 IP address blocks: 45.250.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:37:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4962 (0x1362) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Apr 21 07:31:48 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=C5C675DEC3013822FD7F7A15C4922ACB43C16A48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:71:6c:4c:c7:80:d2:6c:24:04:f4:3f:44:a7: 74:02:fd:db:9f:da:68:98:57:5d:54:81:8f:1c:ed: 96:94:ce:ec:36:19:93:9f:55:0e:6c:59:30:28:10: af:6b:b4:36:87:c6:ba:22:49:c0:e0:b7:4f:4f:63: 60:3c:54:87:16:39:ca:1b:c7:ca:9a:16:76:42:ce: a8:b9:e0:f6:79:53:70:c0:0b:35:33:75:52:b4:d6: 4c:7b:f1:ed:91:7b:6d:9c:19:e2:58:a1:41:94:f9: 4c:3f:ab:dd:0a:c4:f7:8f:bb:5d:ca:58:1a:3d:0f: 28:c6:d1:70:12:72:26:7c:94:e3:1b:47:d3:6d:c1: f0:88:47:97:f2:0f:2b:f9:f1:c5:14:1d:ed:75:6c: 15:fe:86:40:49:4e:7a:bf:d0:d4:44:8d:e5:85:50: 82:1f:56:bf:41:89:72:cb:82:e6:d8:9c:1b:c1:d6: 5c:f7:4f:86:72:17:ef:bd:65:5e:47:fc:9d:8c:19: 5d:31:06:fc:e4:e4:b5:98:c0:2c:58:67:46:2c:b2: 36:86:6f:68:e5:d4:70:bc:21:a5:8e:32:50:a3:df: 3b:cc:a4:3d:8c:70:7e:20:c7:9e:22:d8:1c:7f:51: 1b:d2:cd:67:47:f7:b0:07:8b:4d:6e:51:d4:1f:23: d2:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:C6:75:DE:C3:01:38:22:FD:7F:7A:15:C4:92:2A:CB:43:C1:6A:48 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/xcZ13sMBOCL9f3oVxJIqy0PBakg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.153.0/24 Signature Algorithm: sha256WithRSAEncryption d9:21:78:52:d0:f6:25:27:9b:f8:0d:12:b0:ec:48:b8:a8:cc: 30:1b:d9:d2:54:b5:c5:36:38:c8:aa:89:54:0f:b2:f1:c4:22: a5:39:f6:2f:1e:fe:71:15:9c:ef:a9:9d:8a:03:a8:a3:1e:2e: 0d:25:d9:5d:6e:4e:7c:f8:90:21:d8:59:93:14:c2:a1:4b:f6: 22:62:4e:6a:d7:77:bb:46:4c:82:6a:24:91:c1:cc:16:12:0a: d1:a6:5a:44:be:ba:ec:ef:10:34:2f:dc:26:74:33:4f:0b:f2: 05:d0:c2:eb:2e:44:e8:bb:b4:4f:4e:38:cb:79:f4:cb:c7:69: c9:1c:84:0c:89:f0:37:50:18:ec:2f:a9:c6:6a:3e:c6:f1:7a: e4:1c:c9:9d:2a:f3:1e:6c:d9:ef:63:57:66:65:c3:f3:05:cb: 8d:68:6f:8d:b6:da:ac:eb:d7:2b:71:4c:ea:c7:77:3b:e5:4b: 78:f7:46:a4:84:6a:85:a2:f5:0e:cf:75:53:19:e2:22:5d:17: 82:e7:95:6c:c3:f3:5c:47:95:69:7f:16:0e:a0:f3:37:0f:77: 03:9c:23:ee:b5:47:d4:db:dc:97:e1:ec:b0:ce:88:4e:f5:a4: 5e:7f:0e:bf:f9:ef:c1:b4:fb:06:c9:e5:be:b9:52:74:b5:c6: f5:4f:fd:4a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE2IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTA0MjEw NzMxNDhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM1QzY3NURFQzMwMTM4 MjJGRDdGN0ExNUM0OTIyQUNCNDNDMTZBNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfcWxMx4DSbCQE9D9Ep3QC/duf2miYV11UgY8c7ZaUzuw2GZOf VQ5sWTAoEK9rtDaHxroiScDgt09PY2A8VIcWOcobx8qaFnZCzqi54PZ5U3DACzUz dVK01kx78e2Re22cGeJYoUGU+Uw/q90KxPePu13KWBo9DyjG0XASciZ8lOMbR9Nt wfCIR5fyDyv58cUUHe11bBX+hkBJTnq/0NREjeWFUIIfVr9BiXLLgubYnBvB1lz3 T4ZyF++9ZV5H/J2MGV0xBvzk5LWYwCxYZ0YssjaGb2jl1HC8IaWOMlCj3zvMpD2M cH4gx54i2Bx/URvSzWdH97AHi01uUdQfI9IjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUxcZ13sMBOCL9f3oVxJIqy0PBakgwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgveGNaMTNzTUJPQ0w5 ZjNvVnhKSXF5MFBCYWtnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC36mTANBgkqhkiG9w0BAQsFAAOCAQEA2SF4UtD2JSeb+A0SsOxIuKjMMBvZ 0lS1xTY4yKqJVA+y8cQipTn2Lx7+cRWc76mdigOoox4uDSXZXW5OfPiQIdhZkxTC oUv2ImJOatd3u0ZMgmokkcHMFhIK0aZaRL667O8QNC/cJnQzTwvyBdDC6y5E6Lu0 T044y3n0y8dpyRyEDInwN1AY7C+pxmo+xvF65BzJnSrzHmzZ72NXZmXD8wXLjWhv jbbarOvXK3FM6sd3O+VLePdGpIRqhaL1Ds91UxniIl0XgueVbMPzXEeVaX8WDqDz Nw93A5wj7rVH1Nvcl+HssM6ITvWkXn8Ov/nvwbT7BsnlvrlSdLXG9U/9Sg== -----END CERTIFICATE-----Generated at Sat Apr 26 14:31:16 2025 by rpki-client