$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/33/4cLX9iCz9j4UMXO3ryUlADdFmq4.roa File: 4cLX9iCz9j4UMXO3ryUlADdFmq4.roa (raw, json) Hash identifier: BxvhNstrmCO1v2uBFcsxuHSxwrVzJAjNSJpdxI3xEc8= Subject key identifier: E1:C2:D7:F6:20:B3:F6:3E:14:31:73:B7:AF:25:25:00:37:45:9A:AE Certificate issuer: /CN=2C0314DFDED41AB611D99F542063982FE38080BA Certificate serial: 06EF Authority key identifier: 2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/4cLX9iCz9j4UMXO3ryUlADdFmq4.roa Signing time: Tue 01 Apr 2025 07:01:57 +0000 ROA not before: Tue 01 Apr 2025 07:01:57 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 146788 IP address blocks: 117.124.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1775 (0x6ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2C0314DFDED41AB611D99F542063982FE38080BA Validity Not Before: Apr 1 07:01:57 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=E1C2D7F620B3F63E143173B7AF25250037459AAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:8b:59:bd:b8:46:3a:fd:74:dc:f6:f0:89:90: 1e:91:de:64:bb:df:6f:09:2a:8d:73:28:b6:05:3b: 0b:94:d5:c2:54:14:8d:0d:4b:a3:ef:4f:f5:2b:35: 05:40:92:ee:d7:7e:b7:12:26:39:cb:f4:32:71:2a: 01:89:ad:18:55:72:8e:a6:e7:32:47:96:8c:7b:ca: 40:0b:32:4d:42:31:d3:71:10:3b:49:a7:a9:8c:ed: da:83:6f:28:7c:56:ca:d5:c9:1f:80:45:f2:9d:95: 76:58:91:e3:f5:91:48:e4:01:7a:85:4f:aa:13:e4: b3:89:2f:57:ab:34:ea:84:6d:24:ee:41:bd:9c:92: 5d:f5:24:0a:60:af:fc:fc:e4:c7:7d:c5:04:83:ea: b5:85:45:6d:96:66:67:28:0b:2b:d0:40:5e:d6:da: 9a:11:5a:fb:ad:03:4d:db:fc:83:af:9b:52:bd:ad: 42:a3:38:0b:03:e1:d2:4d:57:81:24:17:8d:4e:38: 02:90:4a:8e:89:0e:e4:47:e7:aa:bc:d6:ee:d9:be: 0e:fa:b2:ea:e3:81:e7:26:f8:41:2d:e3:5b:ce:1d: d9:0d:42:b3:a2:de:51:c5:46:f1:ce:54:11:a1:2e: 42:88:c3:ed:e2:37:ed:6f:54:10:70:1a:db:b0:e4: 86:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:C2:D7:F6:20:B3:F6:3E:14:31:73:B7:AF:25:25:00:37:45:9A:AE X509v3 Authority Key Identifier: keyid:2C:03:14:DF:DE:D4:1A:B6:11:D9:9F:54:20:63:98:2F:E3:80:80:BA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/LAMU397UGrYR2Z9UIGOYL-OAgLo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LAMU397UGrYR2Z9UIGOYL-OAgLo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/33/4cLX9iCz9j4UMXO3ryUlADdFmq4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 117.124.0.0/16 Signature Algorithm: sha256WithRSAEncryption 3e:02:aa:85:24:da:74:2c:b3:e8:31:b9:d0:df:46:d6:3c:11: b1:7c:b3:f3:8d:2b:7f:a5:d3:72:74:ac:83:41:58:ff:5f:fd: 39:28:fa:a1:65:f2:e1:e3:c1:ea:e4:36:86:89:41:6d:a8:2f: f3:aa:4b:99:04:ed:2e:9e:f0:dd:36:ae:bd:20:90:16:39:a9: 6e:1f:9f:20:1c:82:b0:71:30:22:02:9d:b1:2e:55:67:e6:49: 99:87:b1:b3:0e:ee:0c:28:25:77:11:49:ff:15:36:48:7b:bd: c0:45:d3:40:e9:27:cb:fc:93:5c:a4:54:99:13:26:db:b5:97: 75:c4:33:8b:57:2f:06:5f:71:c3:3e:02:8b:7b:23:5f:ae:7a: 60:a9:0a:21:3c:17:63:08:ff:d7:2d:fc:9a:d4:2b:9d:54:58: 90:2c:32:2b:5f:98:1f:25:f2:d5:f4:e3:15:45:4c:d5:68:63: be:52:0b:c0:ec:52:1b:b1:f5:de:5a:c5:3f:38:46:0d:75:8f: 9b:a5:47:bf:72:98:cb:0d:3e:40:2b:68:1b:c0:1e:06:4c:65: 67:cb:43:b0:4e:32:49:b4:2d:ab:c6:33:41:3c:ad:41:5d:02: ba:0c:b3:6c:07:5a:7b:64:9e:40:a1:4a:79:61:8d:29:0c:eb: e0:ba:bd:13 -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgICBu8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkMw MzE0REZERUQ0MUFCNjExRDk5RjU0MjA2Mzk4MkZFMzgwODBCQTAeFw0yNTA0MDEw NzAxNTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUxQzJEN0Y2MjBCM0Y2 M0UxNDMxNzNCN0FGMjUyNTAwMzc0NTlBQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxi1m9uEY6/XTc9vCJkB6R3mS7328JKo1zKLYFOwuU1cJUFI0N S6PvT/UrNQVAku7XfrcSJjnL9DJxKgGJrRhVco6m5zJHlox7ykALMk1CMdNxEDtJ p6mM7dqDbyh8VsrVyR+ARfKdlXZYkeP1kUjkAXqFT6oT5LOJL1erNOqEbSTuQb2c kl31JApgr/z85Md9xQSD6rWFRW2WZmcoCyvQQF7W2poRWvutA03b/IOvm1K9rUKj OAsD4dJNV4EkF41OOAKQSo6JDuRH56q81u7Zvg76surjgecm+EEt41vOHdkNQrOi 3lHFRvHOVBGhLkKIw+3iN+1vVBBwGtuw5IZHAgMBAAGjggHuMIIB6jAdBgNVHQ4E FgQU4cLX9iCz9j4UMXO3ryUlADdFmq4wHwYDVR0jBBgwFoAULAMU397UGrYR2Z9U IGOYL+OAgLowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMv TEFNVTM5N1VHcllSMlo5VUlHT1lMLU9BZ0xvLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9MQU1VMzk3VUdyWVIyWjlVSUdPWUwtT0FnTG8uY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMy80Y0xYOWlDejlqNFVNWE8z cnlVbEFEZEZtcTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA dXwwDQYJKoZIhvcNAQELBQADggEBAD4CqoUk2nQss+gxudDfRtY8EbF8s/ONK3+l 03J0rINBWP9f/Tko+qFl8uHjwerkNoaJQW2oL/OqS5kE7S6e8N02rr0gkBY5qW4f nyAcgrBxMCICnbEuVWfmSZmHsbMO7gwoJXcRSf8VNkh7vcBF00DpJ8v8k1ykVJkT Jtu1l3XEM4tXLwZfccM+Aot7I1+uemCpCiE8F2MI/9ct/JrUK51UWJAsMitfmB8l 8tX04xVFTNVoY75SC8DsUhux9d5axT84Rg11j5ulR79ymMsNPkAraBvAHgZMZWfL Q7BOMkm0LavGM0E8rUFdAroMs2wHWntknkChSnlhjSkM6+C6vRM= -----END CERTIFICATE-----Generated at Sat Apr 26 14:29:25 2025 by rpki-client