$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/NENwW-YjXqfqZoRO7e6IVtyfJno.roa File: NENwW-YjXqfqZoRO7e6IVtyfJno.roa (raw, json) Hash identifier: shhp8XTqqPaxGVCmML4kyHBJcfox3b9DaUPiLypqy38= Subject key identifier: 34:43:70:5B:E6:23:5E:A7:EA:66:84:4E:ED:EE:88:56:DC:9F:26:7A Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Certificate serial: 04 Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/NENwW-YjXqfqZoRO7e6IVtyfJno.roa Signing time: Wed 25 Dec 2024 08:19:49 +0000 ROA not before: Wed 25 Dec 2024 08:19:49 +0000 ROA not after: Thu 25 Dec 2025 06:56:05 +0000 asID: 9812 IP address blocks: 124.151.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 21:38:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Validity Not Before: Dec 25 08:19:49 2024 GMT Not After : Dec 25 06:56:05 2025 GMT Subject: CN=3443705BE6235EA7EA66844EEDEE8856DC9F267A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:88:33:98:78:81:7f:62:bd:95:5e:e0:9f:3a: 37:57:09:b4:e7:4a:a3:ea:1e:d0:73:86:6e:95:96: 6a:68:de:90:d3:bf:8a:0e:49:a0:3d:66:14:c0:67: 60:b5:51:77:d3:fc:4c:de:4c:b4:8a:59:cf:62:84: 5e:72:11:55:25:79:df:19:79:b4:d5:11:47:e1:b1: 96:67:1e:36:2a:a7:d6:7c:e9:63:98:dd:5a:b6:12: 55:ea:c5:b5:de:97:5a:6a:89:4a:ab:d1:8e:4a:20: 15:03:df:e7:29:58:3b:f5:50:03:92:e3:40:14:cf: e0:21:d6:0b:d7:c3:ff:21:8b:fe:87:75:fc:11:9e: 27:93:85:23:9e:7f:0d:67:e4:e4:59:71:09:a2:f5: a2:02:ad:b3:83:45:bc:35:38:2a:06:72:5b:34:2c: f3:04:58:75:8f:48:23:3e:17:cf:7b:cf:12:a9:d7: 4b:66:f9:44:1d:68:a8:1c:c9:69:dc:ae:9e:8c:3a: b6:63:0c:28:d8:66:90:29:2a:22:ce:ea:85:5c:b7: 7c:ea:94:41:65:c2:02:59:7a:9a:8b:45:30:e8:52: bc:c7:2e:98:2b:3b:fb:9e:04:fd:97:1c:ed:21:b0: 38:c8:cf:a6:4a:d0:77:ab:53:18:53:ad:ce:32:9a: ca:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:43:70:5B:E6:23:5E:A7:EA:66:84:4E:ED:EE:88:56:DC:9F:26:7A X509v3 Authority Key Identifier: keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/NENwW-YjXqfqZoRO7e6IVtyfJno.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.151.193.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:07:fc:ec:98:40:75:15:72:38:60:a0:fd:bb:57:d0:b5:cf: a9:c1:cc:c9:e3:51:00:ec:51:6c:63:78:61:52:d5:5a:68:6b: d1:4b:5d:73:9d:bb:e8:5d:20:b1:e2:1d:6b:58:f7:4a:a9:30: ba:99:ca:02:ef:b7:5d:7f:5e:39:40:18:fe:d8:39:5f:e1:32: 23:b0:33:7f:c2:6a:66:8a:1c:91:d3:6a:f6:7d:0a:20:94:83: b3:27:e8:e0:af:13:65:67:4d:a5:1c:6b:16:c4:db:3f:4b:25: ef:2e:d7:e4:56:f8:40:b1:7c:f4:c2:64:6c:18:2e:28:66:eb: 4e:40:9e:ae:e0:aa:36:be:e9:85:42:f0:1b:8a:b4:0a:f5:94: 3b:f2:f6:e5:04:81:ab:4e:0a:6c:16:fe:bd:13:d7:d1:00:de: f9:94:f3:41:32:7e:65:a5:16:ae:dd:8b:cb:ed:78:67:bd:81: 28:f7:80:5e:af:18:a2:28:35:10:ee:52:42:62:a3:bf:eb:70: 1f:86:ed:b1:e9:8b:23:4d:a1:28:5d:a1:ae:db:08:58:41:24: 27:66:39:63:a4:56:c4:c3:21:a3:eb:aa:a1:70:43:5a:ce:09: 39:22:ba:8d:92:78:ce:5f:0c:59:c0:08:b3:df:65:1d:d9:d3: fe:3e:b5:0a -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEQTFE QUJFQ0YxOTQ1REZGNTNCNjIwRTBCNkM0MTBFOTFFNDQ3MUIxMB4XDTI0MTIyNTA4 MTk0OVoXDTI1MTIyNTA2NTYwNVowMzExMC8GA1UEAxMoMzQ0MzcwNUJFNjIzNUVB N0VBNjY4NDRFRURFRTg4NTZEQzlGMjY3QTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALCIM5h4gX9ivZVe4J86N1cJtOdKo+oe0HOGbpWWamjekNO/ig5J oD1mFMBnYLVRd9P8TN5MtIpZz2KEXnIRVSV53xl5tNURR+GxlmceNiqn1nzpY5jd WrYSVerFtd6XWmqJSqvRjkogFQPf5ylYO/VQA5LjQBTP4CHWC9fD/yGL/od1/BGe J5OFI55/DWfk5FlxCaL1ogKts4NFvDU4KgZyWzQs8wRYdY9IIz4Xz3vPEqnXS2b5 RB1oqBzJadyunow6tmMMKNhmkCkqIs7qhVy3fOqUQWXCAll6motFMOhSvMcumCs7 +54E/Zcc7SGwOMjPpkrQd6tTGFOtzjKays0CAwEAAaOCAe8wggHrMB0GA1UdDgQW BBQ0Q3Bb5iNep+pmhE7t7ohW3J8mejAfBgNVHSMEGDAWgBTaHavs8ZRd/1O2IOC2 xBDpHkRxsTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi8y aDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwLzJoMnI3UEdVWGY5VHRpRGd0c1FRNlI1RWNiRS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzUyL05FTndXLVlqWHFmcVpvUk83 ZTZJVnR5Zkpuby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB8 l8EwDQYJKoZIhvcNAQELBQADggEBAD0H/OyYQHUVcjhgoP27V9C1z6nBzMnjUQDs UWxjeGFS1Vpoa9FLXXOdu+hdILHiHWtY90qpMLqZygLvt11/XjlAGP7YOV/hMiOw M3/CamaKHJHTavZ9CiCUg7Mn6OCvE2VnTaUcaxbE2z9LJe8u1+RW+ECxfPTCZGwY Lihm605Anq7gqja+6YVC8BuKtAr1lDvy9uUEgatOCmwW/r0T19EA3vmU80EyfmWl Fq7di8vteGe9gSj3gF6vGKIoNRDuUkJio7/rcB+G7bHpiyNNoShdoa7bCFhBJCdm OWOkVsTDIaPrqqFwQ1rOCTkiuo2SeM5fDFnACLPfZR3Z0/4+tQo= -----END CERTIFICATE-----Generated at Sat Apr 26 20:16:40 2025 by rpki-client