$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/0dZ5I09lAVDwwdBtKw3W4Fcbgvg.roa File: 0dZ5I09lAVDwwdBtKw3W4Fcbgvg.roa (raw, json) Hash identifier: lQOR7nSJBC3nQwtfsQk1dpFJvbVpxwW7pzrGhAUqM3s= Subject key identifier: D1:D6:79:23:4F:65:01:50:F0:C1:D0:6D:2B:0D:D6:E0:57:1B:82:F8 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 019F Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/0dZ5I09lAVDwwdBtKw3W4Fcbgvg.roa Signing time: Mon 31 Mar 2025 15:31:12 +0000 ROA not before: Mon 31 Mar 2025 15:31:12 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 142132 IP address blocks: 114.28.200.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 415 (0x19f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Mar 31 15:31:12 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=D1D679234F650150F0C1D06D2B0DD6E0571B82F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:c4:0e:0c:21:c0:c5:81:57:f5:b1:b0:2b:d8: f2:9b:8a:2e:2a:55:d1:7e:89:70:9d:b1:87:40:a2: 32:c3:3b:fc:d5:c9:58:5f:dd:49:d9:30:ae:e9:6f: 75:b5:f9:53:af:cd:a2:c3:c8:f2:0f:f1:7c:fb:b1: d5:f8:3a:35:c6:8f:7e:d4:5a:c2:1f:91:4a:95:55: a5:2f:9f:33:90:48:a6:1c:8e:fc:9c:91:42:e7:af: 76:ef:02:69:d0:80:de:af:23:12:b4:42:7b:be:c2: 4c:35:4b:41:d7:7c:2a:5d:31:72:ae:6d:7c:34:0f: 27:4d:f5:86:68:77:8e:05:f5:2f:ac:bc:3f:62:3f: e1:8f:fe:a5:26:d9:8e:45:32:2f:f5:66:35:5c:c9: 14:a8:3d:d4:7c:c9:fc:54:af:6c:d4:30:5b:8c:e2: ab:2e:d5:c1:fa:b5:97:9a:db:93:8e:e0:ff:0e:1e: 13:d1:66:de:a4:68:be:e3:81:45:7b:f2:c8:7e:49: 36:28:3c:84:ae:4d:0f:be:33:45:f4:45:5b:bf:c8: 7d:94:67:c6:d8:0c:e4:18:b6:74:59:9b:4e:a3:6f: 2c:91:d8:b5:58:45:e8:a6:c0:98:66:bc:19:e6:79: bf:83:7e:62:84:66:f6:ab:3a:a8:79:3b:44:1f:f3: a1:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:D6:79:23:4F:65:01:50:F0:C1:D0:6D:2B:0D:D6:E0:57:1B:82:F8 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/0dZ5I09lAVDwwdBtKw3W4Fcbgvg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.200.0/24 Signature Algorithm: sha256WithRSAEncryption 40:55:03:20:fa:2a:b7:d1:77:82:cc:b3:e2:c8:e3:2f:a8:4d: 59:05:70:09:6b:a9:b8:fb:50:c6:b4:22:ed:e8:3f:87:bb:f9: 5d:b2:46:ce:93:4f:e7:d9:bd:51:54:49:43:a5:7f:a1:80:fc: 6f:a4:6f:30:c3:8c:3b:d1:c0:ae:5a:31:df:26:83:b4:08:d2: 31:90:05:e7:bc:69:e6:cf:58:42:75:ab:5e:65:59:31:77:8b: 4e:6b:f4:ef:0e:a2:e3:ec:6c:5d:fa:b4:0b:52:e6:b9:0f:99: d4:67:05:30:db:18:f9:15:f6:19:4f:57:c2:1f:76:46:c4:44: 26:cc:b5:32:f6:20:a9:c5:76:e4:81:75:90:dd:50:7e:48:b2: 5a:e1:28:b7:86:19:a7:ff:85:74:0a:0f:de:02:68:2b:73:e1: c6:06:1b:3e:97:6d:2d:e5:87:78:6a:f2:2b:57:58:57:00:71: ed:51:7d:e0:c1:24:52:43:53:e8:2f:07:76:d6:db:ac:55:95: be:7c:0e:ce:19:17:94:1f:e0:7e:e9:f1:f3:d2:ef:9b:b5:8c: ee:6f:2b:90:b3:32:93:73:65:d3:7e:b9:a0:fe:00:fc:02:9c: 85:8c:cd:c3:1f:eb:ad:cd:a5:8f:19:98:0d:cc:b1:e6:6a:b2: a8:cc:5b:59 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAZ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAzMzEx NTMxMTJaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKEQxRDY3OTIzNEY2NTAx NTBGMEMxRDA2RDJCMERENkUwNTcxQjgyRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAxA4MIcDFgVf1sbAr2PKbii4qVdF+iXCdsYdAojLDO/zVyVhf 3UnZMK7pb3W1+VOvzaLDyPIP8Xz7sdX4OjXGj37UWsIfkUqVVaUvnzOQSKYcjvyc kULnr3bvAmnQgN6vIxK0Qnu+wkw1S0HXfCpdMXKubXw0DydN9YZod44F9S+svD9i P+GP/qUm2Y5FMi/1ZjVcyRSoPdR8yfxUr2zUMFuM4qsu1cH6tZea25OO4P8OHhPR Zt6kaL7jgUV78sh+STYoPISuTQ++M0X0RVu/yH2UZ8bYDOQYtnRZm06jbyyR2LVY ReimwJhmvBnmeb+DfmKEZvarOqh5O0Qf86HhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU0dZ5I09lAVDwwdBtKw3W4FcbgvgwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwLzBkWjVJMDlsQVZEd3dk QnRLdzNXNEZjYmd2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHMgwDQYJKoZIhvcNAQELBQADggEBAEBVAyD6KrfRd4LMs+LI4y+oTVkFcAlr qbj7UMa0Iu3oP4e7+V2yRs6TT+fZvVFUSUOlf6GA/G+kbzDDjDvRwK5aMd8mg7QI 0jGQBee8aebPWEJ1q15lWTF3i05r9O8OouPsbF36tAtS5rkPmdRnBTDbGPkV9hlP V8IfdkbERCbMtTL2IKnFduSBdZDdUH5IslrhKLeGGaf/hXQKD94CaCtz4cYGGz6X bS3lh3hq8itXWFcAce1RfeDBJFJDU+gvB3bW26xVlb58Ds4ZF5Qf4H7p8fPS75u1 jO5vK5CzMpNzZdN+uaD+APwCnIWMzcMf663NpY8ZmA3MseZqsqjMW1k= -----END CERTIFICATE-----Generated at Sat Apr 26 14:29:00 2025 by rpki-client