$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/5A8OYpToLInFfJkhoIWfEiFtIPQ.roa File: 5A8OYpToLInFfJkhoIWfEiFtIPQ.roa (raw, json) Hash identifier: x+60aO4gLQoDRENjkiVVPQUJwdAw7b4rkcp8n/rhQUc= Subject key identifier: E4:0F:0E:62:94:E8:2C:89:C5:7C:99:21:A0:85:9F:12:21:6D:20:F4 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 01A4 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/5A8OYpToLInFfJkhoIWfEiFtIPQ.roa Signing time: Mon 31 Mar 2025 16:24:00 +0000 ROA not before: Mon 31 Mar 2025 16:24:00 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 142132 IP address blocks: 114.28.195.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 420 (0x1a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Mar 31 16:24:00 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=E40F0E6294E82C89C57C9921A0859F12216D20F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:32:73:66:a5:3a:9c:21:30:f0:a0:99:22:1f: 2e:d6:f7:88:b2:2c:c2:c2:a3:05:ce:e5:61:32:60: 9d:a9:68:95:77:0f:be:0d:72:b2:94:4b:a6:dd:13: 2e:0c:d5:fe:7f:ee:fe:c1:ca:09:0a:bd:9e:96:01: 4a:8a:a0:54:00:de:1f:b4:0b:62:88:fc:cb:ec:bb: d3:37:0f:c7:ad:f3:ec:9b:db:8b:4f:43:97:8f:78: b7:59:69:71:cb:04:40:fd:c3:4b:b1:75:fc:77:a6: 0f:42:a0:ee:69:f8:e4:ed:4b:b1:ad:48:3f:a8:25: 02:45:74:f5:79:43:63:79:ff:85:cb:e4:e4:37:2c: 63:70:05:30:86:c3:16:67:b8:32:1c:7a:f9:90:4c: f0:aa:12:1d:a4:e4:ae:bf:2f:ec:9e:cd:d3:e3:39: 9e:8b:56:84:ce:0b:54:2d:ed:d2:5e:c0:1f:7f:11: cc:f6:e0:af:99:16:63:21:7a:d9:06:37:de:6e:96: be:af:97:4c:02:0f:60:d3:65:b6:6a:cd:9f:7d:2f: 32:5c:36:61:58:59:1f:8f:74:c6:ab:bc:a5:2c:08: af:66:52:96:24:0d:43:60:1f:58:1e:29:34:0b:d4: 60:67:c9:9c:8a:5b:ea:2d:e0:d4:af:6b:12:8d:26: cb:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:0F:0E:62:94:E8:2C:89:C5:7C:99:21:A0:85:9F:12:21:6D:20:F4 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/5A8OYpToLInFfJkhoIWfEiFtIPQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.195.0/24 Signature Algorithm: sha256WithRSAEncryption 16:ef:34:72:93:f6:01:21:cd:cc:42:0c:fb:f1:c0:00:f0:b1: 8a:06:a2:17:1b:76:b4:2d:89:eb:44:6f:40:5f:d1:ab:b9:62: 39:9c:6a:2a:65:85:44:90:a2:75:98:1d:b5:83:2d:6e:3d:62: c0:bf:1d:cd:03:9c:b3:88:61:35:bc:9b:08:06:20:10:79:cc: 8a:a2:56:a0:a9:08:9d:62:00:dd:21:98:2c:a1:22:55:df:f6: af:0b:2d:7d:01:e1:dd:04:c6:7a:33:ee:ec:d9:e4:ce:b8:80: 48:73:eb:57:1e:de:df:32:48:71:a4:9c:eb:87:a8:ac:68:c3: c6:9e:44:bc:b4:32:03:a4:ad:3d:74:d8:7a:39:66:9f:bc:2d: 06:5e:b8:a6:f2:83:10:81:6d:a9:e0:4e:fd:2b:bb:8b:62:f6: 9f:a2:ec:7b:cf:c5:87:87:34:a4:8f:1a:fc:5f:63:60:cf:a6: 30:6c:32:0e:2a:57:12:d0:29:76:3f:0c:72:72:a4:35:46:3d: 4b:68:9e:06:56:1d:d8:cd:02:30:7e:43:14:5a:91:12:b8:f1: b6:fc:12:27:4d:d5:12:df:71:f2:a1:09:1b:e5:1f:0f:1e:c7: 4b:22:3c:38:df:2e:ad:cb:84:f1:3c:b0:ed:46:d2:5f:f0:7c: 66:fb:c3:2b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAzMzEx NjI0MDBaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKEU0MEYwRTYyOTRFODJD ODlDNTdDOTkyMUEwODU5RjEyMjE2RDIwRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPMnNmpTqcITDwoJkiHy7W94iyLMLCowXO5WEyYJ2paJV3D74N crKUS6bdEy4M1f5/7v7BygkKvZ6WAUqKoFQA3h+0C2KI/Mvsu9M3D8et8+yb24tP Q5ePeLdZaXHLBED9w0uxdfx3pg9CoO5p+OTtS7GtSD+oJQJFdPV5Q2N5/4XL5OQ3 LGNwBTCGwxZnuDIcevmQTPCqEh2k5K6/L+yezdPjOZ6LVoTOC1Qt7dJewB9/Ecz2 4K+ZFmMhetkGN95ulr6vl0wCD2DTZbZqzZ99LzJcNmFYWR+PdMarvKUsCK9mUpYk DUNgH1geKTQL1GBnyZyKW+ot4NSvaxKNJss9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU5A8OYpToLInFfJkhoIWfEiFtIPQwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwLzVBOE9ZcFRvTEluRmZK a2hvSVdmRWlGdElQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHMMwDQYJKoZIhvcNAQELBQADggEBABbvNHKT9gEhzcxCDPvxwADwsYoGohcb drQtietEb0Bf0au5YjmcaiplhUSQonWYHbWDLW49YsC/Hc0DnLOIYTW8mwgGIBB5 zIqiVqCpCJ1iAN0hmCyhIlXf9q8LLX0B4d0Exnoz7uzZ5M64gEhz61ce3t8ySHGk nOuHqKxow8aeRLy0MgOkrT102Ho5Zp+8LQZeuKbygxCBbangTv0ru4ti9p+i7HvP xYeHNKSPGvxfY2DPpjBsMg4qVxLQKXY/DHJypDVGPUtongZWHdjNAjB+QxRakRK4 8bb8EidN1RLfcfKhCRvlHw8ex0siPDjfLq3LhPE8sO1G0l/wfGb7wys= -----END CERTIFICATE-----Generated at Sat Apr 26 13:30:19 2025 by rpki-client