$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/5xs6q9kYSJs7xTxojHCGDufbz_A.roa File: 5xs6q9kYSJs7xTxojHCGDufbz_A.roa (raw, json) Hash identifier: vnzGUEdBuD1T8Njqq7T/LcFQTgcgO72+hsaDv3JZDh8= Subject key identifier: E7:1B:3A:AB:D9:18:48:9B:3B:C5:3C:68:8C:70:86:0E:E7:DB:CF:F0 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 0104 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/5xs6q9kYSJs7xTxojHCGDufbz_A.roa Signing time: Mon 03 Mar 2025 08:29:23 +0000 ROA not before: Mon 03 Mar 2025 08:29:23 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 142132 IP address blocks: 114.28.211.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 260 (0x104) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Mar 3 08:29:23 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=E71B3AABD918489B3BC53C688C70860EE7DBCFF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d5:31:e3:67:33:db:36:7b:16:f7:e0:11:4e: 7a:49:80:ee:22:d6:b1:e1:6a:99:d8:da:a7:cf:65: ee:52:02:e7:5b:94:16:80:68:cd:77:98:66:62:52: 26:91:34:0f:4e:3f:4a:d6:35:bd:6c:1d:ff:0e:55: 5d:a3:81:ff:76:53:97:86:83:d5:e5:4e:73:12:85: 40:9c:e3:fb:eb:83:6f:ab:88:8b:99:1a:60:14:46: 8a:a5:49:29:aa:bf:bb:6b:79:4e:b1:10:a3:17:c5: 02:4a:a3:ba:56:8c:26:0c:63:ce:bd:33:70:04:7f: 18:6e:91:c6:40:4a:2b:a8:06:76:32:24:77:33:27: b3:ee:51:2a:59:3c:b9:bc:9e:0b:d4:51:cb:7e:bf: 0b:ab:4d:54:8f:80:6b:48:1c:e0:18:2e:20:99:d0: 9f:e6:9d:07:5a:bd:8d:ff:a5:b6:13:91:2e:bf:7f: c5:d1:b0:1c:09:ef:f0:88:a6:00:b8:3d:fa:ea:44: 9c:12:da:e4:1a:fa:e4:50:73:2f:30:a3:77:14:e0: ba:22:e2:7b:78:ff:48:8f:ec:aa:dc:55:f6:95:25: e3:cf:3a:f2:f8:f0:d8:22:11:8e:ac:11:0e:c8:f5: 7f:0c:e5:e5:e2:85:dc:73:c1:aa:f3:5c:57:1b:9d: 64:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:1B:3A:AB:D9:18:48:9B:3B:C5:3C:68:8C:70:86:0E:E7:DB:CF:F0 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/5xs6q9kYSJs7xTxojHCGDufbz_A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.211.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:20:b3:a4:98:12:94:ca:8e:7e:85:7e:6e:72:23:5a:20:b2: 6d:5f:64:20:6e:dc:ef:98:ff:b8:2b:78:39:24:fb:68:6b:9b: e3:bf:e6:b3:a5:b9:78:e8:a2:b3:71:8c:bf:68:fc:64:30:c5: 34:28:50:f4:87:8d:c7:3b:d9:3f:a3:bc:89:5a:5c:9f:86:5d: 0a:60:22:64:26:fb:94:a8:e1:c9:63:74:92:c4:58:f8:61:6a: b7:71:78:f7:18:57:3f:4f:f2:c5:ba:7a:89:fb:ba:58:54:97: b8:dd:17:69:2e:97:40:e5:94:75:9c:0a:cc:d2:34:6e:7d:38: fe:96:5a:24:a8:d6:e3:f2:ff:ee:5b:99:f5:c2:bd:46:cc:ae: 1f:54:96:71:de:ea:6e:03:cd:cb:ef:31:08:62:3d:e9:12:a7: 29:97:21:02:39:7d:17:5e:e0:1f:a9:1c:03:f6:68:0e:c5:c6: d4:1e:c6:8a:64:a2:e4:ac:5a:6e:20:8b:e9:df:e7:0f:a6:ac: 66:41:63:b7:49:7a:57:00:a0:7d:1e:94:16:fb:3f:23:0d:ec: 11:b4:cc:7e:c3:a1:5c:83:7a:21:be:5b:7c:fa:e2:6c:e5:9d: 6a:e4:6f:a9:b6:39:2b:f2:7f:60:c2:4c:98:89:55:48:f0:cc: 31:16:78:9d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTAzMDMw ODI5MjNaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKEU3MUIzQUFCRDkxODQ4 OUIzQkM1M0M2ODhDNzA4NjBFRTdEQkNGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF1THjZzPbNnsW9+ARTnpJgO4i1rHhapnY2qfPZe5SAudblBaA aM13mGZiUiaRNA9OP0rWNb1sHf8OVV2jgf92U5eGg9XlTnMShUCc4/vrg2+riIuZ GmAURoqlSSmqv7treU6xEKMXxQJKo7pWjCYMY869M3AEfxhukcZASiuoBnYyJHcz J7PuUSpZPLm8ngvUUct+vwurTVSPgGtIHOAYLiCZ0J/mnQdavY3/pbYTkS6/f8XR sBwJ7/CIpgC4PfrqRJwS2uQa+uRQcy8wo3cU4Loi4nt4/0iP7KrcVfaVJePPOvL4 8NgiEY6sEQ7I9X8M5eXihdxzwarzXFcbnWQjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU5xs6q9kYSJs7xTxojHCGDufbz/AwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwLzV4czZxOWtZU0pzN3hU eG9qSENHRHVmYnpfQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHNMwDQYJKoZIhvcNAQELBQADggEBAHogs6SYEpTKjn6Ffm5yI1ogsm1fZCBu 3O+Y/7greDkk+2hrm+O/5rOluXjoorNxjL9o/GQwxTQoUPSHjcc72T+jvIlaXJ+G XQpgImQm+5So4cljdJLEWPhhardxePcYVz9P8sW6eon7ulhUl7jdF2kul0DllHWc CszSNG59OP6WWiSo1uPy/+5bmfXCvUbMrh9UlnHe6m4DzcvvMQhiPekSpymXIQI5 fRde4B+pHAP2aA7FxtQexopkouSsWm4gi+nf5w+mrGZBY7dJelcAoH0elBb7PyMN 7BG0zH7DoVyDeiG+W3z64mzlnWrkb6m2OSvyf2DCTJiJVUjwzDEWeJ0= -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:42 2025 by rpki-client