$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/KoPRPQqGeqnVLw-SkMST5S28RVI.roa File: KoPRPQqGeqnVLw-SkMST5S28RVI.roa (raw, json) Hash identifier: nWch/6fvS1NxWfH5N9cTc8M/RbhIPPz4CwV2rOmsDok= Subject key identifier: 2A:83:D1:3D:0A:86:7A:A9:D5:2F:0F:92:90:C4:93:E5:2D:BC:45:52 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 0233 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/KoPRPQqGeqnVLw-SkMST5S28RVI.roa Signing time: Thu 24 Apr 2025 02:55:19 +0000 ROA not before: Thu 24 Apr 2025 02:55:19 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 142132 IP address blocks: 202.46.33.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 563 (0x233) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 24 02:55:19 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=2A83D13D0A867AA9D52F0F9290C493E52DBC4552 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:99:1e:de:c3:13:0d:3f:be:67:00:fe:ef:fa: 0d:6c:89:89:88:9e:c2:27:f1:cf:e0:5d:9d:15:a0: e5:ea:b8:b8:de:7b:33:38:47:3f:74:c2:30:e4:52: 87:3d:80:22:92:51:c9:d1:a8:e7:ff:62:1d:e2:9c: 13:e6:5c:2e:ae:14:2f:39:16:8e:db:92:6b:63:7e: 07:33:18:2e:98:a1:76:a7:67:2c:6e:15:c3:09:6f: d1:00:d7:58:ca:a3:7d:9c:a5:16:37:5c:22:10:6b: 0f:8a:b8:d4:59:45:57:5d:b5:10:ce:e9:54:4a:a0: be:7f:cc:a2:26:90:90:86:f0:c2:29:bf:a8:71:4b: 67:36:13:fc:06:49:36:a6:ab:dd:70:0e:f2:89:5d: a8:51:4b:a1:6b:71:8e:2e:c6:83:ee:84:89:53:1d: fa:65:3f:a3:de:de:61:9a:2a:69:aa:85:9b:8f:8a: 88:c6:e2:91:81:0f:7d:65:c2:d5:3f:57:08:61:ab: 64:23:8f:5a:4d:5a:66:42:d9:f6:24:4c:6d:6e:6f: f4:c3:ab:08:73:2a:6c:14:d3:6b:b7:d6:7f:b9:ab: fb:f5:be:de:8e:79:de:b6:ee:51:62:31:d4:5a:d2: 86:ad:0a:2e:6f:e8:0b:64:da:95:a0:3d:b4:3f:b0: 1b:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:83:D1:3D:0A:86:7A:A9:D5:2F:0F:92:90:C4:93:E5:2D:BC:45:52 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/KoPRPQqGeqnVLw-SkMST5S28RVI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.33.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:23:5f:6a:5b:cb:c0:f3:8a:2d:1a:19:dc:44:7c:57:33:7c: 13:1d:51:80:0d:81:b0:6d:90:2d:86:19:c6:b1:dc:65:76:66: e0:93:86:23:68:59:d0:86:0c:89:d9:35:be:3a:35:45:2f:15: 24:30:c1:59:90:7d:5d:50:b9:81:ca:0f:34:00:a2:ad:ed:c5: 6b:8e:89:e7:b3:81:80:1e:69:fa:48:ba:b8:e8:26:f3:97:cf: 9b:1b:4e:e0:ce:f5:1e:d5:05:c2:55:5f:5f:d7:96:79:c3:e5: d4:0c:3e:4f:83:eb:45:b4:83:67:7e:29:2d:a7:77:fb:d1:77: ee:c7:fa:fb:48:2c:3d:f1:88:54:7b:ff:62:59:97:29:5d:81: 96:64:b4:a2:62:7d:1d:01:4e:51:b5:16:1f:80:45:87:3d:31: 24:1b:7e:c1:f4:93:84:f0:83:63:41:79:68:28:23:88:2a:83: 9c:a0:c1:a6:3f:cd:99:b8:a3:e1:eb:d7:a8:9e:05:05:1f:19: fd:6b:83:37:cf:3c:00:a2:40:f8:48:6a:e9:0e:ae:fa:83:c4: ff:37:bc:85:d2:f2:39:9a:a4:f6:38:a4:b5:f4:2c:a7:c5:44: 61:18:1f:a8:85:c6:94:aa:82:1d:60:34:1f:72:d5:ba:e7:a9: 79:0b:4d:ed -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAjMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MjQw MjU1MTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDJBODNEMTNEMEE4NjdB QTlENTJGMEY5MjkwQzQ5M0U1MkRCQzQ1NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWmR7ewxMNP75nAP7v+g1siYmInsIn8c/gXZ0VoOXquLjeezM4 Rz90wjDkUoc9gCKSUcnRqOf/Yh3inBPmXC6uFC85Fo7bkmtjfgczGC6YoXanZyxu FcMJb9EA11jKo32cpRY3XCIQaw+KuNRZRVddtRDO6VRKoL5/zKImkJCG8MIpv6hx S2c2E/wGSTamq91wDvKJXahRS6FrcY4uxoPuhIlTHfplP6Pe3mGaKmmqhZuPiojG 4pGBD31lwtU/Vwhhq2Qjj1pNWmZC2fYkTG1ub/TDqwhzKmwU02u31n+5q/v1vt6O ed627lFiMdRa0oatCi5v6Atk2pWgPbQ/sBtvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUKoPRPQqGeqnVLw+SkMST5S28RVIwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL0tvUFJQUXFHZXFuVkx3 LVNrTVNUNVMyOFJWSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKLiEwDQYJKoZIhvcNAQELBQADggEBAJwjX2pby8Dzii0aGdxEfFczfBMdUYAN gbBtkC2GGcax3GV2ZuCThiNoWdCGDInZNb46NUUvFSQwwVmQfV1QuYHKDzQAoq3t xWuOieezgYAeafpIurjoJvOXz5sbTuDO9R7VBcJVX1/XlnnD5dQMPk+D60W0g2d+ KS2nd/vRd+7H+vtILD3xiFR7/2JZlyldgZZktKJifR0BTlG1Fh+ARYc9MSQbfsH0 k4Twg2NBeWgoI4gqg5ygwaY/zZm4o+Hr16ieBQUfGf1rgzfPPACiQPhIaukOrvqD xP83vIXS8jmapPY4pLX0LKfFRGEYH6iFxpSqgh1gNB9y1brnqXkLTe0= -----END CERTIFICATE-----Generated at Sat Apr 26 14:29:10 2025 by rpki-client