$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/NHamWpbVYJHiRlJoyV-4gnuctc4.roa File: NHamWpbVYJHiRlJoyV-4gnuctc4.roa (raw, json) Hash identifier: /VOb/quE81RsmVadCg2EQfEjGxNFod1cRASxSWSKcu4= Subject key identifier: 34:76:A6:5A:96:D5:60:91:E2:46:52:68:C9:5F:B8:82:7B:9C:B5:CE Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 023F Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/NHamWpbVYJHiRlJoyV-4gnuctc4.roa Signing time: Thu 24 Apr 2025 08:50:27 +0000 ROA not before: Thu 24 Apr 2025 08:50:27 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 142132 IP address blocks: 114.28.228.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 575 (0x23f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 24 08:50:27 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=3476A65A96D56091E2465268C95FB8827B9CB5CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:77:61:fe:77:50:7f:ec:3b:29:b4:63:b4:cb: e5:0e:9a:da:f6:a2:de:f5:13:8f:4c:49:71:2c:e8: 84:47:67:51:09:16:7d:a1:7e:20:76:2c:1b:db:a4: c0:02:31:8c:97:fc:9f:dc:0e:2f:6a:58:5b:20:ed: 97:26:5d:d3:78:4f:75:6c:13:0b:ec:42:8c:aa:79: 3c:d0:ef:c6:d2:12:b7:c5:e0:1f:b6:dc:74:1d:f4: 82:89:fb:2e:fe:2a:08:d8:b0:4a:14:81:13:9b:4b: 3c:4a:cb:e2:00:3e:04:4b:e9:3c:ec:68:ca:65:02: 98:c3:08:a7:b6:83:85:b0:4d:47:7c:23:07:ef:3d: bf:2e:50:b2:b1:bf:af:f2:87:df:0b:4e:67:51:6b: 94:f9:4c:6d:0e:ff:d3:43:6e:25:2f:36:9e:a1:a7: 0a:5e:35:7c:ca:5c:b6:69:09:5a:db:30:37:66:93: 7b:a5:01:50:42:16:d4:83:6c:35:7d:46:ee:6b:5b: f3:d9:69:11:a3:f6:15:f6:d2:5e:8a:30:e5:36:c4: f3:18:01:6b:7d:50:42:f3:d3:53:c5:fa:2c:ce:de: 08:51:22:78:46:e9:06:05:9a:40:3a:09:4e:53:25: 7a:6a:fb:8c:a4:92:ad:c4:03:bf:83:ee:a3:e9:f3: be:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:76:A6:5A:96:D5:60:91:E2:46:52:68:C9:5F:B8:82:7B:9C:B5:CE X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/NHamWpbVYJHiRlJoyV-4gnuctc4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.228.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:10:85:7e:cc:da:da:86:27:aa:38:e9:75:11:68:c5:4d:fe: 2a:1c:87:0b:91:ef:6a:86:ba:81:1b:15:b5:7d:99:08:b8:26: 50:ba:ca:fb:85:71:4b:1d:ff:ab:19:34:3e:07:17:e0:f6:07: f7:cd:56:17:de:72:59:12:f3:0c:eb:53:20:7d:fe:cf:db:15: 42:b3:9a:1a:c8:fd:6e:64:3d:73:cd:c3:d1:0a:73:fe:12:26: 8d:31:03:6a:34:73:d5:7a:ff:f2:34:24:9e:16:9d:95:25:1b: 85:ba:dd:b9:1b:65:0d:6c:a7:16:ea:37:7f:23:a6:92:78:75: bb:a1:35:50:a9:b4:92:b4:b0:e0:b8:20:02:85:e3:28:85:05: 82:bb:1d:05:64:f9:21:1b:0d:b6:6f:ba:02:0f:08:42:fa:6e: 10:6a:6e:e3:17:d9:7e:78:64:2b:89:22:f7:33:f1:ba:f7:1c: bc:a3:7c:48:f5:4a:9f:2b:08:96:32:0a:54:4a:99:54:cb:3e: 08:08:08:94:39:a9:f8:a4:a8:8c:3e:9b:4c:e5:f0:bd:b4:3a: b6:e8:5b:5c:76:7a:43:00:81:b1:98:6f:85:e9:ca:2b:68:59: ab:9b:df:cd:f6:80:7f:76:24:7d:3e:0e:f7:f8:be:96:6f:b5: 1f:14:73:11 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAj8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MjQw ODUwMjdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM0NzZBNjVBOTZENTYw OTFFMjQ2NTI2OEM5NUZCODgyN0I5Q0I1Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmd2H+d1B/7DsptGO0y+UOmtr2ot71E49MSXEs6IRHZ1EJFn2h fiB2LBvbpMACMYyX/J/cDi9qWFsg7ZcmXdN4T3VsEwvsQoyqeTzQ78bSErfF4B+2 3HQd9IKJ+y7+KgjYsEoUgRObSzxKy+IAPgRL6TzsaMplApjDCKe2g4WwTUd8Iwfv Pb8uULKxv6/yh98LTmdRa5T5TG0O/9NDbiUvNp6hpwpeNXzKXLZpCVrbMDdmk3ul AVBCFtSDbDV9Ru5rW/PZaRGj9hX20l6KMOU2xPMYAWt9UELz01PF+izO3ghRInhG 6QYFmkA6CU5TJXpq+4ykkq3EA7+D7qPp877nAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUNHamWpbVYJHiRlJoyV+4gnuctc4wHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL05IYW1XcGJWWUpIaVJs Sm95Vi00Z251Y3RjNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHOQwDQYJKoZIhvcNAQELBQADggEBAD8QhX7M2tqGJ6o46XURaMVN/iochwuR 72qGuoEbFbV9mQi4JlC6yvuFcUsd/6sZND4HF+D2B/fNVhfeclkS8wzrUyB9/s/b FUKzmhrI/W5kPXPNw9EKc/4SJo0xA2o0c9V6//I0JJ4WnZUlG4W63bkbZQ1spxbq N38jppJ4dbuhNVCptJK0sOC4IAKF4yiFBYK7HQVk+SEbDbZvugIPCEL6bhBqbuMX 2X54ZCuJIvcz8br3HLyjfEj1Sp8rCJYyClRKmVTLPggICJQ5qfikqIw+m0zl8L20 OrboW1x2ekMAgbGYb4XpyitoWaub3832gH92JH0+Dvf4vpZvtR8UcxE= -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:30 2025 by rpki-client