$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/QJ0xQwU7ijDp-eqfpnkAMcTc2P8.roa File: QJ0xQwU7ijDp-eqfpnkAMcTc2P8.roa (raw, json) Hash identifier: Sc7N7ab71h6ekql6Ip1MsG7JlEfSt7H8gJto9mf9+98= Subject key identifier: 40:9D:31:43:05:3B:8A:30:E9:F9:EA:9F:A6:79:00:31:C4:DC:D8:FF Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 01B6 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/QJ0xQwU7ijDp-eqfpnkAMcTc2P8.roa Signing time: Tue 01 Apr 2025 18:15:18 +0000 ROA not before: Tue 01 Apr 2025 18:15:18 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 142132 IP address blocks: 114.28.234.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 438 (0x1b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 1 18:15:18 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=409D3143053B8A30E9F9EA9FA6790031C4DCD8FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:cd:1f:83:25:e5:9b:cf:67:80:1e:61:0b:82: fc:b5:76:ef:74:c9:e8:5a:4e:27:15:ed:89:4c:ee: da:92:7f:ed:09:a6:0b:6a:53:36:93:ed:dd:dc:16: 26:93:2b:69:48:72:80:31:4e:27:a4:85:f6:60:09: af:e8:c2:08:d3:5a:1d:3d:65:3b:bc:11:94:de:8c: a2:ac:29:14:03:62:36:fa:34:11:37:86:95:0b:a7: 48:17:90:79:de:7c:e1:99:24:51:d1:0b:36:f1:8b: 90:74:26:c4:f2:b4:85:67:e6:be:b7:32:82:8d:ca: 29:df:9a:40:88:22:00:a9:43:3e:b4:c3:e9:5b:f3: 6d:27:72:b1:1b:ad:bd:bb:39:5e:dc:d8:77:d8:51: ee:ca:55:d8:53:8d:a8:3f:de:75:41:a2:85:c6:d7: c3:5c:23:b3:e8:6a:a1:cd:ec:cc:d0:f6:b9:e5:1e: 5b:87:19:9f:58:d2:43:94:bd:02:a5:36:79:5d:01: 32:da:99:70:66:bb:cf:a4:ea:20:93:ea:e4:80:2a: 2c:bc:2f:19:17:b2:ce:a7:79:40:4e:72:0d:01:38: 7a:30:3e:73:9a:86:2a:d3:b7:2d:2b:18:44:f2:f2: c2:5a:e9:1e:7e:ab:96:31:40:1b:f4:4b:e0:5f:2a: 84:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:9D:31:43:05:3B:8A:30:E9:F9:EA:9F:A6:79:00:31:C4:DC:D8:FF X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/QJ0xQwU7ijDp-eqfpnkAMcTc2P8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.234.0/24 Signature Algorithm: sha256WithRSAEncryption 18:4c:f5:86:0a:28:19:ee:24:ef:fd:c0:1a:a7:1c:1a:fc:34: f6:12:29:ed:ab:d1:ab:67:29:d1:b8:6d:53:b1:54:32:07:59: 51:0b:40:c7:ed:4c:01:68:bd:aa:b8:57:9a:be:61:b6:49:f9: 2a:35:db:ba:dc:d2:92:7b:f8:03:cd:9b:e5:cf:e2:6d:26:5e: e4:a0:6f:99:8b:14:5e:00:3d:92:85:da:19:4c:22:7b:bd:1b: 95:52:7b:55:34:b9:9d:5c:91:f2:3f:d0:90:78:d0:9c:9f:33: 3f:d7:4c:b9:8a:9c:0d:9b:a2:e8:9a:da:f2:54:07:19:6f:23: bc:6d:69:fa:61:3a:7f:41:3c:9d:b2:bc:9f:d3:cb:2f:1e:28: a2:9c:a5:dd:66:24:d0:0a:d6:73:83:02:c6:58:f8:72:b0:40: b4:bc:7a:4e:e3:70:db:f5:2e:24:de:b4:8a:75:43:a5:12:1d: c2:1d:04:56:68:05:70:98:d6:85:45:00:e7:86:55:21:c9:a1: 2b:c0:a9:ec:a7:f6:99:e2:18:03:99:a0:17:da:0a:0a:91:17: e6:3e:71:f7:a6:00:ee:5a:f1:1c:aa:f2:c2:2a:32:8f:05:7e: a8:63:44:f1:c6:96:0d:7b:2f:93:c6:96:1a:67:95:6c:07:e5: e3:51:b9:fb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAbYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MDEx ODE1MThaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDQwOUQzMTQzMDUzQjhB MzBFOUY5RUE5RkE2NzkwMDMxQzREQ0Q4RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmzR+DJeWbz2eAHmELgvy1du90yehaTicV7YlM7tqSf+0Jpgtq UzaT7d3cFiaTK2lIcoAxTiekhfZgCa/owgjTWh09ZTu8EZTejKKsKRQDYjb6NBE3 hpULp0gXkHnefOGZJFHRCzbxi5B0JsTytIVn5r63MoKNyinfmkCIIgCpQz60w+lb 820ncrEbrb27OV7c2HfYUe7KVdhTjag/3nVBooXG18NcI7PoaqHN7MzQ9rnlHluH GZ9Y0kOUvQKlNnldATLamXBmu8+k6iCT6uSAKiy8LxkXss6neUBOcg0BOHowPnOa hirTty0rGETy8sJa6R5+q5YxQBv0S+BfKoTzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUQJ0xQwU7ijDp+eqfpnkAMcTc2P8wHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL1FKMHhRd1U3aWpEcC1l cWZwbmtBTWNUYzJQOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHOowDQYJKoZIhvcNAQELBQADggEBABhM9YYKKBnuJO/9wBqnHBr8NPYSKe2r 0atnKdG4bVOxVDIHWVELQMftTAFovaq4V5q+YbZJ+So127rc0pJ7+APNm+XP4m0m XuSgb5mLFF4APZKF2hlMInu9G5VSe1U0uZ1ckfI/0JB40JyfMz/XTLmKnA2bouia 2vJUBxlvI7xtafphOn9BPJ2yvJ/Tyy8eKKKcpd1mJNAK1nODAsZY+HKwQLS8ek7j cNv1LiTetIp1Q6USHcIdBFZoBXCY1oVFAOeGVSHJoSvAqeyn9pniGAOZoBfaCgqR F+Y+cfemAO5a8Ryq8sIqMo8FfqhjRPHGlg17L5PGlhpnlWwH5eNRufs= -----END CERTIFICATE-----Generated at Sat Apr 26 14:29:00 2025 by rpki-client