$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/cevxg5OQpJyy4kmIvON4zBBgiMY.roa File: cevxg5OQpJyy4kmIvON4zBBgiMY.roa (raw, json) Hash identifier: Uj82zDRHr+jOc1jqMcw2H1r4KTcK1GvgtouvhgqaIK0= Subject key identifier: 71:EB:F1:83:93:90:A4:9C:B2:E2:49:88:BC:E3:78:CC:10:60:88:C6 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 0239 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/cevxg5OQpJyy4kmIvON4zBBgiMY.roa Signing time: Thu 24 Apr 2025 08:49:07 +0000 ROA not before: Thu 24 Apr 2025 08:49:07 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24413 IP address blocks: 202.46.41.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 569 (0x239) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 24 08:49:07 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=71EBF1839390A49CB2E24988BCE378CC106088C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:fa:f8:30:b8:4f:3d:d9:38:17:58:56:ae:94: 44:31:04:0f:ba:5a:4e:b7:4d:d7:95:bb:7a:f6:a1: f6:f2:64:9c:77:1e:31:18:f5:8b:f5:f7:20:d3:31: e9:49:85:8d:48:ac:42:53:2c:97:5b:a2:85:af:8e: 82:af:3f:90:79:8f:cf:aa:72:a0:26:ba:b3:93:76: fc:3e:8d:cf:e0:77:d2:e2:93:6b:f8:32:eb:e8:66: e8:24:9b:4d:ad:e5:a4:2f:b8:3f:1d:cc:06:aa:6c: 98:0a:e6:54:14:4a:b6:c9:bb:8e:a6:bf:5d:83:36: f9:19:b1:26:97:5a:f4:1f:1e:cc:7c:b2:99:f0:4a: 92:2e:b8:f9:9b:c8:6b:d4:8e:b0:92:fc:74:a8:a5: a2:94:6d:f8:fd:90:cc:b2:22:df:76:26:2b:4a:d4: 0e:31:b0:76:34:bf:4c:ec:c1:e8:4b:e4:ad:aa:af: 8b:66:84:df:7b:c0:0a:41:30:11:84:d5:aa:c0:c8: a7:41:4a:ff:12:48:2a:89:91:59:8c:f6:b8:7a:5d: 19:8f:86:9e:60:7f:83:03:81:b3:f2:17:31:93:a7: fa:b0:90:79:74:b9:93:5d:c5:fa:b1:10:23:aa:c3: 82:ad:85:04:25:72:b6:23:f9:e3:fe:db:d7:5c:53: 39:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:EB:F1:83:93:90:A4:9C:B2:E2:49:88:BC:E3:78:CC:10:60:88:C6 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/cevxg5OQpJyy4kmIvON4zBBgiMY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.41.0/24 Signature Algorithm: sha256WithRSAEncryption 34:e0:8d:3f:aa:fe:94:f3:a5:fa:0e:8c:ec:8d:c3:ad:d0:66: 3a:da:83:00:ef:d2:9b:ec:95:a7:23:8c:eb:0f:ad:ae:4f:0a: 86:4a:2d:50:d6:05:e2:08:61:d9:2c:e2:62:0a:2a:34:74:25: 3c:08:34:08:aa:c8:f8:dd:7b:71:f1:ab:74:43:7d:19:fa:53: 35:cf:51:cf:6b:44:f5:72:77:00:65:0f:3c:28:35:d2:44:47: ce:b9:48:74:02:16:2f:28:0c:20:50:0e:5c:77:c1:66:dd:34: 2e:0d:09:50:4e:81:02:43:14:ef:aa:83:c1:fe:a2:e7:01:61: 54:bc:67:a2:65:de:ea:f9:50:01:1f:5e:b9:28:67:68:c3:ee: 0b:a5:1e:14:06:b3:b5:e6:c1:e9:cc:60:7b:af:d2:ca:a5:6c: 4f:d8:a6:b1:e4:d2:f5:3f:3d:7d:4c:29:66:0c:72:8e:fe:d8: 35:31:81:b7:c3:cd:b3:a6:78:ef:75:eb:54:82:44:0c:da:04: 42:10:04:ac:2d:27:be:9a:91:8e:fa:04:8c:bb:f8:dd:68:20: 84:5a:9d:33:60:3a:93:85:e8:82:32:3f:d1:2e:29:df:6f:53: 25:8f:b5:ed:17:ab:ad:01:69:0f:43:44:4f:b4:5c:6c:10:9e: 91:7c:a3:92 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAjkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MjQw ODQ5MDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDcxRUJGMTgzOTM5MEE0 OUNCMkUyNDk4OEJDRTM3OENDMTA2MDg4QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF+vgwuE892TgXWFaulEQxBA+6Wk63TdeVu3r2ofbyZJx3HjEY 9Yv19yDTMelJhY1IrEJTLJdbooWvjoKvP5B5j8+qcqAmurOTdvw+jc/gd9Lik2v4 MuvoZugkm02t5aQvuD8dzAaqbJgK5lQUSrbJu46mv12DNvkZsSaXWvQfHsx8spnw SpIuuPmbyGvUjrCS/HSopaKUbfj9kMyyIt92JitK1A4xsHY0v0zswehL5K2qr4tm hN97wApBMBGE1arAyKdBSv8SSCqJkVmM9rh6XRmPhp5gf4MDgbPyFzGTp/qwkHl0 uZNdxfqxECOqw4KthQQlcrYj+eP+29dcUzmTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUcevxg5OQpJyy4kmIvON4zBBgiMYwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL2NldnhnNU9RcEp5eTRr bUl2T040ekJCZ2lNWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKLikwDQYJKoZIhvcNAQELBQADggEBADTgjT+q/pTzpfoOjOyNw63QZjragwDv 0pvslacjjOsPra5PCoZKLVDWBeIIYdks4mIKKjR0JTwINAiqyPjde3Hxq3RDfRn6 UzXPUc9rRPVydwBlDzwoNdJER865SHQCFi8oDCBQDlx3wWbdNC4NCVBOgQJDFO+q g8H+oucBYVS8Z6Jl3ur5UAEfXrkoZ2jD7gulHhQGs7XmwenMYHuv0sqlbE/YprHk 0vU/PX1MKWYMco7+2DUxgbfDzbOmeO9161SCRAzaBEIQBKwtJ76akY76BIy7+N1o IIRanTNgOpOF6IIyP9EuKd9vUyWPte0Xq60BaQ9DRE+0XGwQnpF8o5I= -----END CERTIFICATE-----Generated at Sat Apr 26 14:05:16 2025 by rpki-client