$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/l5nUWeN92cd3JFn9Sc3V8XNoyn8.roa File: l5nUWeN92cd3JFn9Sc3V8XNoyn8.roa (raw, json) Hash identifier: 5oisv+ANdee4sV0PH+IN9kvzfrdxZ5UuhIOmlifariI= Subject key identifier: 97:99:D4:59:E3:7D:D9:C7:77:24:59:FD:49:CD:D5:F1:73:68:CA:7F Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 01B0 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/l5nUWeN92cd3JFn9Sc3V8XNoyn8.roa Signing time: Tue 01 Apr 2025 18:10:26 +0000 ROA not before: Tue 01 Apr 2025 18:10:26 +0000 ROA not after: Tue 13 Jan 2026 01:35:26 +0000 asID: 142132 IP address blocks: 114.28.233.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 432 (0x1b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 1 18:10:26 2025 GMT Not After : Jan 13 01:35:26 2026 GMT Subject: CN=9799D459E37DD9C7772459FD49CDD5F17368CA7F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:95:f6:c7:9f:5a:8e:d6:3f:8e:0d:0a:53:1d: fb:f5:49:7b:06:99:c9:2c:6f:e8:f2:2f:e0:cd:ed: ec:67:55:f2:08:ef:7c:07:48:34:81:4a:5a:18:f8: e3:62:bd:5e:6a:6c:de:5a:a3:d2:cf:d5:32:84:4e: 8f:61:b7:25:4e:1e:9e:c8:f8:02:d7:e0:a7:e4:92: 0a:4e:6f:41:04:a6:d7:82:01:c1:c7:af:8f:28:5d: 7e:95:3e:6b:0e:66:ea:3e:00:8f:05:66:95:ed:93: b9:4a:67:cc:b7:80:f7:4f:2e:3e:a2:fa:42:83:2f: bc:49:81:7f:66:7e:c5:53:fb:c8:6b:fa:e8:88:15: aa:40:2b:07:90:eb:92:f0:c8:86:fd:18:32:81:c3: f0:16:9e:c9:9a:1e:b5:24:94:28:a9:31:bb:c9:c3: 7e:31:32:9d:68:38:da:93:df:ab:e8:08:0c:cd:b0: 4e:63:c7:8e:61:5a:79:d1:99:00:d9:33:36:22:6d: 1b:d5:e0:61:56:b8:d0:33:06:ab:30:e4:86:9f:d2: 77:21:69:2b:e5:ef:94:52:2c:06:5e:57:bd:fa:d0: ee:db:07:5a:3e:ff:36:5a:55:08:a5:77:eb:d1:3e: 12:38:21:98:a3:15:03:44:0a:60:a8:ab:4c:f1:88: 4c:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:99:D4:59:E3:7D:D9:C7:77:24:59:FD:49:CD:D5:F1:73:68:CA:7F X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/l5nUWeN92cd3JFn9Sc3V8XNoyn8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.28.233.0/24 Signature Algorithm: sha256WithRSAEncryption d6:04:6b:d1:c1:f2:54:4b:aa:54:9e:a8:c2:bb:13:c3:89:0f: e8:13:c6:89:78:bd:2d:ec:85:19:8d:e2:cc:22:95:09:20:cd: 67:e8:0f:29:c4:60:d1:a9:85:d9:16:cd:53:cc:f0:7e:36:4b: 1a:f0:0a:60:71:c3:dd:23:e0:a9:d2:50:db:e5:33:ba:0b:07: fa:9a:18:97:62:e3:2b:c8:be:2e:78:5c:0c:d4:a7:be:46:2c: 2c:57:64:4a:f5:c7:11:c5:b4:3e:17:b8:80:26:fb:dd:76:fe: 6e:0d:01:9f:40:79:77:2b:2b:12:6e:2d:d3:a7:e2:8a:ba:8d: d7:13:4d:4a:53:af:52:4a:29:19:d1:3d:ac:11:ee:8b:55:2b: cb:ac:17:50:86:07:83:1f:42:12:76:1a:11:ef:0f:cd:aa:9e: 25:5b:71:0d:99:2e:16:19:fa:94:98:4b:19:d1:f1:37:9c:9f: 7d:bb:7d:8a:1c:c0:9a:cc:5f:de:41:fc:23:32:de:11:d3:b3: 2a:0c:5d:f9:b7:6f:6a:39:a8:c9:14:2b:b3:98:3a:cc:28:58: c0:35:c1:92:74:25:9b:ad:ea:fe:5e:58:4e:a0:df:35:db:5a: d6:d7:ba:01:5a:1b:28:88:36:82:f9:40:87:e7:37:4a:0a:b5: bf:19:2e:75 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MDEx ODEwMjZaFw0yNjAxMTMwMTM1MjZaMDMxMTAvBgNVBAMTKDk3OTlENDU5RTM3REQ5 Qzc3NzI0NTlGRDQ5Q0RENUYxNzM2OENBN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCVlfbHn1qO1j+ODQpTHfv1SXsGmcksb+jyL+DN7exnVfII73wH SDSBSloY+ONivV5qbN5ao9LP1TKETo9htyVOHp7I+ALX4KfkkgpOb0EEpteCAcHH r48oXX6VPmsOZuo+AI8FZpXtk7lKZ8y3gPdPLj6i+kKDL7xJgX9mfsVT+8hr+uiI FapAKweQ65LwyIb9GDKBw/AWnsmaHrUklCipMbvJw34xMp1oONqT36voCAzNsE5j x45hWnnRmQDZMzYibRvV4GFWuNAzBqsw5Iaf0nchaSvl75RSLAZeV7360O7bB1o+ /zZaVQild+vRPhI4IZijFQNECmCoq0zxiEy5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUl5nUWeN92cd3JFn9Sc3V8XNoyn8wHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL2w1blVXZU45MmNkM0pG bjlTYzNWOFhOb3luOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAByHOkwDQYJKoZIhvcNAQELBQADggEBANYEa9HB8lRLqlSeqMK7E8OJD+gTxol4 vS3shRmN4swilQkgzWfoDynEYNGphdkWzVPM8H42SxrwCmBxw90j4KnSUNvlM7oL B/qaGJdi4yvIvi54XAzUp75GLCxXZEr1xxHFtD4XuIAm+912/m4NAZ9AeXcrKxJu LdOn4oq6jdcTTUpTr1JKKRnRPawR7otVK8usF1CGB4MfQhJ2GhHvD82qniVbcQ2Z LhYZ+pSYSxnR8Tecn327fYocwJrMX95B/CMy3hHTsyoMXfm3b2o5qMkUK7OYOswo WMA1wZJ0JZut6v5eWE6g3zXbWtbXugFaGyiINoL5QIfnN0oKtb8ZLnU= -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:46 2025 by rpki-client