$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/r6yuB_mBhrxgJ9oegEz3A-ic9UE.roa File: r6yuB_mBhrxgJ9oegEz3A-ic9UE.roa (raw, json) Hash identifier: wrq5iOM9j+2Qo5lK50hanoFLQKH0hesbfXGxmXDwFxQ= Subject key identifier: AF:AC:AE:07:F9:81:86:BC:60:27:DA:1E:80:4C:F7:03:E8:9C:F5:41 Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 023C Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/r6yuB_mBhrxgJ9oegEz3A-ic9UE.roa Signing time: Thu 24 Apr 2025 08:50:25 +0000 ROA not before: Thu 24 Apr 2025 08:50:25 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 142132 IP address blocks: 202.46.34.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 572 (0x23c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 24 08:50:25 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=AFACAE07F98186BC6027DA1E804CF703E89CF541 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:5d:34:aa:43:ed:52:6e:2a:98:96:a9:18:b1: 1d:27:6e:be:e2:3c:d1:81:55:1e:b8:1e:72:fa:0d: 9d:b4:32:3a:c9:65:dc:c2:c5:2e:e8:e6:3e:a2:65: 34:90:49:7a:84:af:7d:b3:ee:9e:74:4d:d6:9b:3f: c5:54:de:c2:6a:12:01:ef:0b:c1:ea:bc:cf:49:17: 3e:e9:63:fb:57:a7:f9:03:57:fb:d0:5f:d5:c1:1b: 63:03:c2:98:3f:e3:94:a9:c8:43:b3:26:41:36:ca: 33:aa:56:cf:73:af:83:1b:e5:94:d5:a6:fe:81:76: 8c:f8:b6:9a:ea:b4:22:6d:26:79:e7:9f:eb:1f:40: 8a:26:9d:c9:87:49:89:fe:13:6f:da:3e:58:3b:d7: 19:fa:fa:09:9d:63:ec:a9:63:d5:64:c7:aa:b9:5f: 36:9b:4a:50:4d:ed:40:7d:8a:3a:bd:af:7a:76:6c: e5:aa:dd:4f:77:7b:83:84:4d:ff:4f:81:e9:6c:72: 29:ac:14:9a:75:98:d7:f6:03:ad:88:6d:40:0d:bc: 52:73:97:51:f0:38:1a:d9:41:1c:d1:f4:db:da:51: fe:64:1f:23:08:25:bf:10:c7:08:39:c3:04:8f:fc: 77:5b:16:31:f0:95:05:36:37:80:69:dc:95:78:0a: eb:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:AC:AE:07:F9:81:86:BC:60:27:DA:1E:80:4C:F7:03:E8:9C:F5:41 X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/r6yuB_mBhrxgJ9oegEz3A-ic9UE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.34.0/24 Signature Algorithm: sha256WithRSAEncryption 85:b3:9f:53:40:52:ab:69:a6:dc:f2:e6:b8:8d:13:bf:2c:18: d7:d7:b2:08:f7:cd:04:72:f9:68:67:3d:8f:e8:30:44:70:db: f0:41:27:0a:f2:01:c4:c2:e6:ec:e9:c1:2e:69:f3:fc:7f:56: 35:5a:a6:7e:34:e6:f2:79:66:d0:76:8a:9f:fe:f0:ce:02:43: 0e:27:57:58:1b:50:56:97:e8:d9:0d:14:ac:e9:08:7a:5d:d5: f8:64:17:67:c2:83:b3:4a:db:5d:89:9f:54:2d:75:bd:df:34: 73:18:c6:b3:46:c6:58:9c:2a:fd:90:92:67:6c:da:ce:3b:6a: 47:16:05:88:00:49:1d:00:a3:fe:29:04:b8:d6:cf:ca:6a:ba: ee:8d:c8:5a:f9:99:42:2a:67:98:e2:3f:8d:a1:70:05:48:36: 8b:e4:da:f8:03:f6:a5:c3:95:25:e7:09:b6:40:e6:96:ac:74: dd:6f:0e:37:5a:a0:e9:e9:87:70:72:db:ae:7d:08:08:9e:ff: 19:43:13:e9:9f:86:4c:26:c6:aa:4d:cd:67:63:ff:00:3a:f0: ff:23:44:b6:da:af:ea:18:bb:6f:37:f7:e1:e8:9c:e7:3e:00: bc:da:79:1d:5b:f3:63:3c:e1:50:1a:19:a3:d6:ee:55:d1:df: f7:e1:3f:f4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MjQw ODUwMjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFGQUNBRTA3Rjk4MTg2 QkM2MDI3REExRTgwNENGNzAzRTg5Q0Y1NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNXTSqQ+1SbiqYlqkYsR0nbr7iPNGBVR64HnL6DZ20MjrJZdzC xS7o5j6iZTSQSXqEr32z7p50TdabP8VU3sJqEgHvC8HqvM9JFz7pY/tXp/kDV/vQ X9XBG2MDwpg/45SpyEOzJkE2yjOqVs9zr4Mb5ZTVpv6Bdoz4tprqtCJtJnnnn+sf QIomncmHSYn+E2/aPlg71xn6+gmdY+ypY9Vkx6q5XzabSlBN7UB9ijq9r3p2bOWq 3U93e4OETf9PgelscimsFJp1mNf2A62IbUANvFJzl1HwOBrZQRzR9NvaUf5kHyMI Jb8Qxwg5wwSP/HdbFjHwlQU2N4Bp3JV4CustAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUr6yuB/mBhrxgJ9oegEz3A+ic9UEwHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL3I2eXVCX21CaHJ4Z0o5 b2VnRXozQS1pYzlVRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKLiIwDQYJKoZIhvcNAQELBQADggEBAIWzn1NAUqtpptzy5riNE78sGNfXsgj3 zQRy+WhnPY/oMERw2/BBJwryAcTC5uzpwS5p8/x/VjVapn405vJ5ZtB2ip/+8M4C Qw4nV1gbUFaX6NkNFKzpCHpd1fhkF2fCg7NK212Jn1Qtdb3fNHMYxrNGxlicKv2Q kmds2s47akcWBYgASR0Ao/4pBLjWz8pquu6NyFr5mUIqZ5jiP42hcAVINovk2vgD 9qXDlSXnCbZA5pasdN1vDjdaoOnph3By2659CAie/xlDE+mfhkwmxqpNzWdj/wA6 8P8jRLbar+oYu2839+HonOc+ALzaeR1b82M84VAaGaPW7lXR3/fhP/Q= -----END CERTIFICATE-----Generated at Sat Apr 26 14:28:48 2025 by rpki-client