$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/620/tVv5cMahpCShvvtQAhNlPeOQ5Q4.roa File: tVv5cMahpCShvvtQAhNlPeOQ5Q4.roa (raw, json) Hash identifier: TzovdDux1HhYWV4x32czQdkPBpbIvapUkX/AYNoNp5A= Subject key identifier: B5:5B:F9:70:C6:A1:A4:24:A1:BE:FB:50:02:13:65:3D:E3:90:E5:0E Certificate issuer: /CN=309C2A943B28DC0858C39B9208A1609C0973E49A Certificate serial: 0236 Authority key identifier: 30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/tVv5cMahpCShvvtQAhNlPeOQ5Q4.roa Signing time: Thu 24 Apr 2025 08:49:06 +0000 ROA not before: Thu 24 Apr 2025 08:49:06 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 24413 IP address blocks: 202.46.32.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:36:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 566 (0x236) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=309C2A943B28DC0858C39B9208A1609C0973E49A Validity Not Before: Apr 24 08:49:06 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=B55BF970C6A1A424A1BEFB500213653DE390E50E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:dd:23:af:27:61:d3:97:53:ef:ba:70:a1:3a: 99:5d:e1:07:e5:91:4b:06:01:56:15:a5:4a:74:a1: 36:07:1f:e9:96:5e:0a:73:52:31:39:04:26:be:ad: 68:85:bf:bc:4e:9d:ac:a5:c2:34:81:73:a2:7e:33: 3b:f6:de:e6:d8:cd:30:66:78:58:c8:b8:45:8a:0d: b1:10:cd:f9:18:f4:03:8f:5e:94:10:32:a1:c6:b0: c5:c8:9f:47:ea:5c:1d:58:7e:04:60:48:8b:dc:d0: 9e:ad:e5:e0:72:88:5a:8c:00:42:0c:48:8e:d4:a2: be:e5:2c:0c:e5:4f:4d:77:2a:ad:2c:5d:72:92:27: 72:10:c8:78:04:d1:d6:5b:be:64:ef:d3:8c:91:d7: dd:8c:45:88:7f:da:ad:67:52:5c:a2:94:9b:88:3e: eb:25:e8:16:6f:6d:ae:ec:40:19:3d:54:ca:54:90: 9f:8a:6b:5f:64:97:5c:8e:ca:63:c4:e0:ed:cb:00: 2e:5c:8c:5e:89:43:0a:2e:f2:3e:ff:12:bd:91:37: 74:65:b3:61:96:a4:83:7c:cb:cb:4f:3c:26:eb:b7: 71:59:3c:4a:df:88:4a:7a:e6:31:63:71:71:31:56: 43:2a:e8:8b:11:2b:2a:66:0f:e2:e9:f3:6e:c6:87: 8a:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:5B:F9:70:C6:A1:A4:24:A1:BE:FB:50:02:13:65:3D:E3:90:E5:0E X509v3 Authority Key Identifier: keyid:30:9C:2A:94:3B:28:DC:08:58:C3:9B:92:08:A1:60:9C:09:73:E4:9A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/MJwqlDso3AhYw5uSCKFgnAlz5Jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MJwqlDso3AhYw5uSCKFgnAlz5Jo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/620/tVv5cMahpCShvvtQAhNlPeOQ5Q4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.32.0/24 Signature Algorithm: sha256WithRSAEncryption a6:fb:7a:cb:76:67:dc:7a:ee:c6:98:28:31:02:92:bc:20:a8: f0:74:3d:52:22:8f:f1:92:6e:37:d2:44:d0:28:ee:2b:66:ec: 3d:b2:b6:92:0e:4e:31:dc:be:8b:46:6a:44:b6:d1:ae:30:94: 31:b9:60:4a:1a:39:a4:63:d4:29:67:56:3b:b2:70:2c:51:bc: af:1d:06:af:d1:46:8d:e9:f2:61:55:ab:10:36:23:ef:60:54: cc:8d:fa:a5:a2:1e:cc:7a:f0:92:90:09:41:8b:92:b8:cb:26: ed:77:f1:fc:24:d5:32:e4:7f:c0:db:95:91:60:a7:89:1b:5c: 16:c3:c8:e8:a8:47:c4:7f:0f:65:6b:06:e4:69:1a:84:ad:86: c7:4b:89:b2:14:63:4c:ba:a2:14:7c:6f:aa:06:dc:04:0f:2a: ab:6d:da:bc:a5:c2:e7:86:73:17:ec:ff:fa:48:1f:93:0a:ea: 19:fe:63:ec:a6:25:3d:0c:07:8a:26:f6:55:6e:9d:f6:d0:e7: a8:36:ac:8f:bf:6b:57:7e:ce:ad:6c:e3:53:f2:29:15:aa:49: d8:1d:be:02:ac:9e:d6:8b:f9:f7:18:2c:34:6f:be:5f:77:b1: 09:ea:67:0d:0c:7a:45:bb:f3:c2:f0:a0:22:74:c5:5d:36:4f: b7:a2:42:f8 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICAjYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzA5 QzJBOTQzQjI4REMwODU4QzM5QjkyMDhBMTYwOUMwOTczRTQ5QTAeFw0yNTA0MjQw ODQ5MDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEI1NUJGOTcwQzZBMUE0 MjRBMUJFRkI1MDAyMTM2NTNERTM5MEU1MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDG3SOvJ2HTl1PvunChOpld4QflkUsGAVYVpUp0oTYHH+mWXgpz UjE5BCa+rWiFv7xOnaylwjSBc6J+Mzv23ubYzTBmeFjIuEWKDbEQzfkY9AOPXpQQ MqHGsMXIn0fqXB1YfgRgSIvc0J6t5eByiFqMAEIMSI7Uor7lLAzlT013Kq0sXXKS J3IQyHgE0dZbvmTv04yR192MRYh/2q1nUlyilJuIPusl6BZvba7sQBk9VMpUkJ+K a19kl1yOymPE4O3LAC5cjF6JQwou8j7/Er2RN3Rls2GWpIN8y8tPPCbrt3FZPErf iEp65jFjcXExVkMq6IsRKypmD+Lp827Gh4rBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUtVv5cMahpCShvvtQAhNlPeOQ5Q4wHwYDVR0jBBgwFoAUMJwqlDso3AhYw5uS CKFgnAlz5JowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIw L01Kd3FsRHNvM0FoWXc1dVNDS0ZnbkFsejVKby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTUp3cWxEc28zQWhZdzV1U0NLRmduQWx6NUpvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjIwL3RWdjVjTWFocENTaHZ2 dFFBaE5sUGVPUTVRNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKLiAwDQYJKoZIhvcNAQELBQADggEBAKb7est2Z9x67saYKDECkrwgqPB0PVIi j/GSbjfSRNAo7itm7D2ytpIOTjHcvotGakS20a4wlDG5YEoaOaRj1ClnVjuycCxR vK8dBq/RRo3p8mFVqxA2I+9gVMyN+qWiHsx68JKQCUGLkrjLJu138fwk1TLkf8Db lZFgp4kbXBbDyOioR8R/D2VrBuRpGoSthsdLibIUY0y6ohR8b6oG3AQPKqtt2ryl wueGcxfs//pIH5MK6hn+Y+ymJT0MB4om9lVunfbQ56g2rI+/a1d+zq1s41PyKRWq SdgdvgKsntaL+fcYLDRvvl93sQnqZw0MekW788LwoCJ0xV02T7eiQvg= -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:34 2025 by rpki-client