$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/MtZDpTZ70d2pPcDrnrLfRtErlHs.roa File: MtZDpTZ70d2pPcDrnrLfRtErlHs.roa (raw, json) Hash identifier: kct1KBzlRi9WU8ZnI1ARMiBQfEL2G3rm7rfqc6M11RI= Subject key identifier: 32:D6:43:A5:36:7B:D1:DD:A9:3D:C0:EB:9E:B2:DF:46:D1:2B:94:7B Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Certificate serial: 09 Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/MtZDpTZ70d2pPcDrnrLfRtErlHs.roa Signing time: Wed 09 Apr 2025 07:08:23 +0000 ROA not before: Wed 09 Apr 2025 07:08:23 +0000 ROA not after: Thu 09 Apr 2026 06:33:21 +0000 asID: 9391 IP address blocks: 125.169.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Validity Not Before: Apr 9 07:08:23 2025 GMT Not After : Apr 9 06:33:21 2026 GMT Subject: CN=32D643A5367BD1DDA93DC0EB9EB2DF46D12B947B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f7:d2:f0:d7:12:43:88:b7:c2:73:ff:ec:17: 6f:45:0a:5d:d1:ab:83:d1:e0:08:68:a4:aa:3a:82: f0:d1:00:f2:12:4f:cb:3c:65:c5:ac:9c:fa:05:fe: be:7b:eb:93:cf:39:c5:8c:9c:3a:2b:57:69:56:4f: 45:40:3a:63:aa:c6:0b:db:a1:a2:bd:f2:80:69:44: b4:9c:72:de:3f:23:da:a3:01:6f:d7:22:c8:d0:4f: 95:bc:7e:94:48:4d:bc:7d:b6:34:d9:c2:5f:dc:d3: be:60:d2:df:ce:1d:07:de:2f:50:84:72:cb:e9:64: 54:18:38:ce:bd:30:e7:e8:ad:31:1f:b7:19:4e:53: c4:27:ba:8d:c9:ab:7a:f8:cd:47:ad:a9:a3:49:18: 0b:0a:75:f7:c1:d0:9a:72:b9:03:62:fc:31:f0:8b: ea:ab:fa:af:d9:f0:89:a2:cb:74:9a:b8:de:19:a0: 29:4c:ef:f5:86:77:d9:d8:36:0c:11:3d:0b:52:14: 46:b8:51:a3:d5:9f:cf:cc:f2:76:12:7d:0c:d1:c9: f3:94:cd:21:f5:53:27:a9:1e:6f:a0:29:cd:d6:02: df:85:55:ba:57:f0:d8:59:89:09:86:51:de:b8:2e: cc:bf:80:ec:f4:1c:40:f4:10:f1:c2:4f:e3:4c:f8: 6c:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:D6:43:A5:36:7B:D1:DD:A9:3D:C0:EB:9E:B2:DF:46:D1:2B:94:7B X509v3 Authority Key Identifier: keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/MtZDpTZ70d2pPcDrnrLfRtErlHs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 125.169.0.0/16 Signature Algorithm: sha256WithRSAEncryption a0:6e:90:64:8b:b5:79:11:9a:9c:61:46:96:08:26:ed:f5:4f: ae:5c:bc:38:94:d6:4e:cc:42:e8:5f:2d:b8:66:a8:88:b0:5c: ab:eb:1e:ac:5b:42:f1:a8:e4:da:5a:77:4b:a4:c3:98:6a:e9: fb:38:36:6d:e0:59:43:55:d0:0f:6e:fb:e2:84:b7:56:28:4f: 71:07:19:7a:46:b0:fc:54:28:de:7c:52:56:1c:4c:0d:63:d0: 34:10:30:cb:a2:da:49:17:9d:86:23:d8:c1:02:8f:e1:3f:df: e1:68:a6:46:b1:45:61:6b:0c:da:97:4d:62:6d:52:65:02:39: 7a:01:d1:da:cb:51:45:28:2e:86:8c:4f:79:cd:d5:d2:fd:00: 9d:db:d4:ce:ac:9b:59:f8:06:60:06:17:75:4b:87:07:63:2e: 7d:f4:f7:8f:20:24:b5:25:f5:b3:46:36:06:db:03:6c:db:dc: cd:c7:c2:ea:a0:c9:f4:17:1a:dc:a3:0f:9f:12:6c:ab:97:fe: 77:74:7a:5f:e1:b6:01:09:1a:da:eb:dc:07:03:68:ab:09:b7: 55:64:3d:ba:e5:69:c3:8b:81:aa:9b:ec:53:2c:23:e1:fa:b6: 38:dc:b8:02:c4:11:3d:df:06:0a:4c:b1:d1:4f:5a:91:f8:0a: 81:68:07:54 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyRTI2 NkRDM0VBRDgwRUIyNUQ0OTg1OEE2NERDMUVGMUM4QTFCOTQyMB4XDTI1MDQwOTA3 MDgyM1oXDTI2MDQwOTA2MzMyMVowMzExMC8GA1UEAxMoMzJENjQzQTUzNjdCRDFE REE5M0RDMEVCOUVCMkRGNDZEMTJCOTQ3QjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAL330vDXEkOIt8Jz/+wXb0UKXdGrg9HgCGikqjqC8NEA8hJPyzxl xayc+gX+vnvrk885xYycOitXaVZPRUA6Y6rGC9uhor3ygGlEtJxy3j8j2qMBb9ci yNBPlbx+lEhNvH22NNnCX9zTvmDS384dB94vUIRyy+lkVBg4zr0w5+itMR+3GU5T xCe6jcmrevjNR62po0kYCwp198HQmnK5A2L8MfCL6qv6r9nwiaLLdJq43hmgKUzv 9YZ32dg2DBE9C1IURrhRo9Wfz8zydhJ9DNHJ85TNIfVTJ6keb6ApzdYC34VVulfw 2FmJCYZR3rguzL+A7PQcQPQQ8cJP40z4bJcCAwEAAaOCAe4wggHqMB0GA1UdDgQW BBQy1kOlNnvR3ak9wOuest9G0SuUezAfBgNVHSMEGDAWgBQuJm3D6tgOsl1JhYpk 3B7xyKG5QjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9M aVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL0xpWnR3LXJZRHJKZFNZV0taTndlOGNpaHVVSS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzc2L010WkRwVFo3MGQycFBjRHJu ckxmUnRFcmxIcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwB9 qTANBgkqhkiG9w0BAQsFAAOCAQEAoG6QZIu1eRGanGFGlggm7fVPrly8OJTWTsxC 6F8tuGaoiLBcq+serFtC8ajk2lp3S6TDmGrp+zg2beBZQ1XQD2774oS3VihPcQcZ ekaw/FQo3nxSVhxMDWPQNBAwy6LaSRedhiPYwQKP4T/f4WimRrFFYWsM2pdNYm1S ZQI5egHR2stRRSguhoxPec3V0v0AndvUzqybWfgGYAYXdUuHB2MuffT3jyAktSX1 s0Y2BtsDbNvczcfC6qDJ9Bca3KMPnxJsq5f+d3R6X+G2AQka2uvcBwNoqwm3VWQ9 uuVpw4uBqpvsUywj4fq2ONy4AsQRPd8GCkyx0U9akfgKgWgHVA== -----END CERTIFICATE-----Generated at Sat Apr 26 15:14:51 2025 by rpki-client