$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1826/hXR5z3cQZ9bSvOTA0Gcls8hBMkA.roa File: hXR5z3cQZ9bSvOTA0Gcls8hBMkA.roa (raw, json) Hash identifier: vppM1xbYB/LB5Zq4bW2pZgSjjPSW++xM/rdtdOXSSUw= Subject key identifier: 85:74:79:CF:77:10:67:D6:D2:BC:E4:C0:D0:67:25:B3:C8:41:32:40 Certificate issuer: /CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F Certificate serial: 14BF Authority key identifier: 75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/hXR5z3cQZ9bSvOTA0Gcls8hBMkA.roa Signing time: Sun 27 Apr 2025 09:29:37 +0000 ROA not before: Sun 27 Apr 2025 09:29:37 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 152320 IP address blocks: 45.254.25.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 12 May 2025 06:10:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5311 (0x14bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F Validity Not Before: Apr 27 09:29:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=857479CF771067D6D2BCE4C0D06725B3C8413240 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:c5:4d:3a:01:ed:88:98:81:23:c2:7b:ab:41: a9:fc:52:a5:0b:34:4a:c7:e2:cd:2b:ce:62:e2:ba: ab:9f:dd:b1:ad:e9:19:0a:c8:ac:ce:5e:7c:61:f9: 56:22:4e:de:ac:ac:c9:b0:0b:9c:70:ad:3c:65:c6: 20:a3:67:13:fb:14:4b:8d:a2:86:62:d7:31:59:b2: fe:dc:3f:dc:ce:1c:b8:d2:0c:d2:c2:37:f3:4b:56: 09:ed:39:46:64:7e:df:33:f9:d8:82:c3:49:44:fe: cd:28:20:1d:fb:10:75:63:bc:bb:f1:c4:f3:79:68: eb:0f:67:98:bb:3d:9f:c8:82:d0:3e:9e:8d:05:54: d0:9a:68:4b:50:10:e3:2f:11:ce:20:e1:47:e8:50: 75:64:9d:cf:02:d7:bd:4e:f0:b8:ca:89:d1:27:4a: 60:b0:07:65:6d:5a:ad:0f:af:b7:8e:b9:ad:99:d0: 8e:52:7a:2d:71:fa:01:c4:cb:53:3a:71:71:53:16: c9:bc:fc:5b:65:cc:ea:2c:9e:4d:d0:02:c1:be:09: a9:6e:e4:be:b1:09:38:13:2d:30:ca:00:d4:af:7f: a5:7d:29:46:68:c8:e5:dc:22:b2:33:39:48:f7:04: a8:9f:89:38:2f:8e:3f:5f:a6:d6:85:ab:e1:ac:09: 90:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:74:79:CF:77:10:67:D6:D2:BC:E4:C0:D0:67:25:B3:C8:41:32:40 X509v3 Authority Key Identifier: keyid:75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/hXR5z3cQZ9bSvOTA0Gcls8hBMkA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.254.25.0/24 Signature Algorithm: sha256WithRSAEncryption 02:5d:f4:55:c2:bc:71:c6:e5:1a:2e:b9:22:8d:c5:b7:57:ed: 42:69:2a:2a:10:8e:d1:60:49:7e:56:34:89:e0:8e:9c:c5:0d: 5e:35:5d:59:c8:cf:ab:59:8d:ef:94:5a:9a:b0:5c:aa:63:56: 0e:4d:dc:99:d4:78:b1:3c:8d:46:df:bb:b6:e6:47:cd:a9:09: 41:b4:64:56:9c:9c:3c:af:5a:49:16:6d:fd:a6:16:a9:c1:e1: f1:0c:a5:40:18:04:c8:91:9d:d6:37:6b:f4:47:e6:f7:b9:91: 41:44:ce:6c:d0:7b:fa:ae:6b:e2:30:9a:e8:13:e0:ff:a8:33: 0c:bc:15:25:a0:6a:1d:f1:0e:0c:26:d9:86:e9:f2:27:ee:36: e1:e0:43:40:fa:ab:80:1f:9a:63:2f:42:9a:1a:09:8a:59:4e: d6:32:d3:99:13:5e:77:84:78:0a:71:6a:29:08:82:94:73:a3: 20:d5:11:69:85:25:33:d6:df:86:45:9a:65:aa:6d:a7:09:de: b8:4b:a7:f0:e8:89:3e:cd:09:3d:41:e4:1f:a5:df:8d:00:72: c0:cb:95:62:14:d9:d4:13:ba:2e:ba:7d:56:0f:b1:44:07:6d: f6:e6:cc:2d:c5:87:1d:63:e1:01:e7:20:6c:72:67:f1:45:ba: 90:ed:de:e4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFL8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzUz MjREM0I4RjFENUVCQTU3NzBFNjYxRUUxNkFGMjRBNzUwNTU0RjAeFw0yNTA0Mjcw OTI5MzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg1NzQ3OUNGNzcxMDY3 RDZEMkJDRTRDMEQwNjcyNUIzQzg0MTMyNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMxU06Ae2ImIEjwnurQan8UqULNErH4s0rzmLiuquf3bGt6RkK yKzOXnxh+VYiTt6srMmwC5xwrTxlxiCjZxP7FEuNooZi1zFZsv7cP9zOHLjSDNLC N/NLVgntOUZkft8z+diCw0lE/s0oIB37EHVjvLvxxPN5aOsPZ5i7PZ/IgtA+no0F VNCaaEtQEOMvEc4g4UfoUHVknc8C171O8LjKidEnSmCwB2VtWq0Pr7eOua2Z0I5S ei1x+gHEy1M6cXFTFsm8/FtlzOosnk3QAsG+Calu5L6xCTgTLTDKANSvf6V9KUZo yOXcIrIzOUj3BKifiTgvjj9fptaFq+GsCZBNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUhXR5z3cQZ9bSvOTA0Gcls8hBMkAwHwYDVR0jBBgwFoAUdTJNO48dXrpXcOZh 7havJKdQVU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy Ni9kVEpOTzQ4ZFhycFhjT1poN2hhdkpLZFFWVTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2RUSk5PNDhkWHJwWGNPWmg3aGF2SktkUVZVOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjYvaFhSNXozY1FaOWJT dk9UQTBHY2xzOGhCTWtBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC3+GTANBgkqhkiG9w0BAQsFAAOCAQEAAl30VcK8ccblGi65Io3Ft1ftQmkq KhCO0WBJflY0ieCOnMUNXjVdWcjPq1mN75RamrBcqmNWDk3cmdR4sTyNRt+7tuZH zakJQbRkVpycPK9aSRZt/aYWqcHh8QylQBgEyJGd1jdr9Efm97mRQUTObNB7+q5r 4jCa6BPg/6gzDLwVJaBqHfEODCbZhunyJ+424eBDQPqrgB+aYy9CmhoJillO1jLT mRNed4R4CnFqKQiClHOjINURaYUlM9bfhkWaZaptpwneuEun8OiJPs0JPUHkH6Xf jQBywMuVYhTZ1BO6Lrp9Vg+xRAdt9ubMLcWHHWPhAecgbHJn8UW6kO3e5A== -----END CERTIFICATE-----Generated at Mon May 12 04:04:03 2025 by rpki-client