$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/kGqizEN9BiXKNNQ9yNJogseQMI4.roa File: kGqizEN9BiXKNNQ9yNJogseQMI4.roa (raw, json) Hash identifier: Jj79TOIXBeTybk08mL3v4LtSKPltU7N+KVAbvAEyKJY= Subject key identifier: 90:6A:A2:CC:43:7D:06:25:CA:34:D4:3D:C8:D2:68:82:C7:90:30:8E Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 1E45 Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/kGqizEN9BiXKNNQ9yNJogseQMI4.roa Signing time: Mon 12 May 2025 01:41:22 +0000 ROA not before: Mon 12 May 2025 01:41:22 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 123.49.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 07:08:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7749 (0x1e45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: May 12 01:41:22 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=906AA2CC437D0625CA34D43DC8D26882C790308E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:f7:53:d1:cb:41:15:a4:15:25:a7:81:1c:7c: 3b:0e:bd:e0:2b:16:61:15:f1:33:a0:08:3e:9f:32: 17:ff:fc:77:19:78:5b:79:47:0a:99:08:58:c3:be: 31:85:e8:94:9d:b9:0d:4a:30:b6:52:26:f3:73:c3: 41:e9:65:e0:9d:4d:8c:fd:21:2e:e0:d7:af:72:07: 12:6a:3b:c1:8a:20:57:2a:98:e2:9b:96:45:5b:8e: 0e:82:41:0e:9f:11:a4:d9:94:5d:a3:29:42:7a:87: e0:b1:56:8f:5a:81:45:bd:f7:c8:b7:48:db:51:d6: 7f:ab:21:55:2b:84:ae:ca:18:4d:61:48:d5:cf:b1: bb:4f:87:71:8c:de:4d:93:8d:20:7b:e1:85:a0:07: fb:45:e0:e4:e5:d4:e0:eb:7e:fc:56:af:94:ec:79: 15:40:c7:ad:46:6d:59:de:7f:57:89:4a:3a:7f:68: 14:27:1e:12:0f:a9:72:c9:38:40:2d:3d:b7:ae:37: 53:ed:73:55:9f:be:7e:19:89:9e:36:58:32:36:0d: 7b:39:cd:90:1e:86:eb:09:95:bc:ac:b8:e0:cd:cd: 4f:89:10:e3:5d:36:a3:79:88:37:f7:12:09:0b:b7: 05:7e:06:64:fb:21:a2:01:22:8b:90:fe:a3:a5:ce: b2:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:6A:A2:CC:43:7D:06:25:CA:34:D4:3D:C8:D2:68:82:C7:90:30:8E X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/kGqizEN9BiXKNNQ9yNJogseQMI4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.245.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:2d:7d:e6:d4:bd:51:6d:4e:7f:a0:98:c4:6e:bf:52:ba:c9: a1:5c:db:d1:1d:a9:6f:3a:5d:91:e0:2c:8d:58:e8:66:46:a8: 2e:05:87:ae:0d:b1:ec:9c:eb:59:e5:da:8c:0e:11:25:16:9c: 03:b1:97:7c:64:6b:ba:72:2d:6f:96:f4:e5:2a:c4:46:f1:7f: b7:4c:61:6b:13:23:71:1e:cf:8a:e6:b0:f0:c5:c8:4e:8b:63: ab:8c:51:74:b3:d8:56:da:19:57:eb:0a:a9:55:d7:a4:e0:c6: c6:10:e5:da:55:a6:f3:85:ce:46:25:9e:ad:99:65:ca:bc:3e: a9:ed:c5:27:fd:91:88:52:93:9c:22:4e:f0:d6:68:6c:08:7b: 08:cb:3f:6e:05:ed:d1:ba:92:19:18:6b:f2:0f:43:9d:30:a4: 22:cc:88:d6:64:91:f8:8d:50:ac:39:a0:ca:e4:09:0f:88:32: e0:b2:e9:50:9d:5a:f8:40:a2:53:da:07:8d:3f:b6:93:12:d8: a3:e6:7a:9e:e4:60:4e:1e:42:30:b2:8e:61:ce:50:85:aa:51: 47:a6:08:be:3e:b8:8c:5b:9a:95:0b:ee:3b:2b:84:31:b1:ab: 72:5d:a4:8d:c5:14:e0:f0:a6:cd:ce:ca:30:f0:f6:b5:3f:ff: f1:84:89:73 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTA1MTIw MTQxMjJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDkwNkFBMkNDNDM3RDA2 MjVDQTM0RDQzREM4RDI2ODgyQzc5MDMwOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB91PRy0EVpBUlp4EcfDsOveArFmEV8TOgCD6fMhf//HcZeFt5 RwqZCFjDvjGF6JSduQ1KMLZSJvNzw0HpZeCdTYz9IS7g169yBxJqO8GKIFcqmOKb lkVbjg6CQQ6fEaTZlF2jKUJ6h+CxVo9agUW998i3SNtR1n+rIVUrhK7KGE1hSNXP sbtPh3GM3k2TjSB74YWgB/tF4OTl1ODrfvxWr5TseRVAx61GbVnef1eJSjp/aBQn HhIPqXLJOEAtPbeuN1Ptc1Wfvn4ZiZ42WDI2DXs5zZAehusJlbysuODNzU+JEONd NqN5iDf3EgkLtwV+BmT7IaIBIouQ/qOlzrJ5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUkGqizEN9BiXKNNQ9yNJogseQMI4wHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIva0dxaXpFTjlCaVhL Tk5ROXlOSm9nc2VRTUk0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHsx9TANBgkqhkiG9w0BAQsFAAOCAQEAHS195tS9UW1Of6CYxG6/UrrJoVzb 0R2pbzpdkeAsjVjoZkaoLgWHrg2x7JzrWeXajA4RJRacA7GXfGRrunItb5b05SrE RvF/t0xhaxMjcR7Piuaw8MXITotjq4xRdLPYVtoZV+sKqVXXpODGxhDl2lWm84XO RiWerZllyrw+qe3FJ/2RiFKTnCJO8NZobAh7CMs/bgXt0bqSGRhr8g9DnTCkIsyI 1mSR+I1QrDmgyuQJD4gy4LLpUJ1a+ECiU9oHjT+2kxLYo+Z6nuRgTh5CMLKOYc5Q hapRR6YIvj64jFualQvuOyuEMbGrcl2kjcUU4PCmzc7KMPD2tT//8YSJcw== -----END CERTIFICATE-----Generated at Sat May 17 07:08:26 2025 by rpki-client