$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2716/z_-mi2vV0TR9-JCVpPGMn5f2B5c.roa File: z_-mi2vV0TR9-JCVpPGMn5f2B5c.roa (raw, json) Hash identifier: cw6I0DWgrDMHL2QIcf6U989XLacdwjDG+JXglSLtQgc= Subject key identifier: CF:FF:A6:8B:6B:D5:D1:34:7D:F8:90:95:A4:F1:8C:9F:97:F6:07:97 Certificate issuer: /CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Certificate serial: C4 Authority key identifier: 39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/z_-mi2vV0TR9-JCVpPGMn5f2B5c.roa Signing time: Wed 07 May 2025 09:46:37 +0000 ROA not before: Wed 07 May 2025 09:46:37 +0000 ROA not after: Wed 15 Apr 2026 09:08:30 +0000 asID: 209242 IP address blocks: 45.248.88.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 22:37:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 196 (0xc4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39EE852FE138CDEDC5B42D11A34295D109AD4925 Validity Not Before: May 7 09:46:37 2025 GMT Not After : Apr 15 09:08:30 2026 GMT Subject: CN=CFFFA68B6BD5D1347DF89095A4F18C9F97F60797 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:74:2e:aa:e2:2d:5d:c4:4d:8e:84:70:c0:a9: 19:75:f2:1b:54:b1:fe:03:a7:51:50:9e:a3:24:1d: cc:84:0a:fb:c3:25:47:79:c6:8d:75:e3:d5:c1:35: ac:e9:53:ee:39:56:5e:93:3e:e0:1b:f0:d4:45:7f: 62:ac:15:db:29:d7:92:87:97:7b:75:1b:7d:07:9f: a1:fd:4e:0c:a7:76:fb:c3:23:4d:af:c6:c5:1b:82: f0:92:28:4e:67:06:14:36:a9:58:bd:93:46:61:b0: e6:f6:bd:8e:5e:91:97:94:bf:20:0d:69:4f:60:c8: d6:9e:5b:49:be:8a:ab:ab:d9:04:4c:a0:2a:f5:57: 9d:b7:fe:f2:3c:c1:38:f7:7e:51:ec:de:5c:f4:5d: 38:cf:f6:2e:3d:df:10:ea:e2:dc:c1:6b:36:e3:b9: b7:4e:2a:24:b0:f3:dd:35:20:41:72:07:c7:b1:45: 34:ad:23:df:0b:41:79:e6:51:cb:ee:ed:80:fd:83: f6:79:a5:96:55:13:74:8b:ee:9a:f8:19:54:16:40: 97:46:cd:66:37:47:cd:f2:fc:76:fc:3d:cb:6f:04: ab:97:c2:88:4a:2f:c2:f0:8a:1b:28:02:6f:d3:97: 6e:64:d4:c4:ba:ef:b1:13:75:63:39:ae:dc:47:4a: 1e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:FF:A6:8B:6B:D5:D1:34:7D:F8:90:95:A4:F1:8C:9F:97:F6:07:97 X509v3 Authority Key Identifier: keyid:39:EE:85:2F:E1:38:CD:ED:C5:B4:2D:11:A3:42:95:D1:09:AD:49:25 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Oe6FL-E4ze3FtC0Ro0KV0QmtSSU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2716/z_-mi2vV0TR9-JCVpPGMn5f2B5c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.248.88.0/24 Signature Algorithm: sha256WithRSAEncryption 79:06:c4:b8:72:2c:c5:a7:58:8b:19:c0:fc:3d:09:d0:33:88: fb:06:55:e9:19:d4:f4:d2:2b:74:bd:40:62:7b:5b:0e:d7:32: af:da:44:9e:da:df:3c:aa:00:22:6a:a8:e9:22:39:a8:4f:91: 8f:de:6c:45:c5:22:f5:99:7d:43:b0:6f:5a:e7:bc:63:1e:a7: 04:75:35:3e:03:2c:c8:ed:ea:38:d8:8b:cb:0f:45:a4:58:fb: 33:46:8b:ae:dd:bd:5c:0c:35:f4:7b:a3:6f:26:b9:cb:14:82: 13:cd:e4:8c:da:1e:a7:7d:0b:68:46:40:16:9d:99:80:a2:53: 03:1f:73:21:bf:0b:ad:f4:47:da:80:4e:05:97:20:06:a4:84: b0:f3:89:69:b8:d3:d4:60:48:b3:41:c5:99:02:6f:31:ae:73: 2f:9f:94:07:67:0a:8d:86:ca:7f:75:ff:c4:3c:f8:51:a0:c6: 01:97:dc:12:81:7e:91:67:01:c5:5b:64:ba:ed:dc:8b:61:ac: 0b:ca:d4:14:7b:07:2b:a1:ef:18:cd:22:ab:3c:24:19:84:f7: 7e:29:44:0a:3d:84:26:72:81:ec:35:39:06:5d:ec:c8:e7:55: 84:da:2c:79:dd:9e:ee:7c:b5:25:8c:e7:b2:5c:4c:9e:bb:54: ec:9c:6c:0d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF RTg1MkZFMTM4Q0RFREM1QjQyRDExQTM0Mjk1RDEwOUFENDkyNTAeFw0yNTA1MDcw OTQ2MzdaFw0yNjA0MTUwOTA4MzBaMDMxMTAvBgNVBAMTKENGRkZBNjhCNkJENUQx MzQ3REY4OTA5NUE0RjE4QzlGOTdGNjA3OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmdC6q4i1dxE2OhHDAqRl18htUsf4Dp1FQnqMkHcyECvvDJUd5 xo1149XBNazpU+45Vl6TPuAb8NRFf2KsFdsp15KHl3t1G30Hn6H9TgyndvvDI02v xsUbgvCSKE5nBhQ2qVi9k0ZhsOb2vY5ekZeUvyANaU9gyNaeW0m+iqur2QRMoCr1 V523/vI8wTj3flHs3lz0XTjP9i493xDq4tzBazbjubdOKiSw8901IEFyB8exRTSt I98LQXnmUcvu7YD9g/Z5pZZVE3SL7pr4GVQWQJdGzWY3R83y/Hb8PctvBKuXwohK L8LwihsoAm/Tl25k1MS677ETdWM5rtxHSh6TAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUz/+mi2vV0TR9+JCVpPGMn5f2B5cwHwYDVR0jBBgwFoAUOe6FL+E4ze3FtC0R o0KV0QmtSSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcx Ni9PZTZGTC1FNHplM0Z0QzBSbzBLVjBRbXRTU1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09lNkZMLUU0emUzRnRDMFJvMEtWMFFtdFNTVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MTYvel8tbWkydlYwVFI5 LUpDVnBQR01uNWYyQjVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAC34WDANBgkqhkiG9w0BAQsFAAOCAQEAeQbEuHIsxadYixnA/D0J0DOI+wZV 6RnU9NIrdL1AYntbDtcyr9pEntrfPKoAImqo6SI5qE+Rj95sRcUi9Zl9Q7BvWue8 Yx6nBHU1PgMsyO3qONiLyw9FpFj7M0aLrt29XAw19Hujbya5yxSCE83kjNoep30L aEZAFp2ZgKJTAx9zIb8LrfRH2oBOBZcgBqSEsPOJabjT1GBIs0HFmQJvMa5zL5+U B2cKjYbKf3X/xDz4UaDGAZfcEoF+kWcBxVtkuu3ci2GsC8rUFHsHK6HvGM0iqzwk GYT3filECj2EJnKB7DU5Bl3syOdVhNosed2e7ny1JYznslxMnrtU7JxsDQ== -----END CERTIFICATE-----Generated at Thu May 15 22:22:00 2025 by rpki-client