$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/rJq0JCq-nYCiaPtjdTG4aGX_lew.roa File: rJq0JCq-nYCiaPtjdTG4aGX_lew.roa (raw, json) Hash identifier: pRKxjBukzQitNjXwkG8mzwM2l2UavR4iKrfomRa7B/c= Subject key identifier: AC:9A:B4:24:2A:BE:9D:80:A2:68:FB:63:75:31:B8:68:65:FF:95:EC Certificate issuer: /CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Certificate serial: 14C9 Authority key identifier: DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/rJq0JCq-nYCiaPtjdTG4aGX_lew.roa Signing time: Wed 09 Apr 2025 06:48:36 +0000 ROA not before: Wed 09 Apr 2025 06:48:36 +0000 ROA not after: Thu 09 Apr 2026 06:41:24 +0000 asID: 34549 IP address blocks: 114.66.214.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:06:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5321 (0x14c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DC6892E3620DD0F1FD62982E118E29757DC8CB3D Validity Not Before: Apr 9 06:48:36 2025 GMT Not After : Apr 9 06:41:24 2026 GMT Subject: CN=AC9AB4242ABE9D80A268FB637531B86865FF95EC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:4d:90:8a:d8:b0:f8:2d:94:df:b0:b7:98:df: d8:5d:e4:82:80:c3:6d:bf:0d:c1:6a:98:a1:c5:13: 28:9e:a7:e1:5f:b6:25:96:d6:79:91:f9:27:b6:ad: 45:6e:b6:0e:54:2d:5f:90:72:ac:cd:01:0f:b3:fe: 1e:71:8a:bc:b8:3a:71:99:dd:e9:0d:10:83:83:54: de:4a:48:8f:88:fa:2f:5c:eb:f4:dd:ce:09:57:92: d1:93:3f:89:84:53:53:8c:18:39:c2:cd:d3:ea:f6: 12:ee:11:26:c8:ba:61:1e:1d:67:c7:d1:38:8f:f9: d4:c1:3a:cf:8c:72:3e:f8:64:8a:59:88:e0:72:a5: 74:a5:ea:c0:5c:52:d1:d2:0c:3e:46:cd:c1:a8:51: d0:8a:99:22:50:bf:85:02:43:06:5f:dd:eb:4e:2e: e8:1a:6e:58:f8:4b:ff:4d:0c:73:ba:9d:a1:3c:4e: 1f:3f:29:45:eb:b8:06:91:45:00:c1:12:51:89:ba: f4:70:b6:80:5e:63:2b:57:1e:e3:48:f9:8b:75:7a: 4f:6f:c7:07:ad:61:f1:be:5c:e9:78:07:b4:3e:1c: 47:61:55:58:de:63:e7:fa:53:1e:c7:f5:f3:03:2a: dd:44:09:e7:da:b7:16:3d:cc:64:90:0b:e5:e1:65: 07:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:9A:B4:24:2A:BE:9D:80:A2:68:FB:63:75:31:B8:68:65:FF:95:EC X509v3 Authority Key Identifier: keyid:DC:68:92:E3:62:0D:D0:F1:FD:62:98:2E:11:8E:29:75:7D:C8:CB:3D X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/3GiS42IN0PH9YpguEY4pdX3Iyz0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3GiS42IN0PH9YpguEY4pdX3Iyz0.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/rJq0JCq-nYCiaPtjdTG4aGX_lew.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.66.214.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:22:60:5e:55:c1:0d:09:55:64:5b:18:bb:6b:68:42:a0:9c: 1a:2e:ba:1a:72:a0:af:49:24:d6:f0:50:f0:3e:a9:97:d2:97: 6a:a7:6b:8f:00:6c:e1:72:01:0c:59:d6:51:be:06:48:d9:74: 36:49:2f:25:65:2a:9a:4c:0e:b2:a4:37:84:d7:e2:d2:38:c1: 90:71:d9:17:96:27:0c:af:23:c0:fc:e9:8d:b0:d0:77:c8:98: 82:40:c1:9a:f1:5a:de:b2:06:28:15:c4:bb:07:f4:26:60:6e: 8f:b5:5f:11:a0:0e:e0:ca:ac:a1:98:1a:17:41:3e:ce:0f:90: 11:f8:80:0c:5a:be:e9:24:da:4d:1a:5a:dc:3b:b8:d0:f0:b4: d6:08:3d:fe:5d:e6:48:a2:43:b8:ac:66:fe:8c:0d:3e:6b:39: 74:7e:ea:62:22:d0:a8:2a:d7:61:7f:66:ee:88:9f:52:05:ba: 97:e6:9e:2e:06:1d:0a:e9:9c:fe:a6:0a:7c:3a:01:71:4e:71: e1:c1:34:46:38:9e:88:5e:0f:ae:50:ab:71:ef:2c:8a:23:0a: 24:0b:19:52:be:cf:f7:4a:c9:66:c8:4b:f1:44:ad:08:97:dd: 3f:de:ee:9a:59:a8:c4:16:64:7e:e8:74:ad:5f:b4:cc:b1:94: 99:15:c8:7b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREM2 ODkyRTM2MjBERDBGMUZENjI5ODJFMTE4RTI5NzU3REM4Q0IzRDAeFw0yNTA0MDkw NjQ4MzZaFw0yNjA0MDkwNjQxMjRaMDMxMTAvBgNVBAMTKEFDOUFCNDI0MkFCRTlE ODBBMjY4RkI2Mzc1MzFCODY4NjVGRjk1RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD4TZCK2LD4LZTfsLeY39hd5IKAw22/DcFqmKHFEyiep+FftiWW 1nmR+Se2rUVutg5ULV+QcqzNAQ+z/h5xiry4OnGZ3ekNEIODVN5KSI+I+i9c6/Td zglXktGTP4mEU1OMGDnCzdPq9hLuESbIumEeHWfH0TiP+dTBOs+Mcj74ZIpZiOBy pXSl6sBcUtHSDD5GzcGoUdCKmSJQv4UCQwZf3etOLugablj4S/9NDHO6naE8Th8/ KUXruAaRRQDBElGJuvRwtoBeYytXHuNI+Yt1ek9vxwetYfG+XOl4B7Q+HEdhVVje Y+f6Ux7H9fMDKt1ECefatxY9zGSQC+XhZQfPAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUrJq0JCq+nYCiaPtjdTG4aGX/lewwHwYDVR0jBBgwFoAU3GiS42IN0PH9Ypgu EY4pdX3Iyz0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS8zR2lTNDJJTjBQSDlZcGd1RVk0cGRYM0l5ejAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNHaVM0MklOMFBIOVlwZ3VFWTRwZFgzSXl6MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvckpxMEpDcS1uWUNp YVB0amRURzRhR1hfbGV3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJC1jANBgkqhkiG9w0BAQsFAAOCAQEASiJgXlXBDQlVZFsYu2toQqCcGi66 GnKgr0kk1vBQ8D6pl9KXaqdrjwBs4XIBDFnWUb4GSNl0NkkvJWUqmkwOsqQ3hNfi 0jjBkHHZF5YnDK8jwPzpjbDQd8iYgkDBmvFa3rIGKBXEuwf0JmBuj7VfEaAO4Mqs oZgaF0E+zg+QEfiADFq+6STaTRpa3Du40PC01gg9/l3mSKJDuKxm/owNPms5dH7q YiLQqCrXYX9m7oifUgW6l+aeLgYdCumc/qYKfDoBcU5x4cE0RjieiF4PrlCrce8s iiMKJAsZUr7P90rJZshL8UStCJfdP97umlmoxBZkfuh0rV+0zLGUmRXIew== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:25 2025 by rpki-client on console.sobornost.net