$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3095/JWAbmisU8wIqnmmqtxpSY6nlvmg.roa File: JWAbmisU8wIqnmmqtxpSY6nlvmg.roa (raw, json) Hash identifier: M6ZEJXeP2mplEI0xPQ/L0+xkcP2jCw8ncIz/pCIBIhM= Subject key identifier: 25:60:1B:9A:2B:14:F3:02:2A:9E:69:AA:B7:1A:52:63:A9:E5:BE:68 Certificate issuer: /CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Certificate serial: 0AF8 Authority key identifier: CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/JWAbmisU8wIqnmmqtxpSY6nlvmg.roa Signing time: Fri 11 Apr 2025 01:19:40 +0000 ROA not before: Fri 11 Apr 2025 01:19:40 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 135061 IP address blocks: 202.46.232.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:38:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2808 (0xaf8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CB16707EAF0BDFD1326AFD9BDEC6AFFA6E63BA98 Validity Not Before: Apr 11 01:19:40 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=25601B9A2B14F3022A9E69AAB71A5263A9E5BE68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:a6:39:fe:a1:26:0f:b0:43:bd:50:5e:04:4a: 99:92:c4:e1:ea:87:b7:90:90:32:df:2a:e3:e3:64: a3:11:b9:79:ee:2c:59:e6:cd:79:f8:dc:aa:0e:ee: a8:c4:f1:15:64:85:92:79:7f:27:14:91:48:96:e8: cc:18:05:22:32:35:1f:aa:10:0c:2b:1c:77:15:fd: 69:7e:0c:63:db:9c:e5:83:99:be:dc:ed:19:64:b1: a7:76:fc:13:76:94:98:e1:87:29:93:7c:b4:50:8a: 2d:b2:f6:c4:75:2f:58:3e:9b:55:3a:f2:95:e2:fc: 3f:b1:d7:f0:fd:69:cd:98:5c:82:a0:c3:04:ab:a7: 6f:0d:e3:38:6a:17:74:33:a4:ed:0c:54:86:c1:b7: c9:4a:13:5e:ef:86:2b:56:54:a1:a0:35:58:96:d9: c6:48:04:aa:af:d2:8d:76:17:0c:33:16:d8:54:78: 5a:1a:1d:4b:0a:48:5a:aa:ba:16:b5:9c:a8:b8:83: eb:66:7a:3f:36:c2:a1:e4:53:a2:db:4a:89:54:fe: 52:8d:92:6d:b3:14:09:30:a2:28:67:63:02:5f:9f: 9c:3c:1d:46:15:c4:83:8e:3e:c2:aa:3e:96:c8:da: ba:ac:30:22:58:85:5f:ce:37:ff:6d:60:ec:79:13: e3:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:60:1B:9A:2B:14:F3:02:2A:9E:69:AA:B7:1A:52:63:A9:E5:BE:68 X509v3 Authority Key Identifier: keyid:CB:16:70:7E:AF:0B:DF:D1:32:6A:FD:9B:DE:C6:AF:FA:6E:63:BA:98 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/yxZwfq8L39Eyav2b3sav-m5jupg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yxZwfq8L39Eyav2b3sav-m5jupg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3095/JWAbmisU8wIqnmmqtxpSY6nlvmg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.46.232.0/23 Signature Algorithm: sha256WithRSAEncryption 01:82:35:de:cf:95:96:11:b7:e6:f2:80:64:36:78:27:75:2d: 81:00:1c:60:e0:3b:5d:c3:52:f8:c1:f4:4a:2d:3c:fa:98:ea: 27:19:d6:36:80:72:18:85:d5:51:fb:95:b7:cd:9b:fe:9f:68: 3d:83:54:42:17:15:b3:fb:ff:f5:0d:84:d4:66:b1:d1:7c:89: 01:e1:26:a9:f6:4a:1f:c0:97:87:d9:34:66:23:d4:65:2f:c1: 2f:bf:96:62:9d:bc:ae:1b:44:29:b4:30:2a:52:e8:8b:1f:f4: 92:f6:91:69:a0:cb:e8:1c:bd:ce:e0:c0:e6:ab:8b:b0:73:fe: 34:44:10:84:c9:38:f0:e4:a7:6a:58:90:1a:0d:16:93:de:92: 57:23:9b:88:db:1b:48:c5:84:50:f4:37:a8:b6:a9:51:f7:df: 03:13:af:32:3c:7c:c1:e2:38:8a:5d:e9:b7:00:1d:50:a0:2d: 88:27:a7:91:6b:a8:86:78:13:69:e1:c5:15:33:11:58:0f:d6: 01:87:75:11:de:23:9c:03:69:5a:50:70:1d:6d:23:36:02:51: 5d:73:36:8d:72:b2:6b:37:98:b1:ee:a2:50:6b:4f:d5:5f:bf: 0c:b0:00:b8:d3:4b:76:45:d9:0f:71:e3:f0:5f:be:9e:4e:3a: 10:85:48:e9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ix NjcwN0VBRjBCREZEMTMyNkFGRDlCREVDNkFGRkE2RTYzQkE5ODAeFw0yNTA0MTEw MTE5NDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI1NjAxQjlBMkIxNEYz MDIyQTlFNjlBQUI3MUE1MjYzQTlFNUJFNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4pjn+oSYPsEO9UF4ESpmSxOHqh7eQkDLfKuPjZKMRuXnuLFnm zXn43KoO7qjE8RVkhZJ5fycUkUiW6MwYBSIyNR+qEAwrHHcV/Wl+DGPbnOWDmb7c 7Rlksad2/BN2lJjhhymTfLRQii2y9sR1L1g+m1U68pXi/D+x1/D9ac2YXIKgwwSr p28N4zhqF3QzpO0MVIbBt8lKE17vhitWVKGgNViW2cZIBKqv0o12FwwzFthUeFoa HUsKSFqquha1nKi4g+tmej82wqHkU6LbSolU/lKNkm2zFAkwoihnYwJfn5w8HUYV xIOOPsKqPpbI2rqsMCJYhV/ON/9tYOx5E+O5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUJWAbmisU8wIqnmmqtxpSY6nlvmgwHwYDVR0jBBgwFoAUyxZwfq8L39Eyav2b 3sav+m5jupgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 NS95eFp3ZnE4TDM5RXlhdjJiM3Nhdi1tNWp1cGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3l4WndmcThMMzlFeWF2MmIzc2F2LW01anVwZy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTUvSldBYm1pc1U4d0lx bm1tcXR4cFNZNm5sdm1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAcou6DANBgkqhkiG9w0BAQsFAAOCAQEAAYI13s+VlhG35vKAZDZ4J3UtgQAc YOA7XcNS+MH0Si08+pjqJxnWNoByGIXVUfuVt82b/p9oPYNUQhcVs/v/9Q2E1Gax 0XyJAeEmqfZKH8CXh9k0ZiPUZS/BL7+WYp28rhtEKbQwKlLoix/0kvaRaaDL6By9 zuDA5quLsHP+NEQQhMk48OSnaliQGg0Wk96SVyObiNsbSMWEUPQ3qLapUfffAxOv Mjx8weI4il3ptwAdUKAtiCenkWuohngTaeHFFTMRWA/WAYd1Ed4jnANpWlBwHW0j NgJRXXM2jXKyazeYse6iUGtP1V+/DLAAuNNLdkXZD3Hj8F++nk46EIVI6Q== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:26 2025 by rpki-client on console.sobornost.net