$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/817/e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa File: e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa (raw, json) Hash identifier: NYEeAcBUsCB/ll8/IHHqbGto+nzHjpAiEbkf5GDxZjk= Subject key identifier: 7B:E4:5C:36:F1:D7:91:A6:09:B0:B6:52:69:63:29:3C:C1:66:69:91 Certificate issuer: /CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Certificate serial: 1D0A Authority key identifier: 2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa Signing time: Fri 17 Jan 2025 01:26:47 +0000 ROA not before: Fri 17 Jan 2025 01:26:47 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 136958 IP address blocks: 42.240.128.0/20 maxlen: 20 42.240.144.0/20 maxlen: 20 42.240.160.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:38:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7434 (0x1d0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2A711AA7DC60049B0B0D884897E015B1171F37B9 Validity Not Before: Jan 17 01:26:47 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=7BE45C36F1D791A609B0B6526963293CC1666991 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:5b:88:66:e2:9d:4b:49:e9:f9:9d:0f:1b:a3: da:5d:35:23:fa:f0:1d:aa:57:14:2d:ec:dc:f4:2b: 8d:8a:9e:09:79:6b:2a:ed:06:7e:ac:a3:20:9d:6a: 79:6f:c8:31:e8:02:24:b5:92:64:a2:36:11:1f:69: ed:fb:b0:15:d3:f4:12:c0:b1:2f:d2:22:32:42:bc: 36:66:d4:9b:74:12:cd:9d:39:41:ef:f8:ed:a9:ad: 15:61:47:f6:9c:0d:44:cd:fd:21:43:5d:11:f1:df: 95:2a:a1:5c:70:69:fa:b4:9a:0f:a6:24:bc:20:c2: 51:86:c6:13:ff:d6:f3:a3:09:24:b5:1f:5c:52:fc: ee:78:0b:29:64:6c:e8:26:bf:0d:63:d4:4f:64:84: 6d:15:46:76:26:b0:12:f8:c6:58:fa:68:5b:5d:82: 1e:31:d5:29:4a:5b:48:69:51:4d:f3:d5:bb:5f:b6: 6d:58:36:63:28:61:46:d0:39:4e:fe:10:83:26:95: d8:e2:da:b3:74:21:33:e5:4c:00:93:e2:d3:2e:fe: 5b:3f:b7:3c:2d:1a:a6:11:c0:88:a1:ee:00:9a:20: 73:dd:d3:dd:4e:5e:66:e7:60:bf:9d:74:05:7f:2f: f9:b5:c1:fa:d6:39:d8:aa:ff:6c:b3:5f:9d:3c:0a: 66:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:E4:5C:36:F1:D7:91:A6:09:B0:B6:52:69:63:29:3C:C1:66:69:91 X509v3 Authority Key Identifier: keyid:2A:71:1A:A7:DC:60:04:9B:0B:0D:88:48:97:E0:15:B1:17:1F:37:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/KnEap9xgBJsLDYhIl-AVsRcfN7k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KnEap9xgBJsLDYhIl-AVsRcfN7k.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/817/e-RcNvHXkaYJsLZSaWMpPMFmaZE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.240.128.0-42.240.175.255 Signature Algorithm: sha256WithRSAEncryption 43:5a:f3:c0:72:43:5f:da:32:05:e6:67:b0:11:62:b3:29:ba: 29:13:0c:df:df:0a:9d:ec:63:d0:51:5c:d5:fb:1c:8e:4a:fa: 41:9c:02:ca:cc:c3:ce:3a:78:ae:86:c2:4f:b8:b3:47:d2:b2: 5e:33:70:87:30:53:7a:fc:5d:72:16:ca:d5:bd:48:ab:a5:bf: 6b:8f:63:92:08:d6:76:01:b4:7e:06:19:b2:96:63:b1:2c:3a: ac:67:3f:c3:02:47:d1:10:c1:9b:f3:70:78:98:51:59:a4:4c: f6:b0:c4:45:9e:1f:e4:b0:cc:1b:1b:0f:29:d5:b6:6c:a7:34: 0c:55:2c:c3:ed:c2:81:e3:fd:ac:2b:c8:8e:87:a9:f4:60:16: 30:49:7e:a6:11:c0:03:9b:de:77:6f:76:5c:c6:fe:ee:ee:65: 19:14:9a:b8:a4:be:5b:c9:1f:2f:c0:67:97:4e:29:a1:16:95: 5a:51:55:97:54:b7:b8:86:13:c9:05:10:ff:36:45:34:a9:df: 3f:46:0b:6d:16:58:13:f5:5b:f9:7c:3f:2d:8a:5c:19:db:fe: 60:34:54:c1:28:ad:56:72:d7:7e:b7:fc:1d:67:9d:8a:e7:4f: 45:31:2a:60:f5:2e:15:dc:70:e5:0e:f9:d1:ff:22:a7:4d:68: 00:a6:e8:31 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICHQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE3 MTFBQTdEQzYwMDQ5QjBCMEQ4ODQ4OTdFMDE1QjExNzFGMzdCOTAeFw0yNTAxMTcw MTI2NDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdCRTQ1QzM2RjFENzkx QTYwOUIwQjY1MjY5NjMyOTNDQzE2NjY5OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDW4hm4p1LSen5nQ8bo9pdNSP68B2qVxQt7Nz0K42Kngl5ayrt Bn6soyCdanlvyDHoAiS1kmSiNhEfae37sBXT9BLAsS/SIjJCvDZm1Jt0Es2dOUHv +O2prRVhR/acDUTN/SFDXRHx35UqoVxwafq0mg+mJLwgwlGGxhP/1vOjCSS1H1xS /O54CylkbOgmvw1j1E9khG0VRnYmsBL4xlj6aFtdgh4x1SlKW0hpUU3z1btftm1Y NmMoYUbQOU7+EIMmldji2rN0ITPlTACT4tMu/ls/tzwtGqYRwIih7gCaIHPd091O XmbnYL+ddAV/L/m1wfrWOdiq/2yzX508CmaDAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUe+RcNvHXkaYJsLZSaWMpPMFmaZEwHwYDVR0jBBgwFoAUKnEap9xgBJsLDYhI l+AVsRcfN7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3 L0tuRWFwOXhnQkpzTERZaElsLUFWc1JjZk43ay5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvS25FYXA5eGdCSnNMRFloSWwtQVZzUmNmTjdrLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvODE3L2UtUmNOdkhYa2FZSnNM WlNhV01wUE1GbWFaRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4w DAMEByrwgAMEBCrwoDANBgkqhkiG9w0BAQsFAAOCAQEAQ1rzwHJDX9oyBeZnsBFi sym6KRMM398Knexj0FFc1fscjkr6QZwCyszDzjp4robCT7izR9KyXjNwhzBTevxd chbK1b1Iq6W/a49jkgjWdgG0fgYZspZjsSw6rGc/wwJH0RDBm/NweJhRWaRM9rDE RZ4f5LDMGxsPKdW2bKc0DFUsw+3CgeP9rCvIjoep9GAWMEl+phHAA5ved292XMb+ 7u5lGRSauKS+W8kfL8Bnl04poRaVWlFVl1S3uIYTyQUQ/zZFNKnfP0YLbRZYE/Vb +Xw/LYpcGdv+YDRUwSitVnLXfrf8HWediudPRTEqYPUuFdxw5Q750f8ip01oAKbo MQ== -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:30 2025 by rpki-client on console.sobornost.net