$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1200/QVGtqSaVkscnVb64lhRi-cMEHSc.roa File: QVGtqSaVkscnVb64lhRi-cMEHSc.roa (raw, json) Hash identifier: Ww6dLhQGxl5xTNIHfw+jluIsVDrzSDLMJsr6pk3RFXE= Subject key identifier: 41:51:AD:A9:26:95:92:C7:27:55:BE:B8:96:14:62:F9:C3:04:1D:27 Certificate issuer: /CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD Certificate serial: 12B7 Authority key identifier: 61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/QVGtqSaVkscnVb64lhRi-cMEHSc.roa Signing time: Fri 17 Jan 2025 01:23:57 +0000 ROA not before: Fri 17 Jan 2025 01:23:57 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 59022 IP address blocks: 2400:ebc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:06:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4791 (0x12b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6191AACDCE560A74D83C05DA8EA9327AF944DBBD Validity Not Before: Jan 17 01:23:57 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4151ADA9269592C72755BEB8961462F9C3041D27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d4:25:47:04:45:0f:41:9d:6e:e5:dc:31:84: 5c:f8:1b:b8:c2:e7:19:d2:21:c8:af:a5:fd:5e:f0: bc:2a:8d:6b:11:96:c7:bd:34:fb:49:a3:dc:1d:f2: 51:ec:05:cf:50:18:b0:b1:25:4d:b8:7e:18:6d:d7: f8:e8:b8:fe:28:51:7f:cb:6a:b8:54:ca:47:6d:b3: e0:d2:48:b9:2f:8b:08:f5:3a:ec:b4:dd:da:3e:cb: 50:30:a2:f7:1c:b2:2f:ff:30:8d:95:74:74:c9:5a: 0b:51:be:24:8f:8e:0f:34:6a:f9:2d:28:c6:6f:e6: 8a:2a:6f:b9:d8:25:01:88:d0:05:9b:f4:34:46:91: 8c:a4:dc:1a:e3:bb:2c:51:a1:a0:af:c3:bc:e4:fc: d5:28:3f:3d:bf:5d:35:e2:d6:2d:88:92:f0:df:b0: 17:71:c9:02:1e:1f:79:ce:54:16:ae:07:56:91:c7: 2c:36:7e:0f:cb:11:04:57:dc:24:dd:d4:a0:5e:7e: fa:a7:32:db:ce:d7:3f:f1:39:10:31:7b:cd:07:8e: 83:6a:74:72:37:35:dd:16:6e:dd:0a:5d:d8:3a:0c: 27:75:55:24:c9:d5:5d:e1:46:80:7a:7b:e9:df:03: dd:49:ed:18:62:bf:6f:d0:b0:df:c3:3b:26:e9:34: ba:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:51:AD:A9:26:95:92:C7:27:55:BE:B8:96:14:62:F9:C3:04:1D:27 X509v3 Authority Key Identifier: keyid:61:91:AA:CD:CE:56:0A:74:D8:3C:05:DA:8E:A9:32:7A:F9:44:DB:BD X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/YZGqzc5WCnTYPAXajqkyevlE270.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YZGqzc5WCnTYPAXajqkyevlE270.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1200/QVGtqSaVkscnVb64lhRi-cMEHSc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:ebc0::/32 Signature Algorithm: sha256WithRSAEncryption 93:c0:d9:0d:8b:de:ae:14:4c:c3:9e:30:5a:a6:34:69:9a:ca: e6:65:ec:4d:7f:19:4d:cf:1d:cc:12:69:a6:18:10:f9:ec:22: 3e:d5:37:2c:0f:47:ac:07:e8:6b:45:9b:32:e1:ce:b1:53:41: 5d:f8:15:06:dc:82:83:8b:d5:f4:48:21:5c:89:b5:23:84:a4: 8c:0c:d6:ac:9f:e4:7c:79:47:d1:bf:cd:22:e1:56:cc:3d:ba: 12:4f:48:78:a9:a4:b2:69:41:82:6a:f4:b6:05:35:3e:eb:4c: 28:1b:64:59:41:74:a0:26:5a:5a:79:15:84:d8:36:d3:ac:28: 04:00:86:d9:4a:8e:e5:6c:3a:c4:1c:9f:f1:a0:92:67:ee:79: 69:6a:f3:a2:a2:a8:2a:28:ea:7c:02:65:ce:75:fc:ec:6d:a0: b3:65:a0:08:b4:60:fc:cd:cb:a0:e0:97:5e:7b:23:b6:83:52: 01:9f:ac:18:a7:7b:ad:8c:b5:32:e7:c6:36:30:63:84:23:d1: 37:73:a4:66:05:81:3c:3a:25:3f:bb:89:80:fa:65:b6:fa:72: e3:e7:c8:e0:bb:0f:51:29:01:3b:80:98:27:c2:73:ec:64:d4: 2c:a8:da:16:54:f1:10:55:a2:09:ed:2d:23:53:2f:07:43:39: 26:d3:68:8c -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICErcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE5 MUFBQ0RDRTU2MEE3NEQ4M0MwNURBOEVBOTMyN0FGOTQ0REJCRDAeFw0yNTAxMTcw MTIzNTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQxNTFBREE5MjY5NTky QzcyNzU1QkVCODk2MTQ2MkY5QzMwNDFEMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC71CVHBEUPQZ1u5dwxhFz4G7jC5xnSIcivpf1e8LwqjWsRlse9 NPtJo9wd8lHsBc9QGLCxJU24fhht1/jouP4oUX/LarhUykdts+DSSLkviwj1Ouy0 3do+y1Awovccsi//MI2VdHTJWgtRviSPjg80avktKMZv5ooqb7nYJQGI0AWb9DRG kYyk3BrjuyxRoaCvw7zk/NUoPz2/XTXi1i2IkvDfsBdxyQIeH3nOVBauB1aRxyw2 fg/LEQRX3CTd1KBefvqnMtvO1z/xORAxe80HjoNqdHI3Nd0Wbt0KXdg6DCd1VSTJ 1V3hRoB6e+nfA91J7Rhiv2/QsN/DOybpNLqrAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUQVGtqSaVkscnVb64lhRi+cMEHScwHwYDVR0jBBgwFoAUYZGqzc5WCnTYPAXa jqkyevlE270wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIw MC9ZWkdxemM1V0NuVFlQQVhhanFreWV2bEUyNzAuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1laR3F6YzVXQ25UWVBBWGFqcWt5ZXZsRTI3MC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMDAvUVZHdHFTYVZrc2Nu VmI2NGxoUmktY01FSFNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQA68AwDQYJKoZIhvcNAQELBQADggEBAJPA2Q2L3q4UTMOeMFqmNGmayuZl 7E1/GU3PHcwSaaYYEPnsIj7VNywPR6wH6GtFmzLhzrFTQV34FQbcgoOL1fRIIVyJ tSOEpIwM1qyf5Hx5R9G/zSLhVsw9uhJPSHippLJpQYJq9LYFNT7rTCgbZFlBdKAm Wlp5FYTYNtOsKAQAhtlKjuVsOsQcn/GgkmfueWlq86KiqCoo6nwCZc51/OxtoLNl oAi0YPzNy6Dgl157I7aDUgGfrBine62MtTLnxjYwY4Qj0TdzpGYFgTw6JT+7iYD6 Zbb6cuPnyOC7D1EpATuAmCfCc+xk1Cyo2hZU8RBVogntLSNTLwdDOSbTaIw= -----END CERTIFICATE-----Generated at Fri Apr 4 18:38:44 2025 by rpki-client