$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/9SRhwSdPNjcA1KE4Z7OvfNgKmZc.roa File: 9SRhwSdPNjcA1KE4Z7OvfNgKmZc.roa (raw, json) Hash identifier: OIJQqAPp6xA1tZOwZ3FTJkxeFS6YkMjTb22afVebVME= Subject key identifier: F5:24:61:C1:27:4F:36:37:00:D4:A1:38:67:B3:AF:7C:D8:0A:99:97 Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97 Certificate serial: 1018 Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/9SRhwSdPNjcA1KE4Z7OvfNgKmZc.roa Signing time: Mon 24 Feb 2025 05:00:07 +0000 ROA not before: Mon 24 Feb 2025 05:00:07 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63701 IP address blocks: 45.116.208.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4120 (0x1018) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97 Validity Not Before: Feb 24 05:00:07 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=F52461C1274F363700D4A13867B3AF7CD80A9997 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:4e:21:3f:78:68:e9:3e:8c:0e:14:f0:e3:0c: 81:26:5a:ba:76:5c:30:17:15:f4:5b:92:b8:72:0b: 40:19:c8:e9:d8:54:34:23:38:75:3b:5f:c2:7a:bd: 20:cb:0e:34:4f:57:80:b9:c2:3e:1e:69:c6:bd:a9: 3b:aa:7e:6f:a7:bd:7c:55:08:ba:1d:2b:f1:5d:f6: fe:57:52:24:56:92:f5:92:57:26:98:df:bd:d8:82: dd:97:02:67:58:d6:90:79:1f:01:46:34:87:74:ef: 32:b9:28:03:90:75:70:31:7c:a7:7c:7b:16:f7:26: 8b:bf:39:84:f4:e1:25:dc:7b:cb:b6:08:fc:53:6d: 9e:01:88:1e:0f:44:95:ac:87:21:f8:cf:75:83:2f: ac:4d:a0:30:93:47:c5:6c:a6:e6:b6:79:80:d9:58: bd:29:71:b7:c4:f8:e5:3e:ad:60:2c:fb:39:64:9f: 32:38:c6:c7:30:24:4d:e7:5c:8f:5b:a6:5c:54:a5: e7:0c:54:db:82:4f:b5:26:a9:f0:d8:4f:45:61:1d: e6:8b:10:49:2c:cd:1f:d3:92:1a:dd:a9:a9:d6:ea: 7a:aa:59:f4:86:0b:eb:64:f8:a4:dd:e1:f8:f1:77: 41:45:26:4b:6c:50:32:6a:74:1a:5a:a0:c0:0c:72: 17:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:24:61:C1:27:4F:36:37:00:D4:A1:38:67:B3:AF:7C:D8:0A:99:97 X509v3 Authority Key Identifier: keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/9SRhwSdPNjcA1KE4Z7OvfNgKmZc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.116.208.0/22 Signature Algorithm: sha256WithRSAEncryption 16:ec:06:f6:8a:18:32:c2:9d:a4:99:1c:80:f7:3a:5b:18:07: 42:61:f5:4f:d9:e3:90:64:e3:59:f2:5b:3b:fb:cf:18:52:44: 46:08:da:2e:43:a6:16:16:7d:9f:e6:33:b2:9a:1a:2d:4a:8e: f4:5b:fa:5a:01:e8:c2:1d:87:ed:b4:27:18:9e:a1:e7:11:e8: 56:dd:ed:73:8d:f7:ac:f5:33:f8:f6:41:41:ee:8d:c0:57:f9: c7:2f:42:00:c2:3c:bb:04:7a:71:98:24:30:ab:08:39:a2:14: a5:2e:2a:f4:f3:11:11:95:2e:cb:86:e5:cf:43:d1:c8:92:26: 13:7c:b3:46:ba:ae:bf:c5:80:3f:62:62:32:11:02:31:45:d9: b2:79:14:6c:30:14:c1:46:92:f8:23:bb:83:45:27:bb:05:e8: 2f:fd:46:96:4c:61:38:d1:29:e1:64:47:00:8c:35:2b:05:bd: 65:e6:33:b5:32:83:89:9d:f3:0a:ed:3e:02:00:52:6b:c0:78: 43:31:ba:cb:f5:48:e0:af:10:3b:a4:e7:98:52:f7:04:22:c3: bc:e2:d1:90:54:2f:05:12:95:4d:0e:70:8e:9d:40:1c:a4:dc: 0e:05:a2:40:59:89:95:d5:f4:c2:9c:7f:42:89:9a:90:fa:cf: 83:5d:f2:50 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEBgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNTAyMjQw NTAwMDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY1MjQ2MUMxMjc0RjM2 MzcwMEQ0QTEzODY3QjNBRjdDRDgwQTk5OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7TiE/eGjpPowOFPDjDIEmWrp2XDAXFfRbkrhyC0AZyOnYVDQj OHU7X8J6vSDLDjRPV4C5wj4eaca9qTuqfm+nvXxVCLodK/Fd9v5XUiRWkvWSVyaY 373Ygt2XAmdY1pB5HwFGNId07zK5KAOQdXAxfKd8exb3Jou/OYT04SXce8u2CPxT bZ4BiB4PRJWshyH4z3WDL6xNoDCTR8Vspua2eYDZWL0pcbfE+OU+rWAs+zlknzI4 xscwJE3nXI9bplxUpecMVNuCT7UmqfDYT0VhHeaLEEkszR/TkhrdqanW6nqqWfSG C+tk+KTd4fjxd0FFJktsUDJqdBpaoMAMche9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU9SRhwSdPNjcA1KE4Z7OvfNgKmZcwHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG 2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvOVNSaHdTZFBOamNB MUtFNFo3T3ZmTmdLbVpjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAi100DANBgkqhkiG9w0BAQsFAAOCAQEAFuwG9ooYMsKdpJkcgPc6WxgHQmH1 T9njkGTjWfJbO/vPGFJERgjaLkOmFhZ9n+YzspoaLUqO9Fv6WgHowh2H7bQnGJ6h 5xHoVt3tc433rPUz+PZBQe6NwFf5xy9CAMI8uwR6cZgkMKsIOaIUpS4q9PMREZUu y4blz0PRyJImE3yzRrquv8WAP2JiMhECMUXZsnkUbDAUwUaS+CO7g0UnuwXoL/1G lkxhONEp4WRHAIw1KwW9ZeYztTKDiZ3zCu0+AgBSa8B4QzG6y/VI4K8QO6TnmFL3 BCLDvOLRkFQvBRKVTQ5wjp1AHKTcDgWiQFmJldX0wpx/QomakPrPg13yUA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:16 2025 by rpki-client