$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/-OwUbQLzqS9CtZr_wtRPxfVPmaw.roa File: -OwUbQLzqS9CtZr_wtRPxfVPmaw.roa (raw, json) Hash identifier: nU8McGO3g2yTqZQuoumVj83hRYLsBYNlvrV6uYQKZvY= Subject key identifier: F8:EC:14:6D:02:F3:A9:2F:42:B5:9A:FF:C2:D4:4F:C5:F5:4F:99:AC Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 2029 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/-OwUbQLzqS9CtZr_wtRPxfVPmaw.roa Signing time: Fri 17 Jan 2025 01:24:10 +0000 ROA not before: Fri 17 Jan 2025 01:24:10 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 212237 IP address blocks: 2403:6380:12::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8233 (0x2029) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:10 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=F8EC146D02F3A92F42B59AFFC2D44FC5F54F99AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:fd:ef:b1:7b:eb:a6:a3:6c:ff:9f:52:64:56: b6:a2:21:eb:41:32:dc:cc:0b:b4:81:33:62:ed:e0: 43:88:0f:c6:b0:28:61:46:8e:03:60:93:c9:bb:5a: 41:ff:67:01:64:d3:f6:7f:c1:58:f6:0a:f0:6d:a7: e0:0c:07:36:59:a2:40:dd:7f:e2:7d:17:c7:96:2e: 42:79:64:e9:42:1f:85:ab:3b:ae:05:be:9f:40:fd: 20:83:74:c8:6b:5d:6f:4e:4e:2c:f5:eb:7b:ff:c9: a8:7e:77:a6:30:8e:6c:d9:c1:70:13:4e:a8:3a:eb: 96:66:be:29:6a:85:a8:c5:a7:e5:a2:4b:56:d1:9d: 61:ea:7f:1e:fb:56:ce:76:82:0f:7f:aa:a2:3c:0f: cc:d5:bb:4e:1b:55:82:6c:c3:95:55:a5:85:1e:93: b2:5c:cd:26:99:2c:ce:9c:4c:95:a4:cc:37:d7:00: 4a:c2:c1:91:d8:ef:9a:b7:cc:a1:15:f6:d0:c2:43: 86:c3:d9:8d:1c:3c:b4:6f:34:78:1e:8f:d8:fc:2d: 32:27:b9:05:0e:fe:56:53:48:39:33:8a:de:9e:47: 39:7f:07:e6:81:e3:62:e4:15:56:eb:b4:7b:39:c0: cb:88:b3:0a:61:41:1b:a4:40:95:d9:0b:cd:1c:08: e6:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:EC:14:6D:02:F3:A9:2F:42:B5:9A:FF:C2:D4:4F:C5:F5:4F:99:AC X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/-OwUbQLzqS9CtZr_wtRPxfVPmaw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:12::/48 Signature Algorithm: sha256WithRSAEncryption 74:d5:4e:54:4e:0e:1a:bf:b6:ea:3d:73:06:33:ab:49:00:ed: 7d:80:11:57:14:1c:60:2e:aa:31:a2:fc:62:1d:5b:59:34:04: a3:95:cb:db:e0:8a:9b:86:90:8a:e2:5a:5e:ef:3e:3d:fe:0e: 8e:01:70:bc:0f:38:cf:4a:c4:f5:04:06:7c:a7:9c:b7:c6:7f: a2:04:dc:c2:fa:90:1b:f4:14:43:18:f7:03:c9:27:54:29:87: 67:b1:36:fa:97:bc:b5:f9:a9:d2:63:19:15:f2:60:1f:46:f4: 93:08:f3:e8:71:e2:2a:e4:4e:79:b7:01:15:7b:5e:83:7b:de: 5e:43:2b:8e:04:1a:ee:0b:59:18:97:85:03:8e:2c:1a:59:1d: 15:35:5d:de:7a:9a:9c:b2:67:f9:a2:2b:8b:68:71:2d:d0:db: 83:f9:91:ae:5b:e9:e6:4f:05:d9:f7:f7:5d:f1:52:5b:0a:bb: 68:2c:99:7a:10:6f:f5:f9:af:67:22:c7:ea:ae:98:3b:0b:c1: 89:ce:90:ce:9b:7e:aa:9d:23:29:0d:a5:e1:53:ad:f6:7e:d7: db:a3:e5:03:e7:4f:20:34:e9:af:75:7b:b8:14:3b:46:8a:5b: d1:49:0e:29:55:ff:d8:d2:1b:bf:52:2a:62:b7:ca:1c:9b:d6: e7:3e:98:0c -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICICkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY4RUMxNDZEMDJGM0E5 MkY0MkI1OUFGRkMyRDQ0RkM1RjU0Rjk5QUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDD/e+xe+umo2z/n1JkVraiIetBMtzMC7SBM2Lt4EOID8awKGFG jgNgk8m7WkH/ZwFk0/Z/wVj2CvBtp+AMBzZZokDdf+J9F8eWLkJ5ZOlCH4WrO64F vp9A/SCDdMhrXW9OTiz163v/yah+d6YwjmzZwXATTqg665ZmvilqhajFp+WiS1bR nWHqfx77Vs52gg9/qqI8D8zVu04bVYJsw5VVpYUek7JczSaZLM6cTJWkzDfXAErC wZHY75q3zKEV9tDCQ4bD2Y0cPLRvNHgej9j8LTInuQUO/lZTSDkzit6eRzl/B+aB 42LkFVbrtHs5wMuIswphQRukQJXZC80cCObvAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU+OwUbQLzqS9CtZr/wtRPxfVPmawwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvLU93VWJRTHpxUzlD dFpyX3d0UlB4ZlZQbWF3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQDY4AAEjANBgkqhkiG9w0BAQsFAAOCAQEAdNVOVE4OGr+26j1zBjOrSQDt fYARVxQcYC6qMaL8Yh1bWTQEo5XL2+CKm4aQiuJaXu8+Pf4OjgFwvA84z0rE9QQG fKect8Z/ogTcwvqQG/QUQxj3A8knVCmHZ7E2+pe8tfmp0mMZFfJgH0b0kwjz6HHi KuROebcBFXteg3veXkMrjgQa7gtZGJeFA44sGlkdFTVd3nqanLJn+aIri2hxLdDb g/mRrlvp5k8F2ff3XfFSWwq7aCyZehBv9fmvZyLH6q6YOwvBic6Qzpt+qp0jKQ2l 4VOt9n7X26PlA+dPIDTpr3V7uBQ7Ropb0UkOKVX/2NIbv1IqYrfKHJvW5z6YDA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:43:37 2025 by rpki-client