$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/4r97Xtcderk2rYaAfCVbfPoW-to.roa File: 4r97Xtcderk2rYaAfCVbfPoW-to.roa (raw, json) Hash identifier: GeqdqfE7ko6jT4bYJmB3zZUkfFl2QdouEXCxGMC+aoA= Subject key identifier: E2:BF:7B:5E:D7:1D:7A:B9:36:AD:86:80:7C:25:5B:7C:FA:16:FA:DA Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 2023 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/4r97Xtcderk2rYaAfCVbfPoW-to.roa Signing time: Fri 17 Jan 2025 01:24:08 +0000 ROA not before: Fri 17 Jan 2025 01:24:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 212237 IP address blocks: 2403:6380:40::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 14:10:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8227 (0x2023) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:08 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=E2BF7B5ED71D7AB936AD86807C255B7CFA16FADA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:ce:20:14:37:49:df:c1:2c:ce:1c:26:89:46: 9a:fe:34:7a:92:c6:b9:82:b9:eb:f1:6c:46:3b:4f: 9d:04:ea:53:4a:06:7b:99:3b:7d:53:a2:ac:48:4b: e1:f3:69:04:fa:59:64:60:02:4a:9a:8f:0b:9d:7b: 7b:e7:c7:e1:84:ef:7b:12:9d:da:a9:dd:da:ef:40: 5b:ea:58:f4:61:18:22:0f:16:d3:78:35:ed:f5:b3: fa:c0:59:a9:f5:da:fd:4b:11:a6:c5:51:71:9e:a1: 9e:2e:cc:c4:b8:fd:92:93:94:20:60:e7:93:03:b3: 76:89:c3:86:b6:89:7b:07:34:30:56:b7:ee:bd:64: 9a:7f:d6:25:64:99:0c:c9:8f:29:3b:78:e4:3a:fa: 52:f8:e1:b5:d9:a9:b5:57:b0:b8:e2:af:51:9d:53: 4c:09:54:11:27:57:75:5b:e3:b8:f9:f6:f7:13:9a: 83:ae:91:6e:30:93:0f:cc:bf:b5:9f:33:b5:25:fe: 1a:e2:dd:0c:44:47:8a:6c:7c:01:4d:ff:a6:e3:cc: 54:34:b4:f8:6c:96:7c:10:a7:22:17:1c:eb:12:e1: 21:1c:08:49:4c:d8:32:4c:30:a0:1d:ef:4e:42:2b: db:6e:56:46:bb:dc:45:e1:98:af:67:9d:dc:18:ce: 9c:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:BF:7B:5E:D7:1D:7A:B9:36:AD:86:80:7C:25:5B:7C:FA:16:FA:DA X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/4r97Xtcderk2rYaAfCVbfPoW-to.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:40::/44 Signature Algorithm: sha256WithRSAEncryption 56:f3:a9:3b:9f:69:39:a9:88:d0:99:22:2e:e4:3d:cc:47:13: e9:1a:ca:c8:d3:ce:5d:9d:27:36:00:81:16:dd:e6:be:0b:18: 1a:d5:09:24:59:f7:8b:71:b0:d1:2d:69:9d:ae:9b:3f:4c:60: 11:1c:77:78:e7:d3:b8:27:45:a8:42:a9:33:55:a4:91:89:14: bd:fc:39:ee:3a:42:5e:bb:dd:5f:9e:cb:b2:e4:e8:23:f3:de: b3:cb:df:0b:31:f1:42:66:87:79:0a:a9:6d:d6:3a:4c:8b:dd: d5:4e:c4:1e:26:91:09:c0:c5:bf:81:75:02:fc:90:6f:20:37: 70:b6:38:0d:70:ea:e4:4e:6b:3d:34:c4:b1:23:ec:a2:4a:c1: d1:76:65:66:46:3c:94:e7:c1:4f:06:f9:ab:11:b1:21:34:05: 90:eb:b0:30:ca:e7:bb:d9:98:c6:86:4f:67:2f:56:39:2b:fc: eb:27:ce:05:cb:47:f4:64:9f:10:ce:45:e8:a4:ec:a6:51:10: 07:7f:40:1a:a9:58:56:ab:94:b0:be:a7:21:d5:5f:d7:31:11: 7c:00:ec:42:47:8b:00:5a:c4:5e:f8:a0:e5:36:cd:6d:52:42: 37:7c:bf:95:87:a4:ac:fc:a1:1c:4c:c4:b1:97:e3:72:4e:be: bf:52:90:96 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICICMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUyQkY3QjVFRDcxRDdB QjkzNkFEODY4MDdDMjU1QjdDRkExNkZBREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXziAUN0nfwSzOHCaJRpr+NHqSxrmCuevxbEY7T50E6lNKBnuZ O31ToqxIS+HzaQT6WWRgAkqajwude3vnx+GE73sSndqp3drvQFvqWPRhGCIPFtN4 Ne31s/rAWan12v1LEabFUXGeoZ4uzMS4/ZKTlCBg55MDs3aJw4a2iXsHNDBWt+69 ZJp/1iVkmQzJjyk7eOQ6+lL44bXZqbVXsLjir1GdU0wJVBEnV3Vb47j59vcTmoOu kW4wkw/Mv7WfM7Ul/hri3QxER4psfAFN/6bjzFQ0tPhslnwQpyIXHOsS4SEcCElM 2DJMMKAd705CK9tuVka73EXhmK9nndwYzpxTAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU4r97Xtcderk2rYaAfCVbfPoW+towHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvNHI5N1h0Y2Rlcmsy cllhQWZDVmJmUG9XLXRvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAQDANBgkqhkiG9w0BAQsFAAOCAQEAVvOpO59pOamI0JkiLuQ9zEcT 6RrKyNPOXZ0nNgCBFt3mvgsYGtUJJFn3i3Gw0S1pna6bP0xgERx3eOfTuCdFqEKp M1WkkYkUvfw57jpCXrvdX57LsuToI/Pes8vfCzHxQmaHeQqpbdY6TIvd1U7EHiaR CcDFv4F1AvyQbyA3cLY4DXDq5E5rPTTEsSPsokrB0XZlZkY8lOfBTwb5qxGxITQF kOuwMMrnu9mYxoZPZy9WOSv86yfOBctH9GSfEM5F6KTsplEQB39AGqlYVquUsL6n IdVf1zERfADsQkeLAFrEXvig5TbNbVJCN3y/lYekrPyhHEzEsZfjck6+v1KQlg== -----END CERTIFICATE-----Generated at Mon Apr 14 13:39:06 2025 by rpki-client