$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/7gi6WSx9-W3Q_-0BTXzk72FY--s.roa File: 7gi6WSx9-W3Q_-0BTXzk72FY--s.roa (raw, json) Hash identifier: hOgIBhnJyd+67kfMJ+asIvXRzv98Q3BxXFjjyBGTNkc= Subject key identifier: EE:08:BA:59:2C:7D:F9:6D:D0:FF:ED:01:4D:7C:E4:EF:61:58:FB:EB Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 2022 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/7gi6WSx9-W3Q_-0BTXzk72FY--s.roa Signing time: Fri 17 Jan 2025 01:24:08 +0000 ROA not before: Fri 17 Jan 2025 01:24:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 212237 IP address blocks: 2403:6380:20::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8226 (0x2022) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:08 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=EE08BA592C7DF96DD0FFED014D7CE4EF6158FBEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:d6:8b:8b:86:a4:37:ca:b7:39:89:60:8c:81: 7f:09:71:f1:f7:3a:cf:d9:04:06:6f:23:d5:64:5a: df:6c:8f:cc:6a:e3:75:14:17:0d:9f:47:eb:e3:d4: 37:6a:83:78:d3:dc:6d:52:d5:09:a9:84:90:ee:81: d9:46:51:ea:42:4e:83:7b:52:1f:c4:ca:b2:b6:9d: d4:41:c2:64:8e:50:f9:6c:77:88:de:5a:4d:21:09: 73:00:2c:cf:cb:b0:bb:da:79:c0:54:05:c8:cc:f9: bd:13:7c:7f:85:1b:e5:3d:4d:82:10:e0:15:84:f6: b7:76:27:dc:6a:05:8c:95:e4:03:aa:af:8f:06:25: f3:6a:97:3b:be:d8:12:54:f7:d2:0d:c0:12:af:b4: 19:8d:29:db:74:af:94:c1:59:3d:28:fc:02:1d:75: d8:3c:bb:ac:e2:5d:46:2b:53:d7:28:1b:13:85:92: 79:57:2e:84:ec:53:4d:17:61:34:75:03:78:49:9c: 5c:97:4b:24:5b:da:d8:c1:01:4b:01:d7:00:f4:de: df:4c:b5:cd:73:40:49:38:19:a3:8a:30:4e:e8:9c: 8f:dd:43:d3:53:07:a0:7b:c7:de:ed:46:03:bc:d5: a3:ad:a6:8e:37:b2:e0:7d:9d:9b:81:4f:50:94:cd: 57:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:08:BA:59:2C:7D:F9:6D:D0:FF:ED:01:4D:7C:E4:EF:61:58:FB:EB X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/7gi6WSx9-W3Q_-0BTXzk72FY--s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:20::/44 Signature Algorithm: sha256WithRSAEncryption 8c:12:4a:d1:27:5e:ef:09:8d:65:74:28:41:0a:f6:32:86:65: f7:4a:fe:93:aa:fd:e8:1e:8f:57:b6:02:33:fe:e9:c3:e7:35: 68:40:f2:37:81:0b:ff:b6:33:c5:41:33:82:a0:dc:23:c9:f1: c9:65:80:c9:29:f5:ef:a7:46:c4:eb:ac:2a:91:67:eb:49:2e: dd:c5:69:ff:70:33:dc:4c:8f:e7:10:d0:91:b8:0e:65:37:b0: 1c:48:23:69:b7:b6:54:96:25:0f:82:c3:0a:11:ce:87:90:45: 13:19:1b:6c:50:27:2f:99:75:53:90:d1:7e:83:c5:ad:3d:e8: 28:82:d6:9e:a4:3c:40:50:dd:43:81:4b:46:26:16:18:18:ec: 3c:b2:d6:75:5c:a7:f6:ff:6a:a4:da:07:50:f0:5f:47:bf:ab: c7:e5:61:3d:8a:87:6d:a1:5d:03:ab:72:b9:62:fc:80:6b:43: d0:2f:28:1a:6c:4e:c2:06:2c:d3:25:cf:62:2c:e7:70:01:78: 73:86:0d:2a:2a:15:17:9e:c4:c3:58:7c:be:d0:22:50:47:83: a4:7f:76:61:03:0d:a0:2d:25:2f:81:f7:f8:2a:0f:bf:dc:dd: 51:c6:9d:67:ac:34:1e:22:5d:6f:d9:b6:68:60:19:fd:09:4b: 1d:0e:d6:7f -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICICIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVFMDhCQTU5MkM3REY5 NkREMEZGRUQwMTREN0NFNEVGNjE1OEZCRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDk1ouLhqQ3yrc5iWCMgX8JcfH3Os/ZBAZvI9VkWt9sj8xq43UU Fw2fR+vj1Ddqg3jT3G1S1QmphJDugdlGUepCToN7Uh/EyrK2ndRBwmSOUPlsd4je Wk0hCXMALM/LsLvaecBUBcjM+b0TfH+FG+U9TYIQ4BWE9rd2J9xqBYyV5AOqr48G JfNqlzu+2BJU99INwBKvtBmNKdt0r5TBWT0o/AIdddg8u6ziXUYrU9coGxOFknlX LoTsU00XYTR1A3hJnFyXSyRb2tjBAUsB1wD03t9Mtc1zQEk4GaOKME7onI/dQ9NT B6B7x97tRgO81aOtpo43suB9nZuBT1CUzVexAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQU7gi6WSx9+W3Q/+0BTXzk72FY++swHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvN2dpNldTeDktVzNR Xy0wQlRYems3MkZZLS1zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAIDANBgkqhkiG9w0BAQsFAAOCAQEAjBJK0Sde7wmNZXQoQQr2MoZl 90r+k6r96B6PV7YCM/7pw+c1aEDyN4EL/7YzxUEzgqDcI8nxyWWAySn176dGxOus KpFn60ku3cVp/3Az3EyP5xDQkbgOZTewHEgjabe2VJYlD4LDChHOh5BFExkbbFAn L5l1U5DRfoPFrT3oKILWnqQ8QFDdQ4FLRiYWGBjsPLLWdVyn9v9qpNoHUPBfR7+r x+VhPYqHbaFdA6tyuWL8gGtD0C8oGmxOwgYs0yXPYizncAF4c4YNKioVF57Ew1h8 vtAiUEeDpH92YQMNoC0lL4H3+CoPv9zdUcadZ6w0HiJdb9m2aGAZ/QlLHQ7Wfw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:58 2025 by rpki-client