$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/HReb-ywFRD2sicgKUd2w0b7x10E.roa File: HReb-ywFRD2sicgKUd2w0b7x10E.roa (raw, json) Hash identifier: y65mKFijZQhce38APb8340kQcqbx8J1XoRf25Cv+AsE= Subject key identifier: 1D:17:9B:FB:2C:05:44:3D:AC:89:C8:0A:51:DD:B0:D1:BE:F1:D7:41 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 2019 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/HReb-ywFRD2sicgKUd2w0b7x10E.roa Signing time: Fri 17 Jan 2025 01:24:06 +0000 ROA not before: Fri 17 Jan 2025 01:24:06 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139648 IP address blocks: 103.244.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8217 (0x2019) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:06 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1D179BFB2C05443DAC89C80A51DDB0D1BEF1D741 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:27:ee:63:b3:e3:3f:b1:c2:e2:2e:51:6f:7c: ac:76:f3:c7:4a:18:ca:0b:2e:22:d2:8d:27:86:16: 00:62:71:75:1f:12:04:0e:6e:4e:1d:c1:b7:38:bc: 43:c1:61:76:a0:35:e4:9a:0c:4a:ea:eb:38:1f:db: ff:07:3c:6f:6e:01:f6:0f:59:1c:0e:6b:84:8f:38: cf:f3:f6:9c:ee:07:fc:40:63:5e:a8:55:2a:cd:b7: fe:bf:45:08:ad:c0:a1:5d:c1:4a:2f:7b:db:11:33: 6f:36:65:bb:7d:04:bf:6c:8f:4f:2f:4f:21:e2:d1: 34:b3:82:02:fe:08:dd:cc:f8:97:fa:50:29:f5:a2: 7a:dd:4a:6a:86:06:77:61:54:e3:03:19:9b:8d:67: d2:cd:10:82:0e:b1:43:7b:9a:24:53:48:af:01:7c: db:50:24:3f:e2:d0:1a:3a:2b:0a:57:96:68:4c:d9: 55:9a:67:0b:93:0a:ca:a2:2f:af:5a:52:11:04:98: be:62:4c:a7:c2:97:38:2f:2f:3a:41:43:fc:bb:be: b5:6f:a8:ae:47:98:49:f6:cc:08:4f:f2:fe:49:90: 46:c9:ad:96:0e:45:15:b5:17:27:52:31:29:bb:ab: 17:b1:cb:98:7a:63:f3:d7:12:83:5b:f7:5d:16:d2: 52:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:17:9B:FB:2C:05:44:3D:AC:89:C8:0A:51:DD:B0:D1:BE:F1:D7:41 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/HReb-ywFRD2sicgKUd2w0b7x10E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.118.0/24 Signature Algorithm: sha256WithRSAEncryption 31:c5:d5:80:12:b9:97:d4:d1:05:61:07:49:eb:ff:7d:0c:fe: 1c:fe:ac:6f:84:11:7f:19:56:62:65:6f:73:25:3e:9a:d0:50: 63:b7:89:44:bb:59:73:93:8d:ce:e8:d1:97:08:49:8d:0a:20: a5:a5:f7:98:a7:7c:2a:fb:4c:f5:17:2c:3c:b9:50:e9:0a:46: 34:3b:c5:6c:30:11:f6:4e:c1:f4:b1:52:07:ae:f3:a0:a9:09: fc:63:59:19:04:cd:9e:dd:91:1b:22:00:5c:4d:1f:8f:2e:90: a1:cf:59:2f:ac:f4:e9:91:18:b3:55:64:e1:6b:57:d1:3c:35: 20:d7:d6:9d:11:61:c4:42:f2:0f:f4:2c:a6:d4:e8:eb:e9:30: 97:59:92:d9:95:1d:8e:0b:41:1c:9c:0f:0c:20:2b:0b:aa:6b: ee:9c:60:f9:89:d1:13:d7:d4:3c:25:9b:ad:30:fb:01:9e:d1: 22:d4:64:a2:d7:7b:e9:ef:c0:ca:31:0c:9f:bc:63:69:e9:b0: ad:5a:db:4c:c7:fe:f4:9a:93:76:c7:65:37:6e:3d:07:5a:7a: e1:01:5c:8c:21:a5:97:04:97:eb:b8:57:11:74:7d:c6:89:ca: 06:b9:7e:72:25:5d:98:ca:40:5b:0a:6a:8b:10:c8:a4:f5:37: 0e:4a:e7:cb -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIBkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFEMTc5QkZCMkMwNTQ0 M0RBQzg5QzgwQTUxRERCMEQxQkVGMUQ3NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5J+5js+M/scLiLlFvfKx288dKGMoLLiLSjSeGFgBicXUfEgQO bk4dwbc4vEPBYXagNeSaDErq6zgf2/8HPG9uAfYPWRwOa4SPOM/z9pzuB/xAY16o VSrNt/6/RQitwKFdwUove9sRM282Zbt9BL9sj08vTyHi0TSzggL+CN3M+Jf6UCn1 onrdSmqGBndhVOMDGZuNZ9LNEIIOsUN7miRTSK8BfNtQJD/i0Bo6KwpXlmhM2VWa ZwuTCsqiL69aUhEEmL5iTKfClzgvLzpBQ/y7vrVvqK5HmEn2zAhP8v5JkEbJrZYO RRW1FydSMSm7qxexy5h6Y/PXEoNb910W0lIDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHReb+ywFRD2sicgKUd2w0b7x10EwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvSFJlYi15d0ZSRDJz aWNnS1VkMncwYjd4MTBFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGf0djANBgkqhkiG9w0BAQsFAAOCAQEAMcXVgBK5l9TRBWEHSev/fQz+HP6s b4QRfxlWYmVvcyU+mtBQY7eJRLtZc5ONzujRlwhJjQogpaX3mKd8KvtM9RcsPLlQ 6QpGNDvFbDAR9k7B9LFSB67zoKkJ/GNZGQTNnt2RGyIAXE0fjy6Qoc9ZL6z06ZEY s1Vk4WtX0Tw1INfWnRFhxELyD/QsptTo6+kwl1mS2ZUdjgtBHJwPDCArC6pr7pxg +YnRE9fUPCWbrTD7AZ7RItRkotd76e/AyjEMn7xjaemwrVrbTMf+9JqTdsdlN249 B1p64QFcjCGllwSX67hXEXR9xonKBrl+ciVdmMpAWwpqixDIpPU3Dkrnyw== -----END CERTIFICATE-----Generated at Wed Jun 4 01:12:13 2025 by rpki-client