$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/Jti-bdW-scu_L4qJSVV8bFC34Hg.roa File: Jti-bdW-scu_L4qJSVV8bFC34Hg.roa (raw, json) Hash identifier: von2PiMAe0B935XVhzke3hrz/cpQJvoVxPOBvVAOqbQ= Subject key identifier: 26:D8:BE:6D:D5:BE:B1:CB:BF:2F:8A:89:49:55:7C:6C:50:B7:E0:78 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 2020 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/Jti-bdW-scu_L4qJSVV8bFC34Hg.roa Signing time: Fri 17 Jan 2025 01:24:08 +0000 ROA not before: Fri 17 Jan 2025 01:24:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 212237 IP address blocks: 2403:6380:50::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8224 (0x2020) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:08 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=26D8BE6DD5BEB1CBBF2F8A8949557C6C50B7E078 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:91:3c:b6:fc:91:55:bc:0a:47:68:c7:af:c5: 5f:d0:51:c1:ee:4f:b9:fd:04:3f:04:b9:7b:56:ee: 2b:12:31:d2:2d:9a:73:89:31:75:d0:30:d1:88:e0: 6e:51:d0:de:5b:e7:36:10:00:4b:20:b7:ec:1e:a6: a8:7d:23:38:22:82:9c:ee:d9:d6:ab:e5:1c:ea:3a: 79:64:2e:ac:60:2b:4f:16:15:95:98:a4:67:92:f5: 9b:b1:c1:aa:d3:a4:ad:d7:6f:52:35:9f:69:7e:68: a9:4f:1a:61:24:0c:7c:f7:d9:b6:b8:2c:aa:ff:bc: 5e:16:0c:72:b3:c2:6f:2b:25:e3:cd:e8:50:59:08: 22:eb:70:58:15:b2:6c:bb:28:8b:25:4b:65:95:ba: 02:d9:fc:c3:0d:db:26:d9:3e:86:82:49:03:22:93: 38:15:29:e7:d1:01:6d:a7:91:79:f7:d3:b9:0a:38: b1:ac:92:96:ac:9e:ed:60:07:3c:06:ce:e7:fa:3c: 9d:40:93:c8:10:d9:63:60:b0:2e:07:01:7c:94:31: 15:f0:0b:c2:3b:5b:66:7f:c4:8d:51:4b:25:12:ba: f5:de:03:f3:6e:dd:cc:27:1f:a1:bd:4d:55:a3:61: 39:41:ed:00:1d:97:84:6d:64:52:a4:fa:c4:49:18: 32:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:D8:BE:6D:D5:BE:B1:CB:BF:2F:8A:89:49:55:7C:6C:50:B7:E0:78 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/Jti-bdW-scu_L4qJSVV8bFC34Hg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:50::/44 Signature Algorithm: sha256WithRSAEncryption e4:6e:c1:0f:6c:c0:9a:dc:2e:98:ae:e7:de:c7:a4:b7:0d:ee: c9:cf:2d:f0:3d:e9:82:38:10:f3:7b:01:37:30:7d:1c:85:d4: 26:37:14:de:a4:fb:58:f5:2c:fc:76:37:fb:07:ef:c1:32:ff: c4:63:2e:e2:3d:9f:1c:36:8c:12:1c:a1:15:57:7a:d2:34:1f: 99:25:4d:aa:93:e2:9c:18:ec:77:5d:ad:4e:36:cd:1f:60:43: 86:11:1e:98:e1:00:4a:7d:fc:5c:8f:08:43:69:82:a4:bf:66: 55:2d:ee:52:3d:f5:f5:4d:91:41:50:fa:9c:17:82:22:de:2d: 56:fa:97:78:16:98:b5:cd:92:cf:62:af:05:08:9f:1d:8e:ed: 85:08:1e:b5:9c:c4:35:be:ce:3c:f4:5d:10:8e:0a:72:d4:53: 33:02:93:f2:81:3b:76:c8:85:a6:5a:de:f9:42:ce:c1:34:30: 9e:9d:ae:a8:a3:9e:02:97:55:79:58:54:e0:0a:09:b5:f9:45: 99:a1:3d:0d:d7:52:36:3d:58:a1:fe:70:44:25:d7:90:34:87: 1c:89:a6:fa:59:b6:51:ca:9b:0c:b4:e2:84:8b:56:e1:e5:75: d1:6a:e2:3f:0d:1a:a2:bd:dc:01:ac:42:6e:42:2f:c7:3f:b7: 15:fc:51:4d -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICICAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI2RDhCRTZERDVCRUIx Q0JCRjJGOEE4OTQ5NTU3QzZDNTBCN0UwNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDdkTy2/JFVvApHaMevxV/QUcHuT7n9BD8EuXtW7isSMdItmnOJ MXXQMNGI4G5R0N5b5zYQAEsgt+wepqh9Izgigpzu2dar5RzqOnlkLqxgK08WFZWY pGeS9ZuxwarTpK3Xb1I1n2l+aKlPGmEkDHz32ba4LKr/vF4WDHKzwm8rJePN6FBZ CCLrcFgVsmy7KIslS2WVugLZ/MMN2ybZPoaCSQMikzgVKefRAW2nkXn307kKOLGs kpasnu1gBzwGzuf6PJ1Ak8gQ2WNgsC4HAXyUMRXwC8I7W2Z/xI1RSyUSuvXeA/Nu 3cwnH6G9TVWjYTlB7QAdl4RtZFKk+sRJGDLDAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUJti+bdW+scu/L4qJSVV8bFC34HgwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvSnRpLWJkVy1zY3Vf TDRxSlNWVjhiRkMzNEhnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAUDANBgkqhkiG9w0BAQsFAAOCAQEA5G7BD2zAmtwumK7n3sektw3u yc8t8D3pgjgQ83sBNzB9HIXUJjcU3qT7WPUs/HY3+wfvwTL/xGMu4j2fHDaMEhyh FVd60jQfmSVNqpPinBjsd12tTjbNH2BDhhEemOEASn38XI8IQ2mCpL9mVS3uUj31 9U2RQVD6nBeCIt4tVvqXeBaYtc2Sz2KvBQifHY7thQgetZzENb7OPPRdEI4KctRT MwKT8oE7dsiFplre+ULOwTQwnp2uqKOeApdVeVhU4AoJtflFmaE9DddSNj1Yof5w RCXXkDSHHImm+lm2UcqbDLTihItW4eV10WriPw0aor3cAaxCbkIvxz+3FfxRTQ== -----END CERTIFICATE-----Generated at Fri Apr 4 22:04:54 2025 by rpki-client