$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/OIcAhWMzK_7prvQFEasxweToIj0.roa File: OIcAhWMzK_7prvQFEasxweToIj0.roa (raw, json) Hash identifier: xBqcWZW2JugLmKQfZ49aES8JiB/8xJHGQsV4BM/CTao= Subject key identifier: 38:87:00:85:63:33:2B:FE:E9:AE:F4:05:11:AB:31:C1:E4:E8:22:3D Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 201D Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/OIcAhWMzK_7prvQFEasxweToIj0.roa Signing time: Fri 17 Jan 2025 01:24:07 +0000 ROA not before: Fri 17 Jan 2025 01:24:07 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 212237 IP address blocks: 2403:6380:30::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8221 (0x201d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:07 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3887008563332BFEE9AEF40511AB31C1E4E8223D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b2:a7:93:8c:1f:4b:20:c3:33:92:95:1b:b4: 71:39:51:1e:30:d1:9d:a4:75:2b:29:be:da:b7:a3: 1d:07:91:1c:72:01:a6:57:fd:a3:5f:a8:14:54:de: a2:93:2b:a6:f2:c6:b4:ef:aa:b4:dc:84:57:e0:89: 5d:08:9d:81:29:27:d1:49:a7:65:96:9a:a8:1c:8b: e5:3e:73:37:d1:de:33:fc:04:86:98:42:94:aa:8b: 43:11:a5:53:9b:ad:74:93:20:d2:e0:8c:c4:1b:65: 8e:4e:1c:46:79:01:e6:11:50:ac:d0:df:84:47:70: 66:d5:70:b8:b8:8c:fa:55:68:77:14:3f:e4:c1:fe: ae:c0:41:13:19:49:77:4f:0c:f8:12:ef:c1:99:f0: 91:ef:6e:0e:90:3e:28:88:42:c1:7f:8e:c1:2b:c8: 88:39:2f:82:79:29:a3:19:c0:15:be:6c:15:ca:de: 9e:65:62:52:d6:ca:8d:1d:e8:53:8f:53:45:80:1b: 32:6c:26:47:f9:2a:6e:8a:93:bb:98:82:74:68:ab: 1c:54:70:5f:a9:a3:01:f1:1a:10:ef:90:4d:ef:2f: b9:73:8a:4d:25:9f:a8:b5:20:24:75:52:a6:c3:77: 71:11:a8:b6:49:fa:97:4b:e4:79:e5:e9:b1:9a:2d: e7:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:87:00:85:63:33:2B:FE:E9:AE:F4:05:11:AB:31:C1:E4:E8:22:3D X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/OIcAhWMzK_7prvQFEasxweToIj0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:30::/44 Signature Algorithm: sha256WithRSAEncryption 0e:33:47:16:ad:34:16:36:00:cd:c9:be:16:8a:41:1a:33:87: 68:dc:37:01:57:d2:28:c3:3a:6a:d2:0d:2a:16:74:d9:1e:5d: 44:a2:1c:7e:41:35:3b:81:91:f8:2b:f8:4e:cf:04:3e:de:a6: 71:b7:cd:d9:62:15:a1:f2:34:19:8c:73:ac:a1:6f:2a:a5:dd: 31:b4:93:51:9e:b3:7d:79:d1:4c:3b:d0:32:1b:9c:6e:fa:f4: 1f:da:9d:df:2b:85:f3:9b:76:b2:e9:54:88:fb:42:28:d5:94: 4c:b4:7f:0c:8d:3b:64:77:80:4e:a2:3d:b9:2f:e8:1b:a7:06: 29:eb:3a:7f:a9:d8:5c:34:c1:3d:55:fa:71:15:f4:73:23:75: 1e:81:cd:a5:b3:3b:e5:52:9d:14:87:9e:9d:5f:36:90:8e:72: 63:7d:73:b9:f9:7f:14:3c:13:d6:8d:95:c9:fb:59:26:53:7a: 65:1d:fb:20:e1:dd:7f:c3:f2:2d:6d:bf:2a:aa:a5:1b:1b:93: f1:66:78:ca:65:f3:09:89:dd:82:fa:3d:0a:2c:95:a5:cd:f5: 51:43:49:6c:72:70:ba:0e:0f:21:26:56:d6:79:9d:7f:8a:af: 56:e3:96:8c:eb:bd:5e:ef:66:d3:f8:73:9a:ff:b1:f2:a0:79: 8b:53:0d:1b -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICIB0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM4ODcwMDg1NjMzMzJC RkVFOUFFRjQwNTExQUIzMUMxRTRFODIyM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFsqeTjB9LIMMzkpUbtHE5UR4w0Z2kdSspvtq3ox0HkRxyAaZX /aNfqBRU3qKTK6byxrTvqrTchFfgiV0InYEpJ9FJp2WWmqgci+U+czfR3jP8BIaY QpSqi0MRpVObrXSTINLgjMQbZY5OHEZ5AeYRUKzQ34RHcGbVcLi4jPpVaHcUP+TB /q7AQRMZSXdPDPgS78GZ8JHvbg6QPiiIQsF/jsEryIg5L4J5KaMZwBW+bBXK3p5l YlLWyo0d6FOPU0WAGzJsJkf5Km6Kk7uYgnRoqxxUcF+powHxGhDvkE3vL7lzik0l n6i1ICR1UqbDd3ERqLZJ+pdL5Hnl6bGaLeelAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUOIcAhWMzK/7prvQFEasxweToIj0wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvT0ljQWhXTXpLXzdw cnZRRkVhc3h3ZVRvSWowLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHBCQDY4AAMDANBgkqhkiG9w0BAQsFAAOCAQEADjNHFq00FjYAzcm+FopBGjOH aNw3AVfSKMM6atINKhZ02R5dRKIcfkE1O4GR+Cv4Ts8EPt6mcbfN2WIVofI0GYxz rKFvKqXdMbSTUZ6zfXnRTDvQMhucbvr0H9qd3yuF85t2sulUiPtCKNWUTLR/DI07 ZHeATqI9uS/oG6cGKes6f6nYXDTBPVX6cRX0cyN1HoHNpbM75VKdFIeenV82kI5y Y31zufl/FDwT1o2VyftZJlN6ZR37IOHdf8PyLW2/KqqlGxuT8WZ4ymXzCYndgvo9 CiyVpc31UUNJbHJwug4PISZW1nmdf4qvVuOWjOu9Xu9m0/hzmv+x8qB5i1MNGw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:34:31 2025 by rpki-client