$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/n5ZNxatvv4XCouElRwkMzO6ANTQ.roa File: n5ZNxatvv4XCouElRwkMzO6ANTQ.roa (raw, json) Hash identifier: 2V2xIDmOEpYGle2/9Z9l+ERcP87JlV8yB1t7el2xCxY= Subject key identifier: 9F:96:4D:C5:AB:6F:BF:85:C2:A2:E1:25:47:09:0C:CC:EE:80:35:34 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 202C Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/n5ZNxatvv4XCouElRwkMzO6ANTQ.roa Signing time: Fri 17 Jan 2025 01:24:11 +0000 ROA not before: Fri 17 Jan 2025 01:24:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 209242 IP address blocks: 103.244.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8236 (0x202c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:11 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9F964DC5AB6FBF85C2A2E12547090CCCEE803534 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1b:54:1a:a6:ab:58:74:cc:52:50:91:f1:5f: 52:6a:d7:ce:a3:0e:dd:6c:24:7f:eb:5d:4d:7b:5b: 20:ba:df:c9:fc:70:05:00:5f:46:5d:fa:89:e6:13: 9b:b8:3a:45:13:50:a5:68:59:ab:eb:e3:2b:a0:9e: fe:cf:f5:a8:08:70:62:70:b0:88:9a:7f:b7:11:91: 60:03:32:66:4e:20:e2:1b:91:af:60:f9:6c:a9:02: 93:be:3e:4f:84:61:8d:db:00:3c:18:23:cd:1a:7d: f3:91:70:6c:23:99:d6:b3:96:81:60:5e:4b:fb:68: fc:05:79:93:34:63:16:d7:b4:26:6a:c6:7d:86:e4: e8:f6:bc:4d:e2:13:63:03:da:f8:d1:2e:1d:7f:2a: ca:91:ac:70:e8:15:59:d0:2a:38:f4:5c:a4:f2:1c: 7b:03:0c:e9:47:18:64:03:68:bd:83:aa:5e:a4:7d: 38:b8:02:ef:c7:ef:d9:68:52:1d:2a:ae:5a:cc:42: 40:6e:58:28:d0:a8:97:fe:75:0c:81:54:fd:90:93: 1e:3a:0a:79:5e:cf:92:41:3b:83:6c:f0:f1:02:69: 7a:63:05:9a:8b:6a:0e:c8:5e:6b:bf:8e:ef:22:31: 3a:6c:66:f8:a8:6f:ac:3d:83:b9:9d:42:0e:83:88: 4d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:96:4D:C5:AB:6F:BF:85:C2:A2:E1:25:47:09:0C:CC:EE:80:35:34 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/n5ZNxatvv4XCouElRwkMzO6ANTQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.119.0/24 Signature Algorithm: sha256WithRSAEncryption 08:a0:7a:09:a4:1c:ad:73:88:a3:e2:90:22:57:d8:5b:e2:d6: 85:46:5c:3b:cc:b8:ee:22:c9:09:b8:45:11:45:a2:d6:c5:02: 24:77:56:ed:e2:49:7d:b3:14:67:a6:02:37:aa:87:29:dd:de: cf:3d:1f:34:c3:9b:82:d6:3b:8c:ca:72:4f:a1:e6:52:32:fb: 5f:b4:08:5f:3e:57:58:5b:68:b0:a9:f0:ec:63:0c:d9:3f:60: f6:6c:5f:14:03:96:ab:ae:bd:40:4e:ed:7d:fe:09:bd:0a:9f: 99:13:8f:21:79:4c:2b:09:00:b9:64:ce:9e:74:41:73:ba:67: d2:27:c5:99:71:74:fb:b7:e7:08:b4:61:36:1a:cd:d0:54:3b: e9:86:78:2c:81:4a:02:fc:9a:d1:36:f5:ea:54:ac:3d:3a:da: 2a:e8:f5:ab:e7:2d:77:94:33:b2:69:52:5c:2d:79:d8:4a:10: d1:e4:25:78:b4:b0:e9:91:51:c0:19:b9:c5:bc:42:33:66:45: b0:4e:ab:2c:c1:46:22:69:eb:46:a1:2e:ec:6d:2d:ed:df:b9: 20:9e:9d:17:d7:e5:6b:ba:4b:40:40:eb:f4:61:69:9c:94:f0: f8:58:fb:a3:4d:f4:05:ec:47:72:14:9e:35:57:b6:7f:7e:10: 65:4f:73:2b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICICwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlGOTY0REM1QUI2RkJG ODVDMkEyRTEyNTQ3MDkwQ0NDRUU4MDM1MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNG1QapqtYdMxSUJHxX1Jq186jDt1sJH/rXU17WyC638n8cAUA X0Zd+onmE5u4OkUTUKVoWavr4yugnv7P9agIcGJwsIiaf7cRkWADMmZOIOIbka9g +WypApO+Pk+EYY3bADwYI80affORcGwjmdazloFgXkv7aPwFeZM0YxbXtCZqxn2G 5Oj2vE3iE2MD2vjRLh1/KsqRrHDoFVnQKjj0XKTyHHsDDOlHGGQDaL2Dql6kfTi4 Au/H79loUh0qrlrMQkBuWCjQqJf+dQyBVP2Qkx46Cnlez5JBO4Ns8PECaXpjBZqL ag7IXmu/ju8iMTpsZviob6w9g7mdQg6DiE0nAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUn5ZNxatvv4XCouElRwkMzO6ANTQwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvbjVaTnhhdHZ2NFhD b3VFbFJ3a016TzZBTlRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGf0dzANBgkqhkiG9w0BAQsFAAOCAQEACKB6CaQcrXOIo+KQIlfYW+LWhUZc O8y47iLJCbhFEUWi1sUCJHdW7eJJfbMUZ6YCN6qHKd3ezz0fNMObgtY7jMpyT6Hm UjL7X7QIXz5XWFtosKnw7GMM2T9g9mxfFAOWq669QE7tff4JvQqfmROPIXlMKwkA uWTOnnRBc7pn0ifFmXF0+7fnCLRhNhrN0FQ76YZ4LIFKAvya0Tb16lSsPTraKuj1 q+ctd5QzsmlSXC152EoQ0eQleLSw6ZFRwBm5xbxCM2ZFsE6rLMFGImnrRqEu7G0t 7d+5IJ6dF9fla7pLQEDr9GFpnJTw+Fj7o030BexHchSeNVe2f34QZU9zKw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:25 2025 by rpki-client