$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/tBEau9qaHWyukHWT05JHQ8xv6yU.roa File: tBEau9qaHWyukHWT05JHQ8xv6yU.roa (raw, json) Hash identifier: yhpnPts3yhegRpvu3PBV7bzk7TlZ6bt6sB2BKxLt30s= Subject key identifier: B4:11:1A:BB:DA:9A:1D:6C:AE:90:75:93:D3:92:47:43:CC:6F:EB:25 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 201C Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/tBEau9qaHWyukHWT05JHQ8xv6yU.roa Signing time: Fri 17 Jan 2025 01:24:06 +0000 ROA not before: Fri 17 Jan 2025 01:24:06 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139648 IP address blocks: 103.244.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8220 (0x201c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:06 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B4111ABBDA9A1D6CAE907593D3924743CC6FEB25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a5:34:ef:02:d6:8c:08:06:4a:03:bb:62:d7: 58:37:f8:01:f6:3b:04:c6:07:71:e2:74:49:d0:bb: c5:4e:03:20:06:dd:39:43:26:b5:23:c4:11:64:0e: ed:3d:0b:ca:24:eb:db:00:a3:63:0e:5a:78:62:44: 58:35:d2:89:cd:5c:62:29:e3:d5:09:4f:d3:0f:0b: 3c:02:a2:76:d6:0a:02:1d:7b:c0:33:96:59:39:5e: fa:66:b1:23:aa:a3:08:ba:d1:c6:af:cd:17:e6:29: 32:10:18:40:1a:a1:0f:5a:f6:27:34:83:2b:d3:35: a7:d1:8e:7b:47:41:f9:eb:62:f7:fa:32:44:ad:ca: 5d:fa:37:94:2c:38:20:ce:b1:ce:7b:01:33:87:62: 39:da:2f:79:a0:bb:6c:a2:2c:c2:8c:1b:46:7e:bc: 29:7d:c8:6e:d5:2a:9e:e0:e3:10:4c:eb:0a:c6:a8: 7a:de:21:0c:85:2c:a1:3c:fa:56:66:1e:6b:79:0c: 22:2f:7e:cb:86:52:99:a7:15:1e:0b:db:1d:ea:de: d5:12:12:15:3d:be:4c:a2:60:23:f9:97:3c:05:28: 5c:31:fc:c1:e8:d0:da:24:93:9e:b1:24:5b:ac:91: 71:b1:85:f7:e1:7d:e3:83:cc:be:f6:bd:70:84:90: 7e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:11:1A:BB:DA:9A:1D:6C:AE:90:75:93:D3:92:47:43:CC:6F:EB:25 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/tBEau9qaHWyukHWT05JHQ8xv6yU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.119.0/24 Signature Algorithm: sha256WithRSAEncryption da:f8:0e:8f:73:16:f1:c9:bd:90:a8:56:b2:f4:5f:82:a9:7c: 92:d1:2c:8b:78:7c:c0:24:34:83:b0:b9:23:9b:08:9e:94:f1: 87:05:66:56:f1:d0:e1:90:e3:6b:c2:40:9e:35:81:85:35:7f: be:77:9a:a9:51:0c:ab:6c:5a:64:81:42:a5:cc:82:ab:64:fa: ca:3d:6c:e6:46:f8:4b:06:c4:61:69:0f:ae:d8:55:cd:4b:02: 23:21:ba:91:b7:05:fa:2e:22:29:23:b9:9e:91:ad:e7:8a:d3: 64:32:d0:9d:09:0d:8e:8e:e1:2b:a6:3e:9c:33:7e:e2:cc:d7: f6:d1:37:cc:6e:9f:82:58:e2:07:fc:1c:50:13:b2:9a:5f:0e: 70:69:50:c0:a5:cc:ee:fa:f3:bb:63:b9:83:e1:a5:fa:40:c5: 72:5d:cb:39:93:d6:f7:3f:c4:3f:81:bf:97:c0:b6:21:aa:0f: e5:a5:01:b2:f0:10:6d:c1:b4:52:31:84:9a:b9:66:dc:40:d1: 64:a0:40:d7:2b:f0:d2:86:1f:03:ee:43:6a:7f:e4:2d:b7:6d: b4:0b:5b:e3:23:d8:68:4e:52:6e:af:4d:44:ee:f7:de:e5:4c: 10:c8:c6:6e:b8:64:c4:d0:e3:4f:1c:6f:0b:52:48:36:d9:a6: 59:69:97:3b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICIBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI0MTExQUJCREE5QTFE NkNBRTkwNzU5M0QzOTI0NzQzQ0M2RkVCMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCupTTvAtaMCAZKA7ti11g3+AH2OwTGB3HidEnQu8VOAyAG3TlD JrUjxBFkDu09C8ok69sAo2MOWnhiRFg10onNXGIp49UJT9MPCzwConbWCgIde8Az llk5XvpmsSOqowi60cavzRfmKTIQGEAaoQ9a9ic0gyvTNafRjntHQfnrYvf6MkSt yl36N5QsOCDOsc57ATOHYjnaL3mgu2yiLMKMG0Z+vCl9yG7VKp7g4xBM6wrGqHre IQyFLKE8+lZmHmt5DCIvfsuGUpmnFR4L2x3q3tUSEhU9vkyiYCP5lzwFKFwx/MHo 0Nokk56xJFuskXGxhffhfeODzL72vXCEkH4VAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUtBEau9qaHWyukHWT05JHQ8xv6yUwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvdEJFYXU5cWFIV3l1 a0hXVDA1SkhROHh2NnlVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGf0dzANBgkqhkiG9w0BAQsFAAOCAQEA2vgOj3MW8cm9kKhWsvRfgql8ktEs i3h8wCQ0g7C5I5sInpTxhwVmVvHQ4ZDja8JAnjWBhTV/vneaqVEMq2xaZIFCpcyC q2T6yj1s5kb4SwbEYWkPrthVzUsCIyG6kbcF+i4iKSO5npGt54rTZDLQnQkNjo7h K6Y+nDN+4szX9tE3zG6fgljiB/wcUBOyml8OcGlQwKXM7vrzu2O5g+Gl+kDFcl3L OZPW9z/EP4G/l8C2IaoP5aUBsvAQbcG0UjGEmrlm3EDRZKBA1yvw0oYfA+5Dan/k LbdttAtb4yPYaE5Sbq9NRO733uVMEMjGbrhkxNDjTxxvC1JINtmmWWmXOw== -----END CERTIFICATE-----Generated at Fri Apr 4 22:02:22 2025 by rpki-client