$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/tihOEV-WyZh2J6zruajXK8SgAPU.roa File: tihOEV-WyZh2J6zruajXK8SgAPU.roa (raw, json) Hash identifier: AUMG4eEdxdoP6cesREJuZwDefP4CdbQDPkHCN/F8erw= Subject key identifier: B6:28:4E:11:5F:96:C9:98:76:27:AC:EB:B9:A8:D7:2B:C4:A0:00:F5 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 202B Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/tihOEV-WyZh2J6zruajXK8SgAPU.roa Signing time: Fri 17 Jan 2025 01:24:11 +0000 ROA not before: Fri 17 Jan 2025 01:24:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 212237 IP address blocks: 2403:6380:32::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:09:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8235 (0x202b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jan 17 01:24:11 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B6284E115F96C9987627ACEBB9A8D72BC4A000F5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:12:81:84:62:f5:e0:3b:3a:92:71:1f:55:24: 52:4e:53:95:99:22:36:b0:c3:95:40:d2:6c:dd:6e: f3:fb:70:fc:04:ab:3b:59:97:3d:2b:f6:07:bc:d7: 52:12:ef:fa:1f:17:93:b3:14:ec:08:cf:95:f0:49: d2:b9:46:0d:71:40:07:48:cb:5a:4d:51:42:e0:c8: c7:3b:b1:79:91:b7:17:61:9e:5a:ce:7a:ac:77:6e: ac:61:de:68:e0:b5:0c:d1:c1:84:2e:0c:47:37:f4: 2d:3f:8a:98:33:0f:a8:9c:70:7b:a5:08:e9:ee:5e: 0e:dd:c9:63:28:40:c4:6d:42:d0:d1:54:f6:fb:20: 66:c2:e8:6f:ff:a8:77:2d:67:64:aa:b1:25:04:0a: 88:34:b4:ff:4a:a6:cd:d3:9e:d0:1b:7b:af:cf:3f: fb:5d:75:0b:7b:0b:75:6d:64:50:22:cd:0a:7a:6a: a4:85:f7:86:01:28:bd:a6:08:b4:c6:47:54:cc:52: ef:10:a4:5d:50:ed:fb:8d:90:13:00:ef:43:d9:35: 83:c1:3d:bb:25:e3:97:09:9d:06:41:1b:3b:71:88: a1:68:4e:c1:e1:3b:3a:62:90:31:3c:64:28:61:b9: 83:82:15:f4:e4:d4:ae:47:d7:1a:b6:af:be:22:68: 3a:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:28:4E:11:5F:96:C9:98:76:27:AC:EB:B9:A8:D7:2B:C4:A0:00:F5 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/tihOEV-WyZh2J6zruajXK8SgAPU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2403:6380:32::/48 Signature Algorithm: sha256WithRSAEncryption b1:68:ad:6c:96:3f:91:bf:92:25:fe:95:89:7c:3c:80:ca:2d: 7a:6b:76:bf:5b:37:37:18:c2:c4:61:c4:b4:8c:cc:ed:06:5f: 26:5b:77:6c:12:4a:04:b2:75:bc:e3:87:df:56:18:55:c2:a2: 97:b1:ed:60:53:e0:7a:bc:59:5e:ac:35:cc:57:3c:3e:71:9f: ef:fb:dc:a3:e9:17:85:70:0b:05:35:ef:26:1f:ec:47:76:b3: da:2d:51:41:e4:5f:ed:25:1e:a2:3f:dc:25:cb:97:2c:e4:e1: 9e:6c:76:ea:19:8c:e0:2b:89:d9:84:e3:4d:aa:8c:16:32:4c: 8b:5d:43:dc:4d:db:31:01:34:b1:1d:1e:0f:e2:0c:44:40:ea: b2:0e:4e:8d:3b:84:c8:3a:19:7c:f7:90:4b:43:2e:d5:4e:ca: fa:62:f5:bb:f0:0d:44:23:70:49:ec:bd:e7:26:66:e3:47:d3: 93:a7:d2:6a:fc:e9:c2:f8:ab:29:c0:6a:5a:4c:93:e7:e4:6a: 38:a2:b3:64:9b:73:72:1e:c2:62:3b:db:06:af:1c:87:bc:1b: 3b:d0:79:91:73:7d:a3:d3:f5:ba:e2:48:b3:4a:d3:a2:05:ef: 45:53:7b:c2:ee:50:eb:48:d5:67:93:79:3e:b0:aa:69:5e:e5: 51:94:b2:b6 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICICswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTAxMTcw MTI0MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI2Mjg0RTExNUY5NkM5 OTg3NjI3QUNFQkI5QThENzJCQzRBMDAwRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgEoGEYvXgOzqScR9VJFJOU5WZIjaww5VA0mzdbvP7cPwEqztZ lz0r9ge811IS7/ofF5OzFOwIz5XwSdK5Rg1xQAdIy1pNUULgyMc7sXmRtxdhnlrO eqx3bqxh3mjgtQzRwYQuDEc39C0/ipgzD6iccHulCOnuXg7dyWMoQMRtQtDRVPb7 IGbC6G//qHctZ2SqsSUECog0tP9Kps3TntAbe6/PP/tddQt7C3VtZFAizQp6aqSF 94YBKL2mCLTGR1TMUu8QpF1Q7fuNkBMA70PZNYPBPbsl45cJnQZBGztxiKFoTsHh OzpikDE8ZChhuYOCFfTk1K5H1xq2r74iaDrVAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUtihOEV+WyZh2J6zruajXK8SgAPUwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvdGloT0VWLVd5Wmgy SjZ6cnVhalhLOFNnQVBVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQDY4AAMjANBgkqhkiG9w0BAQsFAAOCAQEAsWitbJY/kb+SJf6ViXw8gMot emt2v1s3NxjCxGHEtIzM7QZfJlt3bBJKBLJ1vOOH31YYVcKil7HtYFPgerxZXqw1 zFc8PnGf7/vco+kXhXALBTXvJh/sR3az2i1RQeRf7SUeoj/cJcuXLOThnmx26hmM 4CuJ2YTjTaqMFjJMi11D3E3bMQE0sR0eD+IMREDqsg5OjTuEyDoZfPeQS0Mu1U7K +mL1u/ANRCNwSey95yZm40fTk6fSavzpwvirKcBqWkyT5+RqOKKzZJtzch7CYjvb Bq8ch7wbO9B5kXN9o9P1uuJIs0rTogXvRVN7wu5Q60jVZ5N5PrCqaV7lUZSytg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:46 2025 by rpki-client