$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/i9Wb0lXHusy29QdbWjgWITeMGUs.roa File: i9Wb0lXHusy29QdbWjgWITeMGUs.roa (raw, json) Hash identifier: hVOE6xAI+JBYye91BoZfX5ItXD5PbDPtawX4vwL7d6k= Subject key identifier: 8B:D5:9B:D2:55:C7:BA:CC:B6:F5:07:5B:5A:38:16:21:37:8C:19:4B Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 21E1 Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/i9Wb0lXHusy29QdbWjgWITeMGUs.roa Signing time: Fri 17 Jan 2025 01:28:46 +0000 ROA not before: Fri 17 Jan 2025 01:28:46 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4538 IP address blocks: 2406:3340::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:09:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8673 (0x21e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Jan 17 01:28:46 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8BD59BD255C7BACCB6F5075B5A381621378C194B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:fa:1c:b5:99:60:e9:0b:42:91:70:38:06:40: 60:2e:b2:00:08:1a:9c:1d:8e:e9:d8:65:18:00:10: 20:ab:de:99:0f:0e:c3:46:00:9a:5b:ef:3e:8d:51: 79:96:e3:d2:13:ef:2a:23:17:b9:1d:24:15:b1:b5: fd:61:bc:58:75:f9:04:54:f9:9a:62:d4:7c:62:09: 04:e4:62:2b:21:f4:31:ed:0b:19:af:3d:1f:c6:af: 21:fa:f3:bd:06:f3:73:65:d6:5b:35:f7:98:68:2d: fc:ff:99:d4:fa:ea:ca:92:88:99:0c:27:62:5b:09: 24:0a:59:56:3b:2b:45:71:09:c7:cb:28:d3:8c:49: 43:0c:c2:96:2e:79:0f:6c:39:62:77:d5:4b:a4:ae: 10:ba:2b:b5:04:f8:62:d4:4a:79:9e:39:54:a2:85: 80:f2:3a:1c:b9:e9:29:4d:b3:73:dd:e9:34:b5:63: ba:9b:d7:a8:df:68:be:0c:ad:8b:43:82:28:6a:b5: 07:13:b2:8d:3e:bb:97:3c:89:2e:d1:e9:48:55:86: e6:f5:02:6e:57:34:62:32:f7:b7:60:63:f3:25:55: b9:38:68:49:58:d1:cc:ad:da:f4:59:02:01:20:99: ce:7d:5b:0c:95:35:51:a8:71:43:34:74:b1:52:1c: 30:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:D5:9B:D2:55:C7:BA:CC:B6:F5:07:5B:5A:38:16:21:37:8C:19:4B X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/i9Wb0lXHusy29QdbWjgWITeMGUs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:3340::/32 Signature Algorithm: sha256WithRSAEncryption 29:9f:1d:61:09:d4:85:6f:41:39:ef:3a:d4:51:b9:93:63:9d: 34:82:d9:f3:8b:02:97:51:00:c2:62:d9:c2:89:69:58:b0:38: 73:26:a0:68:16:64:a4:7e:6f:73:46:eb:7c:9a:f8:2d:1c:66: 15:30:dd:5e:8a:08:3b:f2:3f:cb:37:f4:da:88:bd:f4:fe:98: 2d:3b:1b:b5:0c:eb:be:83:44:60:d0:36:13:7a:8c:f4:78:14: 7e:c6:d3:cf:29:91:da:ba:c5:2f:de:b3:dd:40:89:a6:04:0f: 6a:0c:4f:f1:4d:af:31:29:7a:54:ff:85:61:8a:5e:92:ac:9b: 14:2b:3e:d0:68:b3:c9:a7:83:16:e2:3b:7b:70:0c:c4:ee:e7: f7:db:5d:83:f3:d6:4e:31:88:4f:d8:d8:af:ce:72:d4:65:0d: bb:59:89:11:c7:c6:35:82:7f:19:72:45:b0:0f:d3:66:64:35: 87:2f:31:82:97:5b:12:77:ec:d4:a1:02:f0:c2:19:8d:0b:5b: 7b:53:1e:a0:de:b2:78:a8:75:5f:c6:b5:69:03:15:ce:bd:b8: db:be:3f:08:40:26:69:24:35:1c:8c:09:f2:84:c5:90:88:05: 2f:da:d2:f1:e7:d4:94:ce:07:0e:dc:a4:fe:22:2b:a7:6a:4e: 55:a0:5d:c3 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICIeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNTAxMTcw MTI4NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhCRDU5QkQyNTVDN0JB Q0NCNkY1MDc1QjVBMzgxNjIxMzc4QzE5NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1+hy1mWDpC0KRcDgGQGAusgAIGpwdjunYZRgAECCr3pkPDsNG AJpb7z6NUXmW49IT7yojF7kdJBWxtf1hvFh1+QRU+Zpi1HxiCQTkYish9DHtCxmv PR/GryH6870G83Nl1ls195hoLfz/mdT66sqSiJkMJ2JbCSQKWVY7K0VxCcfLKNOM SUMMwpYueQ9sOWJ31UukrhC6K7UE+GLUSnmeOVSihYDyOhy56SlNs3Pd6TS1Y7qb 16jfaL4MrYtDgihqtQcTso0+u5c8iS7R6UhVhub1Am5XNGIy97dgY/MlVbk4aElY 0cyt2vRZAgEgmc59WwyVNVGocUM0dLFSHDCBAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUi9Wb0lXHusy29QdbWjgWITeMGUswHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvaTlXYjBsWEh1c3ky OVFkYldqZ1dJVGVNR1VzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQGM0AwDQYJKoZIhvcNAQELBQADggEBACmfHWEJ1IVvQTnvOtRRuZNjnTSC 2fOLApdRAMJi2cKJaViwOHMmoGgWZKR+b3NG63ya+C0cZhUw3V6KCDvyP8s39NqI vfT+mC07G7UM676DRGDQNhN6jPR4FH7G088pkdq6xS/es91AiaYED2oMT/FNrzEp elT/hWGKXpKsmxQrPtBos8mngxbiO3twDMTu5/fbXYPz1k4xiE/Y2K/OctRlDbtZ iRHHxjWCfxlyRbAP02ZkNYcvMYKXWxJ37NShAvDCGY0LW3tTHqDesniodV/GtWkD Fc69uNu+PwhAJmkkNRyMCfKExZCIBS/a0vHn1JTOBw7cpP4iK6dqTlWgXcM= -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:21 2025 by rpki-client