$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/6w279q4rcAGf-bid_yDmtcqbD7o.roa File: 6w279q4rcAGf-bid_yDmtcqbD7o.roa (raw, json) Hash identifier: 0t1z/IFzijO3zbQBx0ep9v3B2JiWGG1GMMQcGRJgQg0= Subject key identifier: EB:0D:BB:F6:AE:2B:70:01:9F:F9:B8:9D:FF:20:E6:B5:CA:9B:0F:BA Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 10A6 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/6w279q4rcAGf-bid_yDmtcqbD7o.roa Signing time: Thu 16 Jan 2025 07:46:49 +0000 ROA not before: Thu 16 Jan 2025 07:46:49 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 136907 IP address blocks: 124.71.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4262 (0x10a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jan 16 07:46:49 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=EB0DBBF6AE2B70019FF9B89DFF20E6B5CA9B0FBA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:1b:7c:76:77:05:db:5b:ec:fd:70:cc:9b:2c: 00:64:1b:64:51:ae:49:33:3c:7f:10:64:c5:4d:46: 76:c4:e6:73:eb:c3:fb:16:3a:bd:89:fe:1b:47:f1: b2:45:83:35:ce:a5:15:e7:d0:ff:38:ba:16:22:0b: 59:f8:d7:c3:e5:be:13:a2:78:9a:b6:c1:16:e6:06: 7c:3e:30:e5:50:ac:00:7e:84:9d:56:15:c6:08:e7: aa:6a:12:56:2c:cd:ff:e3:e9:d0:78:58:25:80:45: 1a:37:10:4f:e8:79:07:5b:81:59:4d:cd:39:6d:90: a8:ce:9e:bb:d4:b9:6a:fa:51:72:22:8e:1c:e7:f1: 5e:4b:a6:89:06:42:a1:0c:96:09:ed:40:c7:6a:f7: e2:79:7b:93:63:5b:ae:57:b9:ce:34:2d:98:6b:47: 2c:96:c5:18:f4:eb:1a:91:37:05:78:50:b4:04:3b: 53:30:98:8c:bd:7e:f5:94:38:0e:cc:71:7a:27:a9: 96:1b:76:56:93:be:41:70:fa:88:43:35:cc:f9:39: f2:dd:5a:b4:22:d2:0e:08:35:76:9e:3e:74:ed:72: 4f:3a:c7:b0:bd:2a:df:2f:16:23:d6:c6:31:8b:4d: 97:2b:5b:35:10:f9:fc:8d:1d:4f:93:20:ff:7a:f8: 61:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:0D:BB:F6:AE:2B:70:01:9F:F9:B8:9D:FF:20:E6:B5:CA:9B:0F:BA X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/6w279q4rcAGf-bid_yDmtcqbD7o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.71.253.0/24 Signature Algorithm: sha256WithRSAEncryption 32:d0:c7:ec:19:57:e7:6c:51:0c:b5:5d:19:7b:c7:3c:94:fa: 48:af:7d:ac:37:fd:bd:44:55:86:97:6e:42:95:6c:34:7f:d2: 61:3f:b5:e2:cd:ef:51:bc:5f:38:b0:b2:16:8f:55:aa:3e:7f: 23:5f:6e:49:21:ea:e0:24:34:7c:f8:f3:62:ae:4a:46:09:b1: f6:e6:7e:5f:82:fb:73:45:f0:de:02:c7:34:a6:a9:ac:b8:cf: 3f:42:92:48:e6:b0:b6:96:12:fa:3a:b7:b7:fa:30:2a:e4:b2: b6:f7:4f:4b:2d:81:95:b9:c3:cc:b9:24:eb:61:a5:11:38:5e: 11:c1:63:fa:99:56:77:53:08:52:90:84:26:be:ce:33:1c:97: fa:14:30:25:ca:85:fa:5d:fe:8a:68:b8:d8:99:44:79:f2:a2: 86:a0:e2:29:e6:88:58:2b:8d:db:7d:4f:f1:45:1f:e8:24:80: 86:49:0e:a8:14:31:e4:07:d5:bb:65:bb:5b:72:11:7c:26:39: d9:a2:f0:40:75:cf:55:02:2a:91:2f:85:80:f7:eb:23:af:c9: f2:ed:8a:d1:f4:04:6a:0b:41:1b:b1:64:a1:a7:6b:7c:69:10: ab:73:d5:c0:6a:92:ab:e5:fa:7b:1f:78:f9:a9:fc:75:c4:62: 3e:63:e2:d1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAxMTYw NzQ2NDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVCMERCQkY2QUUyQjcw MDE5RkY5Qjg5REZGMjBFNkI1Q0E5QjBGQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC5G3x2dwXbW+z9cMybLABkG2RRrkkzPH8QZMVNRnbE5nPrw/sW Or2J/htH8bJFgzXOpRXn0P84uhYiC1n418PlvhOieJq2wRbmBnw+MOVQrAB+hJ1W FcYI56pqElYszf/j6dB4WCWARRo3EE/oeQdbgVlNzTltkKjOnrvUuWr6UXIijhzn 8V5LpokGQqEMlgntQMdq9+J5e5NjW65Xuc40LZhrRyyWxRj06xqRNwV4ULQEO1Mw mIy9fvWUOA7McXonqZYbdlaTvkFw+ohDNcz5OfLdWrQi0g4INXaePnTtck86x7C9 Kt8vFiPWxjGLTZcrWzUQ+fyNHU+TIP96+GEfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU6w279q4rcAGf+bid/yDmtcqbD7owHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvNncyNzlxNHJjQUdm LWJpZF95RG10Y3FiRDdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHxH/TANBgkqhkiG9w0BAQsFAAOCAQEAMtDH7BlX52xRDLVdGXvHPJT6SK99 rDf9vURVhpduQpVsNH/SYT+14s3vUbxfOLCyFo9Vqj5/I19uSSHq4CQ0fPjzYq5K Rgmx9uZ+X4L7c0Xw3gLHNKaprLjPP0KSSOawtpYS+jq3t/owKuSytvdPSy2BlbnD zLkk62GlETheEcFj+plWd1MIUpCEJr7OMxyX+hQwJcqF+l3+imi42JlEefKihqDi KeaIWCuN231P8UUf6CSAhkkOqBQx5AfVu2W7W3IRfCY52aLwQHXPVQIqkS+FgPfr I6/J8u2K0fQEagtBG7FkoadrfGkQq3PVwGqSq+X6ex94+an8dcRiPmPi0Q== -----END CERTIFICATE-----Generated at Fri Apr 4 18:42:00 2025 by rpki-client