$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/Gieh01bXl_-1PkEYWbPrXge8vpA.roa File: Gieh01bXl_-1PkEYWbPrXge8vpA.roa (raw, json) Hash identifier: I7ms8m7evrFvbqUB8P5OPEgJrLXtDXYQkoljMJ0V4oE= Subject key identifier: 1A:27:A1:D3:56:D7:97:FF:B5:3E:41:18:59:B3:EB:5E:07:BC:BE:90 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 10B4 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Gieh01bXl_-1PkEYWbPrXge8vpA.roa Signing time: Fri 17 Jan 2025 01:28:55 +0000 ROA not before: Fri 17 Jan 2025 01:28:55 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 124.71.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4276 (0x10b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jan 17 01:28:55 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1A27A1D356D797FFB53E411859B3EB5E07BCBE90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:cc:98:bd:3b:d0:63:99:83:bf:1c:39:0e:9a: e0:1f:53:42:9b:39:4d:60:56:2f:58:f9:2c:5e:f6: 1f:1c:c9:d1:45:58:48:85:1b:a0:50:55:85:83:05: 28:ef:68:de:58:41:73:75:62:ad:e9:49:3a:79:57: 5a:59:2d:4b:50:a9:2b:ff:32:60:16:27:16:0f:19: b7:d8:1a:90:41:5c:75:60:d4:25:e3:f7:cb:32:9b: 53:41:17:d3:bf:31:21:38:8d:29:17:23:6a:f7:27: 3a:14:18:a3:64:1a:34:e4:0e:9d:85:b1:05:ef:5b: 75:30:d8:84:b5:42:d1:e4:fd:87:bd:83:71:94:e5: 74:87:20:db:4d:0e:a8:99:5a:cd:41:34:14:47:3b: 5d:06:48:59:99:fd:3f:dc:20:12:7c:3c:f8:dd:f3: 41:ba:0c:d2:bd:fd:07:45:96:8c:de:ab:f0:0e:f0: 21:6c:ee:84:a1:77:f7:5a:3e:56:df:e8:9c:26:0a: 7a:29:7d:b6:5a:33:cd:4d:67:e2:e8:d0:86:8a:82: 8d:17:68:5a:47:5a:a4:77:2b:00:d0:99:b2:cb:f9: 3a:7f:df:c9:fa:03:6b:48:5e:ba:3e:88:b3:11:ae: e5:60:6b:af:11:b2:da:4c:6c:bc:04:3f:07:57:3c: 3b:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:27:A1:D3:56:D7:97:FF:B5:3E:41:18:59:B3:EB:5E:07:BC:BE:90 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Gieh01bXl_-1PkEYWbPrXge8vpA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.71.251.0/24 Signature Algorithm: sha256WithRSAEncryption 84:c0:99:e2:07:6a:65:0b:47:ff:ec:c1:2f:8f:f3:17:22:00: 62:1a:01:b7:3f:3b:40:a8:22:00:fc:b9:47:f3:17:98:98:7d: f5:7a:54:06:67:d0:2b:d5:46:09:5e:7f:f1:be:bb:1b:b8:61: ec:44:61:e5:1f:4e:d2:da:3d:60:3a:d0:eb:1e:6f:a3:27:af: 2d:ed:22:9f:4a:7e:9e:73:96:4e:34:e3:47:9a:b2:3f:51:a0: df:e1:c7:87:4d:50:75:ff:9e:e8:d5:86:96:cf:69:c9:c4:18: a0:66:9f:7c:92:b9:d5:0f:8a:6a:14:53:da:46:a9:c3:f7:62: 4a:5b:50:ab:3f:ba:ee:85:be:4e:62:7e:8a:20:c1:7e:0d:eb: 71:86:dc:1e:ec:a6:de:2f:51:7e:04:ec:d9:63:0f:28:d1:45: de:15:82:d2:74:89:9c:ab:25:20:c9:71:50:af:30:fb:c6:a5: 87:4f:e6:08:08:d1:fa:18:82:21:e6:63:f2:4e:b4:42:2f:4e: 58:94:da:da:23:a2:79:22:a2:3f:ff:78:fb:fa:ed:79:90:b2: df:0d:60:85:7d:de:c5:61:b0:08:4a:df:1e:83:02:15:4f:8e: e4:26:64:1c:12:f6:0e:78:eb:ba:01:d4:24:f0:f8:1b:b7:61: 02:da:c3:2a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICELQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAxMTcw MTI4NTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFBMjdBMUQzNTZENzk3 RkZCNTNFNDExODU5QjNFQjVFMDdCQ0JFOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrzJi9O9BjmYO/HDkOmuAfU0KbOU1gVi9Y+Sxe9h8cydFFWEiF G6BQVYWDBSjvaN5YQXN1Yq3pSTp5V1pZLUtQqSv/MmAWJxYPGbfYGpBBXHVg1CXj 98sym1NBF9O/MSE4jSkXI2r3JzoUGKNkGjTkDp2FsQXvW3Uw2IS1QtHk/Ye9g3GU 5XSHINtNDqiZWs1BNBRHO10GSFmZ/T/cIBJ8PPjd80G6DNK9/QdFlozeq/AO8CFs 7oShd/daPlbf6JwmCnopfbZaM81NZ+Lo0IaKgo0XaFpHWqR3KwDQmbLL+Tp/38n6 A2tIXro+iLMRruVga68RstpMbLwEPwdXPDtDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUGieh01bXl/+1PkEYWbPrXge8vpAwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvR2llaDAxYlhsXy0x UGtFWVdiUHJYZ2U4dnBBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHxH+zANBgkqhkiG9w0BAQsFAAOCAQEAhMCZ4gdqZQtH/+zBL4/zFyIAYhoB tz87QKgiAPy5R/MXmJh99XpUBmfQK9VGCV5/8b67G7hh7ERh5R9O0to9YDrQ6x5v oyevLe0in0p+nnOWTjTjR5qyP1Gg3+HHh01Qdf+e6NWGls9pycQYoGaffJK51Q+K ahRT2kapw/diSltQqz+67oW+TmJ+iiDBfg3rcYbcHuym3i9RfgTs2WMPKNFF3hWC 0nSJnKslIMlxUK8w+8alh0/mCAjR+hiCIeZj8k60Qi9OWJTa2iOieSKiP/94+/rt eZCy3w1ghX3exWGwCErfHoMCFU+O5CZkHBL2DnjrugHUJPD4G7dhAtrDKg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:46:14 2025 by rpki-client