$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/SYjAfi0lWO4VUcWEZyu6ay2aivE.roa File: SYjAfi0lWO4VUcWEZyu6ay2aivE.roa (raw, json) Hash identifier: WpsblR9kVPNn114J/aQtNqA0/vOqQOXaPI95AzMP4h8= Subject key identifier: 49:88:C0:7E:2D:25:58:EE:15:51:C5:84:67:2B:BA:6B:2D:9A:8A:F1 Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Certificate serial: 1060 Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/SYjAfi0lWO4VUcWEZyu6ay2aivE.roa Signing time: Fri 17 Jan 2025 01:28:56 +0000 ROA not before: Fri 17 Jan 2025 01:28:56 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 139.9.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4192 (0x1060) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Validity Not Before: Jan 17 01:28:56 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4988C07E2D2558EE1551C584672BBA6B2D9A8AF1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:7e:27:51:e6:6b:d0:36:0d:4c:9c:08:33:71: 7a:e7:71:8b:cc:bc:a9:68:40:16:cd:a2:f4:ac:09: ed:ed:41:70:0d:d1:0d:41:4f:fc:28:f4:f7:7c:c6: 30:85:0e:c6:21:7e:87:17:30:80:70:83:d7:b2:ab: f6:4e:3a:df:d8:49:7f:11:89:34:1b:5d:bd:cc:3b: 8c:70:d7:85:fa:7e:f5:43:b6:72:47:ef:7e:89:43: 27:af:e4:4c:4c:e3:27:bb:07:3b:de:00:a1:16:40: 68:b0:16:60:08:02:53:f5:1c:0d:61:72:2f:41:f0: d2:aa:bc:9b:80:a8:da:34:99:b7:1e:38:92:29:72: 8d:8b:3e:05:34:6f:c4:c2:a6:06:9c:18:2d:b4:09: 5a:84:aa:fe:df:d2:01:c7:32:3f:14:50:36:c0:28: 63:1f:85:72:66:15:5e:ea:2a:fa:b1:b9:8c:96:e6: 1d:17:38:67:d2:eb:b2:b8:81:66:63:3a:d0:19:32: ff:7d:e1:fc:99:2a:5f:55:c6:64:64:a2:33:99:cd: 6a:0d:64:be:a0:46:b8:19:57:dd:d4:bc:18:18:a3: c5:5a:a3:19:0d:48:2f:6d:d4:d4:55:0a:01:4a:38: e3:bd:e7:b2:5a:a8:67:34:92:91:66:05:98:60:e3: 3d:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:88:C0:7E:2D:25:58:EE:15:51:C5:84:67:2B:BA:6B:2D:9A:8A:F1 X509v3 Authority Key Identifier: keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/SYjAfi0lWO4VUcWEZyu6ay2aivE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.99.0/24 Signature Algorithm: sha256WithRSAEncryption 32:d9:28:0e:bf:05:15:27:8a:27:1c:d5:a1:77:ae:3d:f8:78: 45:74:3c:b2:01:fc:d8:55:0c:c1:b9:89:69:17:a6:73:f4:3f: 79:56:4f:b7:ed:0b:ff:bb:83:25:16:36:67:36:55:5b:d8:d7: c7:da:51:b8:d5:9e:24:a1:c9:ea:48:f4:59:e0:5c:ec:88:2d: 11:45:cd:07:47:df:15:da:85:06:12:9b:f1:58:f0:a8:7f:35: 5e:6d:55:fe:51:28:56:16:8a:bd:f2:37:86:12:ba:a5:51:7c: 42:df:9f:c9:04:f5:61:15:99:2f:be:f8:87:4c:ad:43:87:a6: e8:07:12:39:09:c7:c9:83:1d:c2:dc:a0:94:2e:8b:f3:43:57: cf:40:e5:21:da:10:f3:c6:dc:59:59:63:b1:47:f5:62:43:7f: db:79:19:1f:a1:1a:37:d4:e1:3b:39:7c:6d:02:66:0a:f0:51: 59:e2:3d:b3:ae:6b:04:ac:0d:06:40:46:f4:e1:a7:1a:38:2a: 42:fb:52:cf:89:f8:17:8f:7e:8c:9e:e4:93:5d:7d:88:ab:ad: 39:75:08:b8:ed:5b:3e:4f:5f:b3:4a:dc:8e:6f:20:b4:c4:eb: 8b:e5:d8:e6:23:a7:58:18:8a:c7:f5:b1:6b:06:b2:48:53:d9: 94:32:4f:d4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNTAxMTcw MTI4NTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ5ODhDMDdFMkQyNTU4 RUUxNTUxQzU4NDY3MkJCQTZCMkQ5QThBRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxfidR5mvQNg1MnAgzcXrncYvMvKloQBbNovSsCe3tQXAN0Q1B T/wo9Pd8xjCFDsYhfocXMIBwg9eyq/ZOOt/YSX8RiTQbXb3MO4xw14X6fvVDtnJH 736JQyev5ExM4ye7BzveAKEWQGiwFmAIAlP1HA1hci9B8NKqvJuAqNo0mbceOJIp co2LPgU0b8TCpgacGC20CVqEqv7f0gHHMj8UUDbAKGMfhXJmFV7qKvqxuYyW5h0X OGfS67K4gWZjOtAZMv994fyZKl9VxmRkojOZzWoNZL6gRrgZV93UvBgYo8VaoxkN SC9t1NRVCgFKOOO957JaqGc0kpFmBZhg4z25AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUSYjAfi0lWO4VUcWEZyu6ay2aivEwHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S 3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvU1lqQWZpMGxXTzRW VWNXRVp5dTZheTJhaXZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAIsJYzANBgkqhkiG9w0BAQsFAAOCAQEAMtkoDr8FFSeKJxzVoXeuPfh4RXQ8 sgH82FUMwbmJaRemc/Q/eVZPt+0L/7uDJRY2ZzZVW9jXx9pRuNWeJKHJ6kj0WeBc 7IgtEUXNB0ffFdqFBhKb8VjwqH81Xm1V/lEoVhaKvfI3hhK6pVF8Qt+fyQT1YRWZ L774h0ytQ4em6AcSOQnHyYMdwtyglC6L80NXz0DlIdoQ88bcWVljsUf1YkN/23kZ H6EaN9ThOzl8bQJmCvBRWeI9s65rBKwNBkBG9OGnGjgqQvtSz4n4F49+jJ7kk119 iKutOXUIuO1bPk9fs0rcjm8gtMTri+XY5iOnWBiKx/WxawaySFPZlDJP1A== -----END CERTIFICATE-----Generated at Fri Apr 4 18:44:17 2025 by rpki-client