$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/jqh7iPYuviQAsk6qxWTWmX3DzBE.roa File: jqh7iPYuviQAsk6qxWTWmX3DzBE.roa (raw, json) Hash identifier: Mqqelj3h4WU4P2bqhY3LYBTq79KFrCRne6chZYEak04= Subject key identifier: 8E:A8:7B:88:F6:2E:BE:24:00:B2:4E:AA:C5:64:D6:99:7D:C3:CC:11 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 10B5 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/jqh7iPYuviQAsk6qxWTWmX3DzBE.roa Signing time: Fri 17 Jan 2025 01:28:56 +0000 ROA not before: Fri 17 Jan 2025 01:28:56 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 136907 IP address blocks: 110.41.210.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4277 (0x10b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jan 17 01:28:56 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8EA87B88F62EBE2400B24EAAC564D6997DC3CC11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:2a:9f:5a:06:0e:4b:20:4c:20:6d:9d:37:0b: b2:b7:d6:d9:cc:2f:4d:b9:5d:18:1d:28:e8:69:ae: e5:d1:62:63:26:17:ad:13:5e:69:2a:26:4a:57:f2: 6f:c3:c1:ce:41:c9:a2:d0:85:35:5e:c7:e0:15:4d: 57:95:6f:ef:cc:74:76:83:ec:f3:6b:f9:46:4a:fe: fd:d2:64:c5:cf:a7:59:18:2f:05:37:d7:81:9b:f3: 87:01:91:9b:3a:4a:bb:d8:be:67:63:81:c7:1d:84: d7:b6:7f:af:69:0d:cc:d9:74:17:9a:6d:ec:b5:fb: 0f:0b:d8:6a:02:11:db:c3:fe:80:8f:bd:e4:94:8c: 6b:05:a8:e9:fa:c4:7b:24:82:4f:33:e0:a8:c8:3a: d1:df:8d:f4:0e:59:a0:66:26:17:8b:65:2c:36:64: e8:d5:c0:90:8d:91:b4:95:bf:63:77:fe:e4:40:fe: 71:30:b9:eb:27:6e:77:ff:7c:0b:b7:e3:79:cb:df: fa:bf:fc:50:10:4e:b7:71:64:e6:5b:f8:b9:42:33: c9:e9:bb:3b:e0:ef:aa:9f:4c:1c:46:65:dd:7b:8e: 26:6b:24:92:12:1f:bf:8b:d2:0c:58:48:17:d0:14: 3f:58:6f:2d:aa:a9:5b:34:fd:98:95:27:a0:b4:ff: cb:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:A8:7B:88:F6:2E:BE:24:00:B2:4E:AA:C5:64:D6:99:7D:C3:CC:11 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/jqh7iPYuviQAsk6qxWTWmX3DzBE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.210.0/24 Signature Algorithm: sha256WithRSAEncryption 64:99:bd:9c:2c:f6:20:47:dc:56:0a:ec:3d:e7:9e:8f:c2:15: 2e:46:98:51:5a:d2:ec:70:60:c2:95:8c:af:6f:2f:b9:d4:7d: 11:a5:aa:5e:f1:da:8a:b7:5d:2c:3f:ed:ea:b0:23:63:28:e5: f5:f5:36:a3:86:88:9a:1f:7c:7b:ab:a7:08:03:03:85:69:96: 6a:75:15:ea:12:fd:21:23:65:a8:5b:df:a6:9a:ff:bd:60:57: c5:ee:eb:51:9d:2e:9a:d2:60:3e:c8:a9:49:71:38:60:5d:67: 92:fd:ba:75:83:50:80:d4:55:04:b5:92:2b:0b:11:a1:a6:33: 87:63:f2:c6:d9:31:f2:a4:ff:44:72:33:7a:14:99:74:c8:08: 2f:1d:34:43:8b:76:8b:0a:fc:36:42:fb:9b:f9:9c:b9:9e:cf: bf:39:d6:bd:2e:32:54:b0:17:24:e6:ea:c4:9c:59:3e:5e:9b: 5b:cb:bf:a7:48:0e:9d:d7:4f:81:08:45:36:b6:2b:a6:1b:86: f9:dc:e2:38:9c:70:10:15:59:3b:e6:83:52:28:c5:43:a0:18: ea:04:be:89:8f:4f:28:b8:d5:f5:0f:82:2d:d0:c1:ad:47:80: 16:0b:1b:fe:72:87:26:4a:33:be:28:fc:45:75:cc:f7:bd:30: 19:4d:91:c4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICELUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAxMTcw MTI4NTZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhFQTg3Qjg4RjYyRUJF MjQwMEIyNEVBQUM1NjRENjk5N0RDM0NDMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuKp9aBg5LIEwgbZ03C7K31tnML025XRgdKOhpruXRYmMmF60T XmkqJkpX8m/Dwc5ByaLQhTVex+AVTVeVb+/MdHaD7PNr+UZK/v3SZMXPp1kYLwU3 14Gb84cBkZs6SrvYvmdjgccdhNe2f69pDczZdBeabey1+w8L2GoCEdvD/oCPveSU jGsFqOn6xHskgk8z4KjIOtHfjfQOWaBmJheLZSw2ZOjVwJCNkbSVv2N3/uRA/nEw uesnbnf/fAu343nL3/q//FAQTrdxZOZb+LlCM8npuzvg76qfTBxGZd17jiZrJJIS H7+L0gxYSBfQFD9Yby2qqVs0/ZiVJ6C0/8unAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUjqh7iPYuviQAsk6qxWTWmX3DzBEwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvanFoN2lQWXV2aVFB c2s2cXhXVFdtWDNEekJFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4p0jANBgkqhkiG9w0BAQsFAAOCAQEAZJm9nCz2IEfcVgrsPeeej8IVLkaY UVrS7HBgwpWMr28vudR9EaWqXvHairddLD/t6rAjYyjl9fU2o4aImh98e6unCAMD hWmWanUV6hL9ISNlqFvfppr/vWBXxe7rUZ0umtJgPsipSXE4YF1nkv26dYNQgNRV BLWSKwsRoaYzh2Pyxtkx8qT/RHIzehSZdMgILx00Q4t2iwr8NkL7m/mcuZ7PvznW vS4yVLAXJObqxJxZPl6bW8u/p0gOnddPgQhFNrYrphuG+dziOJxwEBVZO+aDUijF Q6AY6gS+iY9PKLjV9Q+CLdDBrUeAFgsb/nKHJkozvij8RXXM970wGU2RxA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:53 2025 by rpki-client