$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/n-iHMHhSC3W_uJ7Y3ru6yfY3fZM.roa File: n-iHMHhSC3W_uJ7Y3ru6yfY3fZM.roa (raw, json) Hash identifier: gYmpXK/sl8uRRA57UlzVROsOK07RPfa5zGrFisIKPsI= Subject key identifier: 9F:E8:87:30:78:52:0B:75:BF:B8:9E:D8:DE:BB:BA:C9:F6:37:7D:93 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 10AB Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/n-iHMHhSC3W_uJ7Y3ru6yfY3fZM.roa Signing time: Fri 17 Jan 2025 01:28:52 +0000 ROA not before: Fri 17 Jan 2025 01:28:52 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 110.41.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4267 (0x10ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jan 17 01:28:52 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9FE8873078520B75BFB89ED8DEBBBAC9F6377D93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b2:5c:45:83:cd:bd:55:2c:be:16:22:6c:a6: 11:fc:42:a7:f7:f3:0c:2e:59:20:98:6b:3f:c1:ea: 7b:32:3a:7d:54:6a:d4:65:99:93:73:1e:86:33:fb: 74:c5:fb:a2:2c:2f:da:6e:7d:9c:8b:23:f6:7a:2e: 36:24:1b:b0:b6:00:53:d0:de:6f:cf:c6:b3:6e:5f: bf:e6:9f:7f:f4:40:e0:c6:f3:d7:c1:7a:2b:27:1c: b5:b6:20:b7:ee:53:53:bb:28:43:29:77:f6:51:a6: 60:6f:d4:22:4d:bf:0f:97:fe:b5:c7:5d:ee:a0:10: da:5e:aa:fa:69:c8:00:64:4c:15:7b:4a:01:49:1b: 4d:15:f9:cf:ea:49:cd:e1:4b:35:32:be:91:d8:ea: 3d:5e:63:b3:36:fd:a8:c4:64:b5:f7:37:b6:f5:ea: 6e:3f:34:de:ce:5b:14:b0:9e:c2:c0:7a:a5:8a:cb: f4:7d:35:59:59:c9:b5:e4:81:3d:fc:a1:c7:bb:b5: 4b:df:c2:f8:ca:2d:1e:4d:90:c4:03:10:69:8e:9b: 4e:c5:49:37:f1:ba:da:f1:6f:fc:b4:e3:a4:3a:9f: 0e:cf:c1:06:76:07:f6:10:f7:7f:ee:f3:23:63:81: 39:6e:d2:ca:37:a8:8d:a3:27:ca:b1:99:e3:cb:e6: 18:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:E8:87:30:78:52:0B:75:BF:B8:9E:D8:DE:BB:BA:C9:F6:37:7D:93 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/n-iHMHhSC3W_uJ7Y3ru6yfY3fZM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.41.208.0/24 Signature Algorithm: sha256WithRSAEncryption 44:ff:61:46:a1:ad:8e:1e:bf:bd:66:b2:ec:65:50:78:aa:c5: 40:5d:39:7f:17:d3:8c:cf:8b:2a:1e:1f:dd:aa:49:c5:09:37: 5c:b0:0f:7f:bc:da:50:94:2c:51:d1:48:f1:d8:39:42:f1:f6: 78:37:27:e4:5d:38:44:de:2d:89:33:fd:70:53:76:62:10:bc: a0:e3:d9:34:38:a4:05:38:8f:b4:4d:01:b9:67:a8:99:b6:c1: f8:a3:d7:0c:ad:1d:7f:58:a0:0f:35:de:08:81:87:b7:0d:27: 81:9a:97:0a:92:8f:b4:00:4d:6e:25:f5:ed:c6:6e:72:90:d5: 0b:2c:4f:77:8d:fe:d8:f2:c6:5a:47:0f:df:73:4d:1d:d9:9d: 04:33:3f:b4:8e:5a:b2:e3:51:54:33:d3:ff:32:fe:6e:97:7f: d5:dd:ec:98:b2:8c:66:34:ab:ea:28:04:3b:4c:b5:41:39:a6: b9:aa:26:7f:00:1f:92:9b:88:b8:4c:aa:9d:60:d0:94:cc:84: c3:5d:8b:01:5d:e9:6e:87:73:10:d1:24:2a:66:8b:3f:79:8b: 18:1d:4f:8e:67:c1:b7:83:2a:94:15:87:8f:4c:85:70:c6:ad: 78:df:89:c2:d1:70:c5:08:90:cd:77:78:59:b7:37:fc:05:5e: b2:d6:df:c4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEKswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAxMTcw MTI4NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlGRTg4NzMwNzg1MjBC NzVCRkI4OUVEOERFQkJCQUM5RjYzNzdEOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpslxFg829VSy+FiJsphH8Qqf38wwuWSCYaz/B6nsyOn1UatRl mZNzHoYz+3TF+6IsL9pufZyLI/Z6LjYkG7C2AFPQ3m/PxrNuX7/mn3/0QODG89fB eisnHLW2ILfuU1O7KEMpd/ZRpmBv1CJNvw+X/rXHXe6gENpeqvppyABkTBV7SgFJ G00V+c/qSc3hSzUyvpHY6j1eY7M2/ajEZLX3N7b16m4/NN7OWxSwnsLAeqWKy/R9 NVlZybXkgT38oce7tUvfwvjKLR5NkMQDEGmOm07FSTfxutrxb/y046Q6nw7PwQZ2 B/YQ93/u8yNjgTlu0so3qI2jJ8qxmePL5hgrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUn+iHMHhSC3W/uJ7Y3ru6yfY3fZMwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbi1pSE1IaFNDM1df dUo3WTNydTZ5ZlkzZlpNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG4p0DANBgkqhkiG9w0BAQsFAAOCAQEARP9hRqGtjh6/vWay7GVQeKrFQF05 fxfTjM+LKh4f3apJxQk3XLAPf7zaUJQsUdFI8dg5QvH2eDcn5F04RN4tiTP9cFN2 YhC8oOPZNDikBTiPtE0BuWeombbB+KPXDK0df1igDzXeCIGHtw0ngZqXCpKPtABN biX17cZucpDVCyxPd43+2PLGWkcP33NNHdmdBDM/tI5asuNRVDPT/zL+bpd/1d3s mLKMZjSr6igEO0y1QTmmuaomfwAfkpuIuEyqnWDQlMyEw12LAV3pbodzENEkKmaL P3mLGB1PjmfBt4MqlBWHj0yFcMateN+JwtFwxQiQzXd4Wbc3/AVestbfxA== -----END CERTIFICATE-----Generated at Fri Apr 4 21:42:44 2025 by rpki-client