$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/nSRgEczP2Vah6cKvfQ3tFq7a3no.roa File: nSRgEczP2Vah6cKvfQ3tFq7a3no.roa (raw, json) Hash identifier: b4moQm23csiDLb5kUqMGU2XFsorLRE9/0BS2ulVpWw8= Subject key identifier: 9D:24:60:11:CC:CF:D9:56:A1:E9:C2:AF:7D:0D:ED:16:AE:DA:DE:7A Certificate issuer: /CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Certificate serial: 105F Authority key identifier: C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/nSRgEczP2Vah6cKvfQ3tFq7a3no.roa Signing time: Fri 17 Jan 2025 01:28:54 +0000 ROA not before: Fri 17 Jan 2025 01:28:54 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 136907 IP address blocks: 139.9.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4191 (0x105f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C1D31291638F4A4040CD3D52DEC3FF2B9709C5F2 Validity Not Before: Jan 17 01:28:54 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9D246011CCCFD956A1E9C2AF7D0DED16AEDADE7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:74:64:29:8c:87:9e:3f:75:cb:33:27:e6:33: b7:1f:cf:96:16:a1:0c:4d:b3:aa:c9:e5:04:68:ea: 2a:07:ec:4c:5d:1f:10:54:c4:75:db:36:c2:00:0e: 7e:53:03:ae:41:72:71:e4:b4:46:ee:aa:94:d9:7f: 83:38:50:a5:61:07:64:3c:79:91:a2:27:ce:06:0f: 0f:10:a9:33:3b:f9:d5:34:c0:29:6a:e5:8b:19:5a: 7b:29:bd:6e:5a:6f:24:a1:b4:23:4c:fa:27:cb:22: cd:da:de:e7:02:aa:74:e9:72:e7:be:e1:af:c3:eb: 2c:cd:55:61:aa:8d:53:06:ca:f1:44:d4:85:98:54: c9:ab:cb:e8:bb:c0:b6:c4:ea:ae:35:60:c1:7d:06: ef:07:3b:d8:9e:f9:a5:df:8c:95:bb:9b:d1:e0:db: 12:4d:8c:1e:94:b0:4c:b0:08:09:ad:d2:d4:d9:26: d2:c6:a0:8c:64:02:59:1c:cd:9e:30:ee:91:3b:08: c0:f0:ac:cc:73:d2:c0:33:90:5e:67:c4:ce:9c:bc: b3:1b:87:53:65:df:55:6a:93:de:65:34:54:e3:a2: 6d:9e:c5:a0:cd:8f:b5:7b:32:a3:9f:fd:ec:09:67: 73:4e:be:16:cd:0d:c8:e2:83:34:be:9c:8a:5d:94: c1:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:24:60:11:CC:CF:D9:56:A1:E9:C2:AF:7D:0D:ED:16:AE:DA:DE:7A X509v3 Authority Key Identifier: keyid:C1:D3:12:91:63:8F:4A:40:40:CD:3D:52:DE:C3:FF:2B:97:09:C5:F2 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/wdMSkWOPSkBAzT1S3sP_K5cJxfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/wdMSkWOPSkBAzT1S3sP_K5cJxfI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/nSRgEczP2Vah6cKvfQ3tFq7a3no.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.9.99.0/24 Signature Algorithm: sha256WithRSAEncryption 25:f0:49:42:69:da:94:8d:c9:6f:8e:1f:e5:cb:da:e0:d9:1b: 39:28:e9:9d:0a:c4:11:d3:2f:42:1d:1b:6f:94:57:70:96:b6: 2c:1c:5c:b6:1f:9a:04:63:b2:eb:83:4c:e4:82:12:1b:b7:9a: d3:2b:c8:12:0d:5e:4a:60:e6:32:52:99:90:f3:be:00:df:f5: b9:dd:98:24:62:5b:90:85:55:b2:19:f0:3e:32:80:77:a2:f5: 2d:08:05:5e:95:66:f2:4a:df:66:82:52:a8:bb:bc:26:a5:93: 4e:77:de:22:85:6f:c7:cc:a2:55:19:15:8f:6d:7c:08:6d:26: b0:11:90:37:a2:1c:5d:38:8f:0d:d3:3a:bc:e7:72:49:2b:8a: d0:c8:60:1b:9b:85:a7:34:23:26:0e:10:91:79:4e:8c:5e:d0: d8:35:67:91:96:18:ac:b9:69:99:f6:64:f8:0c:a6:5b:d2:45: 1a:d0:c3:81:a4:ce:bd:79:78:84:71:7b:6a:81:66:17:2f:fb: 4d:44:12:91:10:5f:3d:5b:35:5b:88:99:17:32:81:d5:e2:14: 76:48:fc:c9:bf:38:ff:c9:0b:33:04:0e:e5:dc:9e:4e:05:9d: 4c:9c:df:f2:9d:78:4d:c7:00:08:50:a6:51:ed:77:9a:2c:e0: d3:31:ec:7b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEF8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzFE MzEyOTE2MzhGNEE0MDQwQ0QzRDUyREVDM0ZGMkI5NzA5QzVGMjAeFw0yNTAxMTcw MTI4NTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlEMjQ2MDExQ0NDRkQ5 NTZBMUU5QzJBRjdEMERFRDE2QUVEQURFN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7dGQpjIeeP3XLMyfmM7cfz5YWoQxNs6rJ5QRo6ioH7ExdHxBU xHXbNsIADn5TA65BcnHktEbuqpTZf4M4UKVhB2Q8eZGiJ84GDw8QqTM7+dU0wClq 5YsZWnspvW5abyShtCNM+ifLIs3a3ucCqnTpcue+4a/D6yzNVWGqjVMGyvFE1IWY VMmry+i7wLbE6q41YMF9Bu8HO9ie+aXfjJW7m9Hg2xJNjB6UsEywCAmt0tTZJtLG oIxkAlkczZ4w7pE7CMDwrMxz0sAzkF5nxM6cvLMbh1Nl31Vqk95lNFTjom2exaDN j7V7MqOf/ewJZ3NOvhbNDcjigzS+nIpdlMHTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUnSRgEczP2Vah6cKvfQ3tFq7a3nowHwYDVR0jBBgwFoAUwdMSkWOPSkBAzT1S 3sP/K5cJxfIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC93ZE1Ta1dPUFNrQkF6VDFTM3NQX0s1Y0p4ZkkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3dkTVNrV09QU2tCQXpUMVMzc1BfSzVjSnhmSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvblNSZ0VjelAyVmFo NmNLdmZRM3RGcTdhM25vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAIsJYzANBgkqhkiG9w0BAQsFAAOCAQEAJfBJQmnalI3Jb44f5cva4NkbOSjp nQrEEdMvQh0bb5RXcJa2LBxcth+aBGOy64NM5IISG7ea0yvIEg1eSmDmMlKZkPO+ AN/1ud2YJGJbkIVVshnwPjKAd6L1LQgFXpVm8krfZoJSqLu8JqWTTnfeIoVvx8yi VRkVj218CG0msBGQN6IcXTiPDdM6vOdySSuK0MhgG5uFpzQjJg4QkXlOjF7Q2DVn kZYYrLlpmfZk+AymW9JFGtDDgaTOvXl4hHF7aoFmFy/7TUQSkRBfPVs1W4iZFzKB 1eIUdkj8yb84/8kLMwQO5dyeTgWdTJzf8p14TccACFCmUe13mizg0zHsew== -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:28 2025 by rpki-client