$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3027/bjLxh3xrIQTLrgWPcBkU20bZk-E.roa File: bjLxh3xrIQTLrgWPcBkU20bZk-E.roa (raw, json) Hash identifier: xCZ1eG8c+09xNi43HS+WtsrXnKRsVzbh2so3JkVgpx4= Subject key identifier: 6E:32:F1:87:7C:6B:21:04:CB:AE:05:8F:70:19:14:DB:46:D9:93:E1 Certificate issuer: /CN=EED0E76665272FAF95C3104EAE182BD2D5A0800B Certificate serial: 12BA Authority key identifier: EE:D0:E7:66:65:27:2F:AF:95:C3:10:4E:AE:18:2B:D2:D5:A0:80:0B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/bjLxh3xrIQTLrgWPcBkU20bZk-E.roa Signing time: Fri 17 Jan 2025 01:28:43 +0000 ROA not before: Fri 17 Jan 2025 01:28:43 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139119 IP address blocks: 2406:a7c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:08:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4794 (0x12ba) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EED0E76665272FAF95C3104EAE182BD2D5A0800B Validity Not Before: Jan 17 01:28:43 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=6E32F1877C6B2104CBAE058F701914DB46D993E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:74:f7:47:9e:5c:e4:59:4c:2d:99:b1:7c:7a: 6d:12:5e:0d:5f:a6:ee:8d:d9:c6:d5:1f:ad:a3:2a: fc:72:b3:ad:0c:f4:d5:78:c6:e0:06:9c:90:5f:c8: 5c:bb:f0:03:c4:24:17:d8:10:e3:4e:40:7a:72:ae: 47:2d:ce:0b:d1:32:3b:8f:10:db:c2:78:a2:be:12: d5:50:e1:ea:44:d6:07:de:e8:22:a1:66:16:20:ac: d0:41:47:fe:1b:09:eb:14:da:8e:4a:e0:00:ee:97: 2b:bc:53:30:41:f4:9b:db:13:a9:3d:8b:b5:59:25: 5e:7f:e5:55:85:b5:79:ee:a0:f6:18:44:9f:2c:45: 92:ce:d4:b4:2d:e4:e4:f5:7d:c4:6e:52:94:ae:1b: 60:82:c5:02:06:98:51:72:dc:15:24:2a:1e:8a:3a: 93:0f:7d:ea:98:d8:53:bb:04:9f:25:2e:9f:53:eb: f8:a8:ae:86:d9:d3:ac:cd:b2:6f:54:92:f3:9b:2a: 25:5b:0c:5f:c7:31:ad:df:b0:2d:40:4d:77:ba:eb: 28:01:7e:67:ea:c8:c8:47:65:84:ab:18:5a:9a:1d: fb:f0:9e:d3:36:16:80:55:15:7c:8d:0b:cd:85:1b: 68:cb:66:fb:b2:a9:69:7d:04:9b:79:5d:29:12:4d: 43:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:32:F1:87:7C:6B:21:04:CB:AE:05:8F:70:19:14:DB:46:D9:93:E1 X509v3 Authority Key Identifier: keyid:EE:D0:E7:66:65:27:2F:AF:95:C3:10:4E:AE:18:2B:D2:D5:A0:80:0B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/bjLxh3xrIQTLrgWPcBkU20bZk-E.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:a7c0::/48 Signature Algorithm: sha256WithRSAEncryption 89:c8:17:5e:a6:69:89:e9:36:20:14:86:8c:98:0b:6a:26:57: b3:04:cb:46:5b:8e:cf:a3:dd:5c:75:14:f0:31:cc:3b:44:11: b6:c4:81:4d:7d:ae:43:f3:66:fd:3c:6b:58:84:32:3a:09:2a: 74:90:c4:8e:2e:7d:bf:5b:b6:27:d2:78:bc:71:e5:07:96:aa: 6b:4e:7f:29:ec:e9:0d:50:b3:e3:1b:fa:e0:8c:56:24:3e:10: 74:53:76:48:5e:b7:31:e8:82:55:de:76:f9:24:b5:e8:73:8a: 88:fe:8e:29:ab:7e:15:ef:67:40:64:9e:dd:9f:70:36:31:79: 72:1f:c5:8f:d6:07:2b:34:ca:44:40:74:ce:46:3b:9c:14:a7: e4:1a:68:e6:9d:e0:a8:64:13:0b:9a:1d:26:c6:06:c1:6c:ac: 44:93:9f:bd:9b:d3:0b:d0:f1:14:c5:ad:a2:4d:6a:f4:c3:45: 63:49:36:37:cc:75:fd:11:d5:e7:81:e9:c0:38:82:7a:2a:57: dd:5e:d8:31:00:8d:be:50:e9:8b:34:2c:77:7c:78:69:2b:25: fc:35:a7:4f:e8:ed:ca:f7:01:ac:e5:dc:9f:cd:ae:2f:27:5a: 8b:69:ee:cc:7c:d7:c8:0d:84:bf:6b:be:ec:c7:26:36:3f:7d: 2d:01:36:a7 -----BEGIN CERTIFICATE----- MIIE2jCCA8KgAwIBAgICErowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUVE MEU3NjY2NTI3MkZBRjk1QzMxMDRFQUUxODJCRDJENUEwODAwQjAeFw0yNTAxMTcw MTI4NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZFMzJGMTg3N0M2QjIx MDRDQkFFMDU4RjcwMTkxNERCNDZEOTkzRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwdPdHnlzkWUwtmbF8em0SXg1fpu6N2cbVH62jKvxys60M9NV4 xuAGnJBfyFy78APEJBfYEONOQHpyrkctzgvRMjuPENvCeKK+EtVQ4epE1gfe6CKh ZhYgrNBBR/4bCesU2o5K4ADulyu8UzBB9JvbE6k9i7VZJV5/5VWFtXnuoPYYRJ8s RZLO1LQt5OT1fcRuUpSuG2CCxQIGmFFy3BUkKh6KOpMPfeqY2FO7BJ8lLp9T6/io robZ06zNsm9UkvObKiVbDF/HMa3fsC1ATXe66ygBfmfqyMhHZYSrGFqaHfvwntM2 FoBVFXyNC82FG2jLZvuyqWl9BJt5XSkSTUPpAgMBAAGjggH2MIIB8jAdBgNVHQ4E FgQUbjLxh3xrIQTLrgWPcBkU20bZk+EwHwYDVR0jBBgwFoAU7tDnZmUnL6+VwxBO rhgr0tWggAswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAy Ny83dERuWm1Vbkw2LVZ3eEJPcmhncjB0V2dnQXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzd0RG5abVVuTDYtVnd4Qk9yaGdyMHRXZ2dBcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMjcvYmpMeGgzeHJJUVRM cmdXUGNCa1UyMGJaay1FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw CQMHACQGp8AAADANBgkqhkiG9w0BAQsFAAOCAQEAicgXXqZpiek2IBSGjJgLaiZX swTLRluOz6PdXHUU8DHMO0QRtsSBTX2uQ/Nm/TxrWIQyOgkqdJDEji59v1u2J9J4 vHHlB5aqa05/KezpDVCz4xv64IxWJD4QdFN2SF63MeiCVd52+SS16HOKiP6OKat+ Fe9nQGSe3Z9wNjF5ch/Fj9YHKzTKREB0zkY7nBSn5Bpo5p3gqGQTC5odJsYGwWys RJOfvZvTC9DxFMWtok1q9MNFY0k2N8x1/RHV54HpwDiCeipX3V7YMQCNvlDpizQs d3x4aSsl/DWnT+jtyvcBrOXcn82uLydai2nuzHzXyA2Ev2u+7McmNj99LQE2pw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:47:24 2025 by rpki-client