$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/jNiTXNtw-NVk-9eAX-55MR07eeA.roa File: jNiTXNtw-NVk-9eAX-55MR07eeA.roa (raw, json) Hash identifier: XSnjJtxlfKEVYaAn23dvkns4Olz0nlV680zSSdJIpw8= Subject key identifier: 8C:D8:93:5C:DB:70:F8:D5:64:FB:D7:80:5F:EE:79:31:1D:3B:79:E0 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 195C Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/jNiTXNtw-NVk-9eAX-55MR07eeA.roa Signing time: Fri 17 Jan 2025 01:23:49 +0000 ROA not before: Fri 17 Jan 2025 01:23:49 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4812 IP address blocks: 2407:9b40::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6492 (0x195c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Jan 17 01:23:49 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8CD8935CDB70F8D564FBD7805FEE79311D3B79E0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:c6:cf:a9:b3:18:6d:73:e5:74:9a:75:f2:cb: 23:35:50:69:19:2f:5d:42:4d:95:eb:5d:ea:a7:dd: 76:95:e9:63:f9:5b:eb:62:07:3d:b7:2a:7a:23:70: f3:a9:78:c5:11:bd:e3:be:de:78:58:e5:9a:de:0f: 71:a3:eb:e2:3b:b9:47:c2:6b:94:43:f3:06:0f:52: cd:33:a1:cc:89:9b:40:62:95:c7:2b:c5:b2:cb:c9: 18:38:9f:dc:1d:77:17:42:5d:a4:8d:2b:f2:a1:18: e5:cc:d4:4e:24:c4:f3:7b:dd:03:9a:aa:d6:b2:a1: 45:05:2c:86:da:d6:f0:e0:3f:5d:1c:d6:fb:1f:cb: 6a:a8:b3:ca:90:ee:20:13:d1:4a:85:26:e0:a0:60: a9:fa:a6:45:96:24:fb:15:bd:dd:30:53:5e:75:2b: 9a:94:10:e7:e4:51:1a:c2:80:72:f2:e3:9f:de:d3: 6b:82:62:f0:2b:1c:0c:5e:28:ec:ef:a0:ea:7e:5f: a6:8c:50:7d:d0:69:72:e3:a0:b5:81:98:e8:11:2a: b3:a6:51:ce:8c:5f:5e:a2:15:b2:6f:1f:f0:25:c8: 59:2b:1f:69:36:ba:7c:32:84:d4:9f:a5:29:bc:89: 62:62:09:b9:3e:33:10:95:42:ec:2a:7a:c3:ca:16: 6c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:D8:93:5C:DB:70:F8:D5:64:FB:D7:80:5F:EE:79:31:1D:3B:79:E0 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/jNiTXNtw-NVk-9eAX-55MR07eeA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2407:9b40::/32 Signature Algorithm: sha256WithRSAEncryption 64:6b:26:fb:d4:eb:9d:20:a2:31:ec:50:9c:80:e8:ee:b2:f4: e1:f5:b9:c1:ce:fd:b9:77:85:71:8a:d9:df:83:50:f8:06:a6: f7:b4:30:ac:13:b6:a6:45:e3:4a:f1:1a:74:87:15:02:1d:9a: 07:9e:21:f3:86:31:26:e5:d3:1d:5e:86:4f:85:03:2f:cf:98: c0:8e:a7:c7:f0:71:27:d7:be:18:4f:d1:f1:7b:0c:98:71:30: be:11:dc:2d:7c:4b:0b:97:26:61:dc:b6:d5:87:40:82:4e:80: 42:71:5b:d0:5b:79:4b:7b:6a:98:28:4b:f3:04:d9:cd:e1:f9: 48:03:ab:21:f7:fa:d9:e2:04:d6:eb:2e:7f:c6:eb:ed:d6:12: 6c:25:27:62:6f:8a:24:e3:3a:72:5c:ed:93:db:1c:64:ce:90: 45:25:2d:76:de:8c:f4:5b:2e:15:4d:18:f0:72:01:9a:2b:e2: fa:01:bd:b7:23:7f:8d:bf:cd:fc:1f:0a:f1:ee:8e:e3:f9:76: 3a:fb:6a:77:7a:f8:b4:d5:2e:44:53:68:33:bb:4b:b8:0f:0c: 90:8d:6c:b3:c1:f6:3f:ed:0d:4c:e6:e2:66:71:ee:ef:de:78: 34:f1:c4:df:74:e4:06:d6:b5:1b:0a:83:7d:ed:a5:63:30:b3: 64:16:75:71 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICGVwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNTAxMTcw MTIzNDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhDRDg5MzVDREI3MEY4 RDU2NEZCRDc4MDVGRUU3OTMxMUQzQjc5RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCexs+psxhtc+V0mnXyyyM1UGkZL11CTZXrXeqn3XaV6WP5W+ti Bz23KnojcPOpeMURveO+3nhY5ZreD3Gj6+I7uUfCa5RD8wYPUs0zocyJm0Bilccr xbLLyRg4n9wddxdCXaSNK/KhGOXM1E4kxPN73QOaqtayoUUFLIba1vDgP10c1vsf y2qos8qQ7iAT0UqFJuCgYKn6pkWWJPsVvd0wU151K5qUEOfkURrCgHLy45/e02uC YvArHAxeKOzvoOp+X6aMUH3QaXLjoLWBmOgRKrOmUc6MX16iFbJvH/AlyFkrH2k2 unwyhNSfpSm8iWJiCbk+MxCVQuwqesPKFmxDAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUjNiTXNtw+NVk+9eAX+55MR07eeAwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvak5pVFhOdHctTlZr LTllQVgtNTVNUjA3ZWVBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIw BwMFACQHm0AwDQYJKoZIhvcNAQELBQADggEBAGRrJvvU650gojHsUJyA6O6y9OH1 ucHO/bl3hXGK2d+DUPgGpve0MKwTtqZF40rxGnSHFQIdmgeeIfOGMSbl0x1ehk+F Ay/PmMCOp8fwcSfXvhhP0fF7DJhxML4R3C18SwuXJmHcttWHQIJOgEJxW9BbeUt7 apgoS/ME2c3h+UgDqyH3+tniBNbrLn/G6+3WEmwlJ2JviiTjOnJc7ZPbHGTOkEUl LXbejPRbLhVNGPByAZor4voBvbcjf42/zfwfCvHujuP5djr7and6+LTVLkRTaDO7 S7gPDJCNbLPB9j/tDUzm4mZx7u/eeDTxxN905AbWtRsKg33tpWMws2QWdXE= -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:20 2025 by rpki-client