$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/61sanvoSxDfAlBmaVfsP0F8Z0vs.roa File: 61sanvoSxDfAlBmaVfsP0F8Z0vs.roa (raw, json) Hash identifier: a5hLR+ChBTsRX6HByDbNL9QyWVXZIek1MWm8L9eOcGQ= Subject key identifier: EB:5B:1A:9E:FA:12:C4:37:C0:94:19:9A:55:FB:0F:D0:5F:19:D2:FB Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 1191 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/61sanvoSxDfAlBmaVfsP0F8Z0vs.roa Signing time: Sat 18 Jan 2025 15:10:19 +0000 ROA not before: Sat 18 Jan 2025 15:10:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 211392 IP address blocks: 45.250.152.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4497 (0x1191) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Jan 18 15:10:19 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=EB5B1A9EFA12C437C094199A55FB0FD05F19D2FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b9:0b:a3:3d:70:72:4a:e1:1e:b2:7e:ab:48: 44:40:f9:8b:d6:9d:20:ce:79:3f:a8:c7:72:7c:9c: 5a:ef:3a:07:7c:00:08:ca:36:4b:2b:e1:2b:b2:6e: 6f:48:5e:94:d9:ed:ce:2c:71:82:8a:01:b0:48:74: 49:5f:a1:70:e2:db:66:eb:95:f3:6a:b3:c2:f0:77: 25:48:12:92:42:b5:36:80:33:c1:01:2f:52:b3:fa: d2:fe:9c:ea:7d:e9:e5:9d:2c:a1:d8:bd:a0:8b:45: 16:2a:fe:4e:6e:49:de:4c:c6:4a:79:53:3e:fd:75: 2b:63:fc:77:4e:76:f3:8a:36:f8:06:f3:2e:38:5f: f7:7f:f5:34:10:da:36:fe:c2:02:a3:d7:93:8f:4a: f7:59:ad:59:73:65:00:f0:81:71:e6:cc:f6:96:30: 7f:c9:25:b6:8b:da:04:00:f4:db:1b:f8:f6:43:26: 96:c0:15:87:20:b3:34:23:c5:0e:fb:3d:ac:22:46: 27:b3:80:76:cf:ff:7d:41:22:74:1d:e7:b1:57:d5: fd:a8:83:89:0a:98:7f:cd:02:1b:7c:7a:5b:68:0f: c5:17:5d:69:cc:5a:53:99:1b:0e:e0:20:48:a8:73: 72:23:e8:6c:a4:2c:14:1b:10:bd:da:60:bf:98:30: 1b:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:5B:1A:9E:FA:12:C4:37:C0:94:19:9A:55:FB:0F:D0:5F:19:D2:FB X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/61sanvoSxDfAlBmaVfsP0F8Z0vs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.250.152.0/23 Signature Algorithm: sha256WithRSAEncryption 13:7a:b1:c3:60:8b:ed:f7:8d:47:14:0a:41:5a:02:9c:ed:93: 47:d0:3b:96:62:28:9d:75:29:0e:a9:19:06:ac:30:a4:c8:1e: 43:83:27:71:43:fa:10:68:33:89:f7:07:dc:5c:d2:4b:a7:a4: d6:39:56:8f:44:f5:78:2b:60:e7:02:7d:42:c8:84:d1:4c:44: 6c:05:61:5d:18:8c:d3:dc:e4:31:ae:f4:d8:e5:d4:37:df:63: 98:02:22:d2:1e:ae:2d:1e:0e:2d:42:9e:c8:1a:ac:2f:f2:bf: ff:d7:cf:3c:d9:13:fb:30:63:ed:a1:76:24:ec:99:8c:07:d9: 12:2e:6e:8f:fb:10:53:4f:1b:26:5a:84:6e:2b:f6:32:ea:67: ab:5e:c1:ba:7e:40:1e:e9:b2:29:63:7e:e7:5c:44:3c:eb:30: 0d:68:ce:df:f9:07:2d:5b:6e:16:58:23:d2:67:a7:23:a5:91: 2d:5a:d3:3d:7f:8f:28:dc:fb:7b:1b:0e:02:2f:08:14:34:65: 10:e3:d4:52:a2:37:f3:bd:97:e8:aa:c2:d2:31:dc:45:d0:a0: 4e:6a:d8:bf:88:5a:0f:b1:30:67:1f:21:53:b0:79:27:b8:b0: 32:d3:95:b6:94:32:fc:d1:ca:d8:47:3a:bf:cd:6e:a1:1b:a8: 2f:40:4d:03 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEZEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNTAxMTgx NTEwMTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVCNUIxQTlFRkExMkM0 MzdDMDk0MTk5QTU1RkIwRkQwNUYxOUQyRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRuQujPXBySuEesn6rSERA+YvWnSDOeT+ox3J8nFrvOgd8AAjK Nksr4Suybm9IXpTZ7c4scYKKAbBIdElfoXDi22brlfNqs8LwdyVIEpJCtTaAM8EB L1Kz+tL+nOp96eWdLKHYvaCLRRYq/k5uSd5Mxkp5Uz79dStj/HdOdvOKNvgG8y44 X/d/9TQQ2jb+wgKj15OPSvdZrVlzZQDwgXHmzPaWMH/JJbaL2gQA9Nsb+PZDJpbA FYcgszQjxQ77PawiRiezgHbP/31BInQd57FX1f2og4kKmH/NAht8eltoD8UXXWnM WlOZGw7gIEioc3Ij6GykLBQbEL3aYL+YMBuhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU61sanvoSxDfAlBmaVfsP0F8Z0vswHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvNjFzYW52b1N4RGZB bEJtYVZmc1AwRjhaMHZzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAS36mDANBgkqhkiG9w0BAQsFAAOCAQEAE3qxw2CL7feNRxQKQVoCnO2TR9A7 lmIonXUpDqkZBqwwpMgeQ4MncUP6EGgzifcH3FzSS6ek1jlWj0T1eCtg5wJ9QsiE 0UxEbAVhXRiM09zkMa702OXUN99jmAIi0h6uLR4OLUKeyBqsL/K//9fPPNkT+zBj 7aF2JOyZjAfZEi5uj/sQU08bJlqEbiv2Mupnq17Bun5AHumyKWN+51xEPOswDWjO 3/kHLVtuFlgj0menI6WRLVrTPX+PKNz7exsOAi8IFDRlEOPUUqI3872X6KrC0jHc RdCgTmrYv4haD7EwZx8hU7B5J7iwMtOVtpQy/NHK2Ec6v81uoRuoL0BNAw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:46:23 2025 by rpki-client