$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/SXte1RwRs6KIWK2tHctwjhp7f-s.roa File: SXte1RwRs6KIWK2tHctwjhp7f-s.roa (raw, json) Hash identifier: zO23Vf9RjCtZeQdQ1N8oZXkwpT1rM8xTw0qtYJAvxM4= Subject key identifier: 49:7B:5E:D5:1C:11:B3:A2:88:58:AD:AD:1D:CB:70:8E:1A:7B:7F:EB Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1111 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/SXte1RwRs6KIWK2tHctwjhp7f-s.roa Signing time: Tue 18 Mar 2025 10:09:58 +0000 ROA not before: Tue 18 Mar 2025 10:09:58 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 62387 IP address blocks: 101.232.56.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4369 (0x1111) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: Mar 18 10:09:58 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=497B5ED51C11B3A28858ADAD1DCB708E1A7B7FEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:0f:f6:69:6b:f2:03:a6:fc:06:32:2d:bc:70: 99:87:6f:a5:9d:45:01:60:67:8b:67:8c:21:5a:c3: c9:13:ff:d5:37:f8:f9:a1:2b:1c:fc:8c:79:8f:96: fc:22:08:eb:36:5c:e3:25:4e:83:72:f4:a5:7c:47: 82:46:b5:67:a5:58:50:5c:91:5e:de:88:ee:59:25: eb:c3:8b:87:cb:7b:92:d5:51:ed:e2:7b:15:82:87: 5f:3c:4a:aa:ec:c9:3f:b2:2b:7a:f8:8d:0a:fc:b8: 2e:49:71:f8:3b:ef:0e:25:d4:2f:0f:39:f8:c2:74: 98:29:fd:c3:71:65:06:c7:11:37:7d:7c:79:f1:e5: a0:7f:78:19:85:fd:5b:22:1e:6d:c9:91:92:e7:b5: 00:a3:ec:51:d7:6f:fa:86:21:db:01:55:ac:e0:d5: ed:f1:30:89:89:b7:ad:9f:e0:83:99:07:31:01:ec: 4e:64:47:3f:63:d0:69:1f:d3:55:39:76:08:54:23: 85:70:24:41:5b:1b:9a:e8:f0:cc:12:60:02:cb:9c: 0a:68:42:e0:46:9e:74:4c:71:27:5a:19:4e:7b:8b: 9b:f2:8f:2e:5d:e3:cf:a7:9f:a7:33:bb:62:60:8b: 4c:46:09:70:d7:3f:90:2f:13:8f:03:53:7c:a0:eb: 5c:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:7B:5E:D5:1C:11:B3:A2:88:58:AD:AD:1D:CB:70:8E:1A:7B:7F:EB X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/SXte1RwRs6KIWK2tHctwjhp7f-s.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.56.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:e9:25:82:a1:72:62:03:a8:31:ba:55:99:0e:0e:a9:0e:ac: e6:fa:8a:bb:1e:cc:05:1a:a5:5e:36:22:42:57:39:8e:f3:44: 78:4c:ef:a7:ca:f5:05:43:e4:ad:83:e5:49:84:fd:35:f6:57: 34:e4:f1:92:ce:d1:4b:38:63:41:48:82:27:b4:32:96:e0:00: 13:89:3d:10:54:a6:86:15:b9:07:ad:78:da:00:64:61:6b:d4: 5d:16:d2:9c:36:a6:17:f0:97:7e:f8:f0:43:9f:65:25:20:77: 8b:11:f7:d7:ef:f5:f6:14:2a:bd:39:91:93:a9:d7:b2:96:d1: aa:42:02:49:17:28:c1:df:68:23:4e:4e:e5:13:6b:a0:ca:3f: 74:45:cc:83:0e:f9:82:d4:ed:91:51:ed:6e:db:d0:ae:43:ca: 68:fa:0e:1c:64:23:c6:6f:1f:31:ef:97:29:8f:b7:cd:14:39: 95:02:59:6e:1c:0d:eb:5b:e0:20:f6:7a:a0:97:1c:15:5e:d7: 27:6f:63:cd:23:d6:9d:75:24:d1:cc:da:e1:71:8d:58:f5:16: 5e:29:e6:d0:96:6b:0e:86:af:c9:4c:48:8b:62:4a:0c:c2:77: 92:1c:de:11:4d:78:f7:5b:df:81:8a:77:44:19:d1:3a:9f:2a: d8:bf:c7:dd -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTAzMTgx MDA5NThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ5N0I1RUQ1MUMxMUIz QTI4ODU4QURBRDFEQ0I3MDhFMUE3QjdGRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRD/Zpa/IDpvwGMi28cJmHb6WdRQFgZ4tnjCFaw8kT/9U3+Pmh Kxz8jHmPlvwiCOs2XOMlToNy9KV8R4JGtWelWFBckV7eiO5ZJevDi4fLe5LVUe3i exWCh188SqrsyT+yK3r4jQr8uC5Jcfg77w4l1C8POfjCdJgp/cNxZQbHETd9fHnx 5aB/eBmF/VsiHm3JkZLntQCj7FHXb/qGIdsBVazg1e3xMImJt62f4IOZBzEB7E5k Rz9j0Gkf01U5dghUI4VwJEFbG5ro8MwSYALLnApoQuBGnnRMcSdaGU57i5vyjy5d 48+nn6czu2Jgi0xGCXDXP5AvE48DU3yg61wLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUSXte1RwRs6KIWK2tHctwjhp7f+swHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL1NYdGUxUndSczZLSVdL MnRIY3R3amhwN2Ytcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6DgwDQYJKoZIhvcNAQELBQADggEBAGrpJYKhcmIDqDG6VZkODqkOrOb6irse zAUapV42IkJXOY7zRHhM76fK9QVD5K2D5UmE/TX2VzTk8ZLO0Us4Y0FIgie0Mpbg ABOJPRBUpoYVuQeteNoAZGFr1F0W0pw2phfwl3748EOfZSUgd4sR99fv9fYUKr05 kZOp17KW0apCAkkXKMHfaCNOTuUTa6DKP3RFzIMO+YLU7ZFR7W7b0K5Dymj6Dhxk I8ZvHzHvlymPt80UOZUCWW4cDetb4CD2eqCXHBVe1ydvY80j1p11JNHM2uFxjVj1 Fl4p5tCWaw6Gr8lMSItiSgzCd5Ic3hFNePdb34GKd0QZ0TqfKti/x90= -----END CERTIFICATE-----Generated at Fri Apr 4 18:46:16 2025 by rpki-client