$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/4rIKi71cnPKiZ6le-I8T__5k1N4.roa File: 4rIKi71cnPKiZ6le-I8T__5k1N4.roa (raw, json) Hash identifier: tNGI77V6KgBy/gmuuKH73UZZqJT4nL9iHPvyEDnpdTU= Subject key identifier: E2:B2:0A:8B:BD:5C:9C:F2:A2:67:A9:5E:F8:8F:13:FF:FE:64:D4:DE Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Certificate serial: 71 Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/4rIKi71cnPKiZ6le-I8T__5k1N4.roa Signing time: Thu 16 Jan 2025 02:14:43 +0000 ROA not before: Thu 16 Jan 2025 02:14:43 +0000 ROA not after: Thu 25 Dec 2025 06:56:05 +0000 asID: 9812 IP address blocks: 2400:6600::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:10:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1 Validity Not Before: Jan 16 02:14:43 2025 GMT Not After : Dec 25 06:56:05 2025 GMT Subject: CN=E2B20A8BBD5C9CF2A267A95EF88F13FFFE64D4DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:8c:0b:c6:97:d9:41:4c:b5:b2:56:1c:0b:c6: ec:fc:31:3c:e3:03:e4:55:46:cf:5d:62:c1:74:8f: 68:df:6e:e0:82:4e:7c:26:e4:d9:cb:a4:19:0a:35: 63:41:4a:27:f3:76:36:61:24:dd:83:c5:c6:b5:66: 67:37:e9:96:a0:8d:7a:a7:66:d1:c5:30:c4:cd:a2: 39:fc:26:64:3f:ca:f0:b9:0f:54:07:89:a5:ed:9c: 47:7b:89:18:53:2f:d7:b6:38:11:52:1d:03:20:9c: 44:15:57:93:32:3c:b6:5e:79:33:b8:bf:5a:b2:96: 45:e5:69:96:31:12:94:35:ad:c6:9f:a5:51:50:d5: 9b:8d:0b:47:96:d2:fa:7a:46:ab:b0:bd:45:ae:c2: 21:d9:09:12:f4:49:75:f6:8a:e5:57:4e:d5:bf:9e: e0:ca:87:f6:20:22:dd:87:1e:73:7c:e6:62:98:e3: 3e:61:b7:f3:e4:8a:e4:c9:ee:4a:a8:44:a8:ba:61: d4:98:e0:70:7c:67:5d:cb:09:fc:5a:1b:37:f3:8e: 61:c0:77:02:fb:90:fc:3a:d8:b1:c9:c1:4e:4c:9e: e6:12:78:f8:64:3f:7e:a1:b9:7f:cf:4e:ba:b8:be: bf:0f:6e:6f:91:d2:16:2b:ae:1b:6f:bc:8c:42:e0: 6d:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:B2:0A:8B:BD:5C:9C:F2:A2:67:A9:5E:F8:8F:13:FF:FE:64:D4:DE X509v3 Authority Key Identifier: keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/4rIKi71cnPKiZ6le-I8T__5k1N4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2400:6600::/32 Signature Algorithm: sha256WithRSAEncryption a2:2c:58:18:fb:2b:77:a8:89:4e:a1:24:06:d6:e8:21:2c:d7: 1b:14:aa:8c:0a:31:b6:71:ac:cc:46:b2:9c:a9:e5:91:25:d2: b7:6b:ca:95:1f:04:59:ec:3a:23:2f:93:99:c0:8a:7d:0a:37: bb:93:23:90:4f:2a:41:f6:4d:14:8d:32:58:fc:22:1e:16:5d: 96:08:2f:a6:f3:59:21:2e:1d:1a:c0:f5:3e:04:82:41:ce:61: 0b:cf:d0:d8:f0:46:e0:70:23:41:98:2d:07:ca:a3:08:be:16: 5b:c8:c1:39:17:45:f6:93:f3:29:48:2a:81:c1:51:45:51:34: 02:99:8f:1e:69:11:76:28:a7:dd:ce:12:06:1f:2e:a9:6d:f6: 09:d3:b1:59:5c:2a:54:df:4c:4d:24:f7:c2:c6:71:c0:25:79: 76:d1:67:35:8f:07:13:2e:fd:ca:12:80:60:1b:09:45:b1:cb: 72:e8:28:5c:51:42:99:6f:2a:82:de:6b:ea:c2:4b:cb:f8:e8: b6:1e:7f:16:a7:91:7c:89:e1:3d:2e:35:b3:72:e6:a8:57:4d: cc:29:6f:2e:09:d0:d6:6a:de:ab:ef:2b:c1:cb:af:a3:1a:b6: 85:31:83:d2:8c:5b:1d:7a:d3:88:01:ae:03:9a:4d:b9:8d:10: 7c:75:65:77 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgIBcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEQTFE QUJFQ0YxOTQ1REZGNTNCNjIwRTBCNkM0MTBFOTFFNDQ3MUIxMB4XDTI1MDExNjAy MTQ0M1oXDTI1MTIyNTA2NTYwNVowMzExMC8GA1UEAxMoRTJCMjBBOEJCRDVDOUNG MkEyNjdBOTVFRjg4RjEzRkZGRTY0RDRERTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKSMC8aX2UFMtbJWHAvG7PwxPOMD5FVGz11iwXSPaN9u4IJOfCbk 2cukGQo1Y0FKJ/N2NmEk3YPFxrVmZzfplqCNeqdm0cUwxM2iOfwmZD/K8LkPVAeJ pe2cR3uJGFMv17Y4EVIdAyCcRBVXkzI8tl55M7i/WrKWReVpljESlDWtxp+lUVDV m40LR5bS+npGq7C9Ra7CIdkJEvRJdfaK5VdO1b+e4MqH9iAi3Ycec3zmYpjjPmG3 8+SK5MnuSqhEqLph1JjgcHxnXcsJ/FobN/OOYcB3AvuQ/DrYscnBTkye5hJ4+GQ/ fqG5f89Ouri+vw9ub5HSFiuuG2+8jELgbfcCAwEAAaOCAfAwggHsMB0GA1UdDgQW BBTisgqLvVyc8qJnqV74jxP//mTU3jAfBgNVHSMEGDAWgBTaHavs8ZRd/1O2IOC2 xBDpHkRxsTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi8y aDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwLzJoMnI3UEdVWGY5VHRpRGd0c1FRNlI1RWNiRS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzUyLzRySUtpNzFjblBLaVo2bGUt SThUX181azFONC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk AGYAMA0GCSqGSIb3DQEBCwUAA4IBAQCiLFgY+yt3qIlOoSQG1ughLNcbFKqMCjG2 cazMRrKcqeWRJdK3a8qVHwRZ7DojL5OZwIp9Cje7kyOQTypB9k0UjTJY/CIeFl2W CC+m81khLh0awPU+BIJBzmELz9DY8EbgcCNBmC0HyqMIvhZbyME5F0X2k/MpSCqB wVFFUTQCmY8eaRF2KKfdzhIGHy6pbfYJ07FZXCpU30xNJPfCxnHAJXl20Wc1jwcT Lv3KEoBgGwlFscty6ChcUUKZbyqC3mvqwkvL+Oi2Hn8Wp5F8ieE9LjWzcuaoV03M KW8uCdDWat6r7yvBy6+jGraFMYPSjFsdetOIAa4Dmk25jRB8dWV3 -----END CERTIFICATE-----Generated at Fri Apr 4 18:47:00 2025 by rpki-client