$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/tAnhg4BJ1r-Z0aPsvgfSfv05_uM.roa File: tAnhg4BJ1r-Z0aPsvgfSfv05_uM.roa (raw, json) Hash identifier: TKSbqNRQLaSRmFQzXCOJrUcJtIWlA3O/TfKP/kECfpw= Subject key identifier: B4:09:E1:83:80:49:D6:BF:99:D1:A3:EC:BE:07:D2:7E:FD:39:FE:E3 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 1BCA Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/tAnhg4BJ1r-Z0aPsvgfSfv05_uM.roa Signing time: Fri 17 Jan 2025 01:30:09 +0000 ROA not before: Fri 17 Jan 2025 01:30:09 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 23724 IP address blocks: 211.155.88.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 19:41:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7114 (0x1bca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Jan 17 01:30:09 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B409E1838049D6BF99D1A3ECBE07D27EFD39FEE3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:da:4b:d0:42:85:f3:26:9a:59:3f:80:a8:89: bc:76:6c:aa:6c:08:f4:42:65:66:40:40:95:a8:13: a2:cb:4e:e8:e5:e5:aa:8c:c2:c2:93:54:a0:fc:b2: 78:59:fb:f9:4b:7b:03:f2:ad:a6:3a:f4:cb:81:e4: 85:d0:70:69:a7:94:a8:4d:58:e1:24:e9:c0:f3:26: 47:4c:08:53:d5:e7:92:a8:a1:1a:c8:04:c5:fa:6f: 1d:82:3d:9e:ea:34:ec:48:a1:22:7d:1a:9b:81:1e: 66:b2:e6:bd:9b:4b:b1:c1:4c:61:a5:a8:12:fe:63: b3:ce:41:c1:ce:6a:1a:3c:dc:d3:23:b1:1e:30:65: 3b:19:45:ff:4c:a3:2b:68:3c:97:c0:3e:23:f9:89: f4:53:b0:95:68:0d:b9:63:43:da:4b:24:67:0d:14: b3:8f:98:9f:7f:2b:c1:6a:b8:69:1b:2b:26:0b:98: 1b:a2:5b:96:57:c1:f2:d3:97:3a:8b:a4:2a:4a:22: 20:ff:65:71:41:d7:f5:0b:2d:3e:54:a1:fe:58:d9: 28:9f:1c:3a:20:dd:7c:c7:df:ed:b8:ed:81:67:e3: c3:54:26:a4:1f:f0:71:a2:55:87:9c:e7:89:02:76: cc:47:4d:44:fd:03:3c:36:69:60:02:09:14:31:67: cd:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:09:E1:83:80:49:D6:BF:99:D1:A3:EC:BE:07:D2:7E:FD:39:FE:E3 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/tAnhg4BJ1r-Z0aPsvgfSfv05_uM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.155.88.0/21 Signature Algorithm: sha256WithRSAEncryption 5f:50:9c:8f:08:84:32:77:35:30:ea:09:a0:7d:1f:76:aa:2f: dc:26:86:8c:ae:e8:ca:37:e1:ac:da:ae:a7:a7:62:94:a1:62: 29:61:c2:3e:e0:43:74:a7:54:c6:37:2a:73:9d:88:33:c7:71: d6:aa:cf:71:b1:f3:93:9b:66:35:6b:09:b4:00:18:95:1c:3c: 07:69:04:05:9d:db:4b:b3:cc:5d:ee:9c:e5:08:2e:d7:fc:60: f3:6a:81:f3:65:40:97:d7:a7:47:05:0b:af:ee:09:bf:7c:25: 3f:6c:0a:99:43:aa:71:bd:24:0a:a3:f7:c0:eb:6b:1e:1e:d2: 97:c1:25:50:4e:cd:49:56:38:30:ad:27:6a:98:ee:fc:24:c5: 7c:43:c1:06:a8:db:6a:fa:36:31:43:de:57:aa:c8:7b:5d:03: 8b:bd:cc:d7:dc:ec:35:a2:c9:82:d2:75:96:6a:48:0d:20:cc: 0b:8f:fd:4b:0c:b2:17:81:d8:2d:9b:02:0f:7b:06:b0:a8:b3: fe:04:94:5c:bc:c9:cb:45:79:b9:d7:6b:5c:4e:eb:ab:bb:00: 55:74:72:17:3d:37:ee:19:74:05:11:05:83:ba:5a:8e:ba:26: bf:aa:0c:46:de:7e:c9:b6:e0:93:14:84:05:f6:53:26:0b:a7: 39:69:ba:dc -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTAxMTcw MTMwMDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI0MDlFMTgzODA0OUQ2 QkY5OUQxQTNFQ0JFMDdEMjdFRkQzOUZFRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC02kvQQoXzJppZP4Coibx2bKpsCPRCZWZAQJWoE6LLTujl5aqM wsKTVKD8snhZ+/lLewPyraY69MuB5IXQcGmnlKhNWOEk6cDzJkdMCFPV55KooRrI BMX6bx2CPZ7qNOxIoSJ9GpuBHmay5r2bS7HBTGGlqBL+Y7POQcHOaho83NMjsR4w ZTsZRf9MoytoPJfAPiP5ifRTsJVoDbljQ9pLJGcNFLOPmJ9/K8FquGkbKyYLmBui W5ZXwfLTlzqLpCpKIiD/ZXFB1/ULLT5Uof5Y2SifHDog3XzH3+247YFn48NUJqQf 8HGiVYec54kCdsxHTUT9Azw2aWACCRQxZ80VAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUtAnhg4BJ1r+Z0aPsvgfSfv05/uMwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3RBbmhnNEJKMXItWjBh UHN2Z2ZTZnYwNV91TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPTm1gwDQYJKoZIhvcNAQELBQADggEBAF9QnI8IhDJ3NTDqCaB9H3aqL9wmhoyu 6Mo34azarqenYpShYilhwj7gQ3SnVMY3KnOdiDPHcdaqz3Gx85ObZjVrCbQAGJUc PAdpBAWd20uzzF3unOUILtf8YPNqgfNlQJfXp0cFC6/uCb98JT9sCplDqnG9JAqj 98Drax4e0pfBJVBOzUlWODCtJ2qY7vwkxXxDwQao22r6NjFD3leqyHtdA4u9zNfc 7DWiyYLSdZZqSA0gzAuP/UsMsheB2C2bAg97BrCos/4ElFy8yctFebnXa1xO66u7 AFV0chc9N+4ZdAURBYO6Wo66Jr+qDEbefsm24JMUhAX2UyYLpzlputw= -----END CERTIFICATE-----Generated at Thu Jun 5 19:13:36 2025 by rpki-client