$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/xaUhIc1VDGdMJcJEnBPPcaSjOzc.roa File: xaUhIc1VDGdMJcJEnBPPcaSjOzc.roa (raw, json) Hash identifier: Hh1tScpvpn2ONVOehEGAfQaToVxJp0+zYElhh/XFkAY= Subject key identifier: C5:A5:21:21:CD:55:0C:67:4C:25:C2:44:9C:13:CF:71:A4:A3:3B:37 Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 1BC9 Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/xaUhIc1VDGdMJcJEnBPPcaSjOzc.roa Signing time: Fri 17 Jan 2025 01:30:08 +0000 ROA not before: Fri 17 Jan 2025 01:30:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 23724 IP address blocks: 2406:4d00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:10:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7113 (0x1bc9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Jan 17 01:30:08 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C5A52121CD550C674C25C2449C13CF71A4A33B37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:75:14:d0:e1:59:63:f0:a7:e6:eb:d2:40:0b: 26:8c:aa:dd:6d:53:cd:16:58:4a:1c:d6:57:18:8a: f0:63:f1:77:11:9d:ec:6d:34:78:2b:9c:98:3c:48: 12:71:b1:91:9a:4b:ff:af:ff:34:be:c6:48:c6:2f: ed:5d:31:8a:4d:d1:32:a4:7b:6c:03:84:82:ad:48: d3:0f:d5:b7:01:08:4c:e7:8a:17:a9:b8:da:eb:6c: e1:2a:92:25:91:48:af:f6:9f:b0:ec:eb:d8:a0:8a: 2c:aa:68:53:40:bb:61:c5:40:e0:18:06:49:7f:2c: 07:1e:8c:55:2b:64:83:83:b8:be:be:7e:13:92:43: d9:5b:90:38:2a:0c:2d:3b:71:41:ff:74:aa:03:b0: 36:9d:04:ed:70:e0:78:29:a3:c4:1b:32:fe:87:ad: c5:e7:40:22:d7:63:91:89:05:06:88:b3:d7:90:11: 50:cb:27:c4:59:7e:46:21:3e:fd:a4:07:3f:d3:91: 84:6b:ce:05:95:72:ff:bb:02:d6:fd:3e:ec:f4:47: f9:09:97:e8:45:93:ce:a4:21:9c:8c:a6:5a:78:c6: 11:d8:10:3d:1c:46:3a:ba:f8:8b:73:8e:e3:e7:a9: 81:9c:2a:53:2b:ea:37:1d:77:6f:14:29:1b:db:7e: 0c:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:A5:21:21:CD:55:0C:67:4C:25:C2:44:9C:13:CF:71:A4:A3:3B:37 X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/xaUhIc1VDGdMJcJEnBPPcaSjOzc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2406:4d00::/48 Signature Algorithm: sha256WithRSAEncryption b8:eb:35:bc:fc:8e:c9:25:b6:f4:82:56:81:a0:de:92:e2:8e: 54:87:10:9a:d6:1e:89:1a:39:a4:1c:6b:df:4d:26:8b:d1:c2: 1e:80:69:89:4c:5d:9d:db:10:07:b1:41:64:da:fd:50:05:9b: 80:4f:17:b7:55:ac:0a:17:33:f3:5e:e2:b3:f2:74:01:77:26: 6b:c8:e1:ac:53:df:a8:35:30:7e:aa:47:86:3f:15:ea:c8:59: 25:61:22:ca:ee:6c:48:30:bf:cd:4a:4d:5d:00:1a:e1:47:77: 37:21:cd:88:2e:b6:9b:4e:e5:b3:a9:a9:39:05:17:33:0b:0f: 69:8e:15:60:35:66:48:99:1f:f1:be:ba:c4:05:27:08:26:79: c2:0b:58:bf:e4:e1:45:46:5d:4e:6d:06:06:35:7b:50:ee:0c: 98:ba:67:c1:3d:f3:81:06:0b:3c:71:6a:c9:9f:15:ff:2d:02: af:75:4a:e6:42:19:ea:3c:81:c5:4b:9e:23:b2:c4:d4:e6:7f: 1c:29:f0:11:9c:69:40:db:3b:79:4b:49:d2:91:2b:86:6e:82: 3e:d3:6c:36:bd:c5:23:b2:c5:52:2b:8b:16:b7:b5:f0:9f:cf: c0:7c:2c:7a:09:4b:64:5c:f2:40:b5:6b:b0:39:1f:19:b3:17: 02:5f:04:43 -----BEGIN CERTIFICATE----- MIIE2DCCA8CgAwIBAgICG8kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTAxMTcw MTMwMDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM1QTUyMTIxQ0Q1NTBD Njc0QzI1QzI0NDlDMTNDRjcxQTRBMzNCMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCYdRTQ4Vlj8Kfm69JACyaMqt1tU80WWEoc1lcYivBj8XcRnext NHgrnJg8SBJxsZGaS/+v/zS+xkjGL+1dMYpN0TKke2wDhIKtSNMP1bcBCEznihep uNrrbOEqkiWRSK/2n7Ds69igiiyqaFNAu2HFQOAYBkl/LAcejFUrZIODuL6+fhOS Q9lbkDgqDC07cUH/dKoDsDadBO1w4Hgpo8QbMv6HrcXnQCLXY5GJBQaIs9eQEVDL J8RZfkYhPv2kBz/TkYRrzgWVcv+7Atb9Puz0R/kJl+hFk86kIZyMplp4xhHYED0c Rjq6+ItzjuPnqYGcKlMr6jcdd28UKRvbfgwpAgMBAAGjggH0MIIB8DAdBgNVHQ4E FgQUxaUhIc1VDGdMJcJEnBPPcaSjOzcwHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxL3hhVWhJYzFWREdkTUpj SkVuQlBQY2FTak96Yy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAkBk0AAAAwDQYJKoZIhvcNAQELBQADggEBALjrNbz8jskltvSCVoGg3pLijlSH EJrWHokaOaQca99NJovRwh6AaYlMXZ3bEAexQWTa/VAFm4BPF7dVrAoXM/Ne4rPy dAF3JmvI4axT36g1MH6qR4Y/FerIWSVhIsrubEgwv81KTV0AGuFHdzchzYgutptO 5bOpqTkFFzMLD2mOFWA1ZkiZH/G+usQFJwgmecILWL/k4UVGXU5tBgY1e1DuDJi6 Z8E984EGCzxxasmfFf8tAq91SuZCGeo8gcVLniOyxNTmfxwp8BGcaUDbO3lLSdKR K4Zugj7TbDa9xSOyxVIrixa3tfCfz8B8LHoJS2Rc8kC1a7A5HxmzFwJfBEM= -----END CERTIFICATE-----Generated at Fri Apr 4 18:38:04 2025 by rpki-client