$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/775/n9Hcm5Sa9oY_YS6U9M36kf6JDrI.roa File: n9Hcm5Sa9oY_YS6U9M36kf6JDrI.roa (raw, json) Hash identifier: WiA2dmlFgYZLTYhkU+W3rl32i7S/9rr0ZrgMYCN6s1s= Subject key identifier: 9F:D1:DC:9B:94:9A:F6:86:3F:61:2E:94:F4:CD:FA:91:FE:89:0E:B2 Certificate issuer: /CN=CD65DDFFCA490F695E12F3A53EEBAFF0EDA77050 Certificate serial: 09AF Authority key identifier: CD:65:DD:FF:CA:49:0F:69:5E:12:F3:A5:3E:EB:AF:F0:ED:A7:70:50 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zWXd_8pJD2leEvOlPuuv8O2ncFA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/n9Hcm5Sa9oY_YS6U9M36kf6JDrI.roa Signing time: Fri 17 Jan 2025 01:24:02 +0000 ROA not before: Fri 17 Jan 2025 01:24:02 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 59078 IP address blocks: 2402:e7c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zWXd_8pJD2leEvOlPuuv8O2ncFA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2479 (0x9af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=CD65DDFFCA490F695E12F3A53EEBAFF0EDA77050 Validity Not Before: Jan 17 01:24:02 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9FD1DC9B949AF6863F612E94F4CDFA91FE890EB2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:fb:f3:35:d9:bb:8b:f9:b9:29:74:8c:6f:6d: d2:3a:44:f5:fb:a3:dd:72:89:33:2e:06:56:0f:c0: e0:86:ec:fc:7c:ff:f1:e7:92:b0:c9:b7:c0:ff:7c: 61:f7:94:f9:81:3b:be:cd:00:10:cb:cb:bd:ce:64: 0a:3f:86:be:f8:46:1d:62:c0:63:ef:57:c9:55:23: 6f:08:66:54:86:64:2e:4f:0c:45:af:db:35:47:89: 74:e9:0c:fb:52:f0:ea:a3:cf:34:c6:4e:d1:9b:89: e0:64:93:1d:e8:0e:85:35:8e:f1:4a:d0:25:2a:4c: de:7b:e7:2a:ae:f1:7b:79:a5:27:b5:a4:6d:cb:2f: 36:87:20:ad:8e:70:3a:5d:b8:17:34:d6:a8:f7:b3: 95:16:bb:47:f1:67:01:4f:5b:f4:21:13:18:4c:78: ef:b5:0c:ca:3c:f1:8c:26:7b:4f:63:3b:9c:87:13: d5:77:25:3f:53:62:fe:6d:cd:c1:1f:d9:c2:d6:39: 48:cf:8c:85:4e:91:be:aa:16:21:98:f9:f2:e8:86: 5e:9b:5a:eb:47:1e:39:71:3b:31:9c:ab:55:f2:06: ba:ef:72:c8:e2:ae:be:1f:f2:2c:b1:a7:b4:b8:89: ff:4b:d0:42:87:33:cf:d2:44:db:8d:c8:23:8c:41: 3f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:D1:DC:9B:94:9A:F6:86:3F:61:2E:94:F4:CD:FA:91:FE:89:0E:B2 X509v3 Authority Key Identifier: keyid:CD:65:DD:FF:CA:49:0F:69:5E:12:F3:A5:3E:EB:AF:F0:ED:A7:70:50 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zWXd_8pJD2leEvOlPuuv8O2ncFA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/n9Hcm5Sa9oY_YS6U9M36kf6JDrI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv6: 2402:e7c0::/32 Signature Algorithm: sha256WithRSAEncryption 56:e9:f4:4a:5e:be:d7:10:3a:d1:58:88:0c:dd:47:d4:fd:a3: fe:9e:08:60:be:2e:c3:08:f5:c9:ef:be:00:b7:45:0c:3e:44: 02:99:52:a5:20:39:1d:4b:79:6b:09:48:11:1b:96:13:4b:43: 2a:df:4d:84:b9:05:f0:57:42:c6:f5:93:0f:f9:dd:2f:20:26: cf:ca:8c:4b:55:eb:78:4f:9f:2e:68:ce:7f:1c:1e:46:bc:a6: e0:c6:c9:dd:c8:08:ac:9e:7e:07:6b:93:64:e8:34:2c:fc:ee: e7:5a:29:8e:66:80:0f:8b:42:c7:e0:6e:d5:1c:84:cc:3d:89: bd:7b:b5:46:37:dc:d3:d3:8b:7c:4d:23:3b:20:13:76:17:3c: ed:f4:bf:d8:f6:4a:e5:6b:ee:3e:f7:5e:84:a2:91:fb:78:70: d5:0a:b3:61:2c:0d:00:f9:f8:84:79:77:8f:7a:26:8f:ea:12: 44:98:c7:70:99:35:49:c1:c4:ae:43:02:81:18:83:99:04:41: 52:a4:d5:37:fe:35:e7:f7:bf:65:4b:37:51:dc:10:c0:ca:fd: 87:fd:5b:b3:f4:d4:16:2b:35:49:ec:16:93:7d:7d:f8:5d:03: 56:f4:29:0f:ef:f4:a6:56:57:1b:23:5f:8b:ea:a5:b5:6a:65: 10:5f:d7:ef -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgICCa8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Q2 NURERkZDQTQ5MEY2OTVFMTJGM0E1M0VFQkFGRjBFREE3NzA1MDAeFw0yNTAxMTcw MTI0MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlGRDFEQzlCOTQ5QUY2 ODYzRjYxMkU5NEY0Q0RGQTkxRkU4OTBFQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCp+/M12buL+bkpdIxvbdI6RPX7o91yiTMuBlYPwOCG7Px8//Hn krDJt8D/fGH3lPmBO77NABDLy73OZAo/hr74Rh1iwGPvV8lVI28IZlSGZC5PDEWv 2zVHiXTpDPtS8OqjzzTGTtGbieBkkx3oDoU1jvFK0CUqTN575yqu8Xt5pSe1pG3L LzaHIK2OcDpduBc01qj3s5UWu0fxZwFPW/QhExhMeO+1DMo88Ywme09jO5yHE9V3 JT9TYv5tzcEf2cLWOUjPjIVOkb6qFiGY+fLohl6bWutHHjlxOzGcq1XyBrrvcsji rr4f8iyxp7S4if9L0EKHM8/SRNuNyCOMQT9NAgMBAAGjggHyMIIB7jAdBgNVHQ4E FgQUn9Hcm5Sa9oY/YS6U9M36kf6JDrIwHwYDVR0jBBgwFoAUzWXd/8pJD2leEvOl Puuv8O2ncFAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzc1 L3pXWGRfOHBKRDJsZUV2T2xQdXV2OE8ybmNGQS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveldYZF84cEpEMmxlRXZPbFB1dXY4TzJuY0ZBLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzc1L245SGNtNVNhOW9ZX1lT NlU5TTM2a2Y2SkRySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcD BQAkAufAMA0GCSqGSIb3DQEBCwUAA4IBAQBW6fRKXr7XEDrRWIgM3UfU/aP+nghg vi7DCPXJ774At0UMPkQCmVKlIDkdS3lrCUgRG5YTS0Mq302EuQXwV0LG9ZMP+d0v ICbPyoxLVet4T58uaM5/HB5GvKbgxsndyAisnn4Ha5Nk6DQs/O7nWimOZoAPi0LH 4G7VHITMPYm9e7VGN9zT04t8TSM7IBN2Fzzt9L/Y9krla+4+916EopH7eHDVCrNh LA0A+fiEeXePeiaP6hJEmMdwmTVJwcSuQwKBGIOZBEFSpNU3/jXn979lSzdR3BDA yv2H/Vuz9NQWKzVJ7BaTfX34XQNW9CkP7/SmVlcbI1+L6qW1amUQX9fv -----END CERTIFICATE-----Generated at Fri Apr 4 19:38:10 2025 by rpki-client