$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/261/-pOXMMTVuNVGKhJq4oVS9X0lPjQ.roa File: -pOXMMTVuNVGKhJq4oVS9X0lPjQ.roa (raw, json) Hash identifier: iXzhCp0U5w+K/Q1XAD2w9nTfhkMuQ1L2woREzYBgcic= Subject key identifier: FA:93:97:30:C4:D5:B8:D5:46:2A:12:6A:E2:85:52:F5:7D:25:3E:34 Certificate issuer: /CN=76E046E3ECA10B928499F22A5E765C0416A60A4F Certificate serial: 09 Authority key identifier: 76:E0:46:E3:EC:A1:0B:92:84:99:F2:2A:5E:76:5C:04:16:A6:0A:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/duBG4-yhC5KEmfIqXnZcBBamCk8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/-pOXMMTVuNVGKhJq4oVS9X0lPjQ.roa Signing time: Wed 15 Jan 2025 07:44:40 +0000 ROA not before: Wed 15 Jan 2025 07:44:40 +0000 ROA not after: Wed 14 Jan 2026 03:00:41 +0000 asID: 23771 IP address blocks: 59.153.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/duBG4-yhC5KEmfIqXnZcBBamCk8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/duBG4-yhC5KEmfIqXnZcBBamCk8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/duBG4-yhC5KEmfIqXnZcBBamCk8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:40:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76E046E3ECA10B928499F22A5E765C0416A60A4F Validity Not Before: Jan 15 07:44:40 2025 GMT Not After : Jan 14 03:00:41 2026 GMT Subject: CN=FA939730C4D5B8D5462A126AE28552F57D253E34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c9:20:41:7b:25:24:64:56:23:00:55:53:6a: 87:76:55:3c:db:ca:ef:dc:a3:10:0c:a6:26:fa:d8: 81:41:4b:56:28:59:9d:81:24:38:5c:2e:60:90:73: ca:a7:88:93:06:70:ef:3b:e0:09:cd:5b:fb:fa:81: b4:eb:1d:28:5c:c6:1e:13:1a:c6:21:37:b2:a7:29: 90:f1:ef:e2:c3:8b:10:95:15:a4:79:77:01:02:3e: 8f:46:f3:2f:27:26:22:8b:bc:11:41:4f:a6:1b:87: 43:1a:59:8f:56:b6:0f:3a:22:f7:d6:50:6e:50:00: ab:89:e7:54:a3:c0:1a:b2:28:ca:03:5f:b5:64:f5: 75:0a:47:c7:ec:cc:6a:16:3a:a2:1b:2e:fd:d9:cf: fe:96:a9:05:38:ef:a2:b7:80:6b:37:48:3a:a3:ac: d8:4f:d2:20:f5:f6:55:3a:a8:21:0e:9f:dc:ec:e5: d2:bc:a4:6c:ed:2e:d0:8f:23:fa:ea:8f:5b:b6:17: 62:ac:dc:f3:48:23:90:70:b4:98:01:ea:11:24:db: 0b:96:40:ab:ac:c4:e0:7a:8f:5a:bb:f9:14:42:3f: 3c:e5:77:d3:b2:40:22:08:7d:38:67:38:ce:03:0d: 88:2a:48:4c:12:d6:97:1b:f6:82:bf:d2:54:8f:22: df:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:93:97:30:C4:D5:B8:D5:46:2A:12:6A:E2:85:52:F5:7D:25:3E:34 X509v3 Authority Key Identifier: keyid:76:E0:46:E3:EC:A1:0B:92:84:99:F2:2A:5E:76:5C:04:16:A6:0A:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/duBG4-yhC5KEmfIqXnZcBBamCk8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/duBG4-yhC5KEmfIqXnZcBBamCk8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/261/-pOXMMTVuNVGKhJq4oVS9X0lPjQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 59.153.4.0/24 Signature Algorithm: sha256WithRSAEncryption 15:5a:5a:aa:e3:a0:fd:95:7d:66:66:88:cd:f3:ae:d5:71:42: f4:c2:d2:5b:31:dc:3e:e8:2b:b7:b5:b0:7a:fd:74:b2:12:9b: 1b:a8:6a:ce:95:8a:14:b1:07:cc:bb:f3:db:94:a6:9b:fb:f9: a8:f9:ea:9c:41:b1:f5:19:79:7a:fe:2c:0c:ed:7c:bf:3d:d6: 42:90:97:06:c8:9b:1b:0e:69:3e:ca:da:7d:0f:7f:03:d9:01: b2:3b:d3:e0:09:3c:c0:b5:80:d8:a1:86:71:32:63:54:8c:92: f6:03:d1:1c:42:cd:ee:77:36:74:c7:d5:8a:9a:71:60:69:77: 4f:bd:7e:88:e9:d3:33:fa:0f:8a:46:28:f9:bf:d3:f5:be:55: 73:88:25:76:13:31:7d:9f:d6:de:03:bd:b9:04:fd:c4:04:a9: a0:7c:ac:d9:1d:10:5e:24:b7:0f:0b:3f:38:ae:55:70:ef:9a: d0:b8:1f:5a:23:83:cc:20:23:b6:7a:9a:d1:97:a8:52:d8:2b: ed:86:9d:52:48:da:d6:1f:42:95:e8:b8:c3:7a:94:cb:f1:31: d5:01:b2:28:77:cd:82:1e:e7:d9:b2:73:ab:e4:33:36:61:d2: cb:3f:a5:a7:f6:24:fa:7e:03:0c:7b:ae:3d:a4:7d:58:0c:1a: 7a:de:e5:4e -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3NkUw NDZFM0VDQTEwQjkyODQ5OUYyMkE1RTc2NUMwNDE2QTYwQTRGMB4XDTI1MDExNTA3 NDQ0MFoXDTI2MDExNDAzMDA0MVowMzExMC8GA1UEAxMoRkE5Mzk3MzBDNEQ1QjhE NTQ2MkExMjZBRTI4NTUyRjU3RDI1M0UzNDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALzJIEF7JSRkViMAVVNqh3ZVPNvK79yjEAymJvrYgUFLVihZnYEk OFwuYJBzyqeIkwZw7zvgCc1b+/qBtOsdKFzGHhMaxiE3sqcpkPHv4sOLEJUVpHl3 AQI+j0bzLycmIou8EUFPphuHQxpZj1a2Dzoi99ZQblAAq4nnVKPAGrIoygNftWT1 dQpHx+zMahY6ohsu/dnP/papBTjvoreAazdIOqOs2E/SIPX2VTqoIQ6f3Ozl0ryk bO0u0I8j+uqPW7YXYqzc80gjkHC0mAHqESTbC5ZAq6zE4HqPWrv5FEI/POV307JA Igh9OGc4zgMNiCpITBLWlxv2gr/SVI8i3w8CAwEAAaOCAfEwggHtMB0GA1UdDgQW BBT6k5cwxNW41UYqEmrihVL1fSU+NDAfBgNVHSMEGDAWgBR24Ebj7KELkoSZ8ipe dlwEFqYKTzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP oE2GS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjEv ZHVCRzQteWhDNUtFbWZJcVhuWmNCQmFtQ2s4LmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9kdUJHNC15aEM1S0VtZklxWG5aY0JCYW1DazguY2VyMA4GA1UdDwEB/wQE AwIHgDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNjEvLXBPWE1NVFZ1TlZHS2hK cTRvVlM5WDBsUGpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmlj LmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME ADuZBDANBgkqhkiG9w0BAQsFAAOCAQEAFVpaquOg/ZV9ZmaIzfOu1XFC9MLSWzHc Pugrt7Wwev10shKbG6hqzpWKFLEHzLvz25Smm/v5qPnqnEGx9Rl5ev4sDO18vz3W QpCXBsibGw5pPsrafQ9/A9kBsjvT4Ak8wLWA2KGGcTJjVIyS9gPRHELN7nc2dMfV ippxYGl3T71+iOnTM/oPikYo+b/T9b5Vc4gldhMxfZ/W3gO9uQT9xASpoHys2R0Q XiS3Dws/OK5VcO+a0LgfWiODzCAjtnqa0ZeoUtgr7YadUkja1h9Clei4w3qUy/Ex 1QGyKHfNgh7n2bJzq+QzNmHSyz+lp/Yk+n4DDHuuPaR9WAwaet7lTg== -----END CERTIFICATE-----Generated at Sat Apr 26 14:39:45 2025 by rpki-client