$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/h6IigAHQTvufsTVGRtf3LVHt5rc.roa File: h6IigAHQTvufsTVGRtf3LVHt5rc.roa (raw, json) Hash identifier: mnjF2uSX2BUy0FUGkbab260johYF3bE+fxzCc9zlpeY= Subject key identifier: 87:A2:22:80:01:D0:4E:FB:9F:B1:35:46:46:D7:F7:2D:51:ED:E6:B7 Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1DA6 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/h6IigAHQTvufsTVGRtf3LVHt5rc.roa Signing time: Thu 24 Apr 2025 09:10:07 +0000 ROA not before: Thu 24 Apr 2025 09:10:07 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 45110 IP address blocks: 111.118.200.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 15:36:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7590 (0x1da6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: Apr 24 09:10:07 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=87A2228001D04EFB9FB1354646D7F72D51EDE6B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:17:8a:af:86:64:7a:78:52:7a:27:7d:63:35: 81:b2:2c:64:65:be:ae:94:4b:71:2a:66:2c:5d:ef: 84:3f:f7:f1:ac:b4:91:23:02:1b:21:ab:2e:44:45: a2:80:88:0d:5a:f0:d1:ba:cb:e8:b5:f4:cf:2a:b8: 38:9a:17:fd:42:c4:de:2b:21:0d:73:0f:16:64:49: 73:ca:c8:95:85:c7:f0:b0:75:a1:78:62:fa:2b:4a: b9:f3:37:ad:4c:14:d0:88:15:d4:95:9c:0b:83:26: 04:6c:61:ef:33:d9:c1:f2:c9:34:2e:1e:bb:8c:da: f5:e4:15:6e:ed:f1:07:38:e9:61:54:ab:a4:aa:c6: c7:08:00:81:7b:60:5c:33:42:81:f8:63:2e:c6:2b: 8e:1d:92:6b:26:d0:41:40:5e:bf:f4:68:5d:7d:91: 1f:7b:b5:4e:16:5d:c3:71:ae:8b:36:1e:22:fc:94: 88:dc:d7:18:5c:16:a5:30:4d:a3:0b:e4:6c:af:96: 4c:e1:3d:73:f2:ed:c8:0d:a3:e7:2b:f9:e9:69:d8: 5e:00:ca:1c:4e:bf:2e:79:2f:8c:da:0e:90:82:72: 0e:64:d3:a0:c0:8b:50:96:17:0a:1a:21:f0:c7:3f: 9e:f2:cd:7d:b7:61:4a:7d:ba:8f:a6:bc:fe:03:54: fb:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:A2:22:80:01:D0:4E:FB:9F:B1:35:46:46:D7:F7:2D:51:ED:E6:B7 X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/h6IigAHQTvufsTVGRtf3LVHt5rc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 111.118.200.0/24 Signature Algorithm: sha256WithRSAEncryption 49:1f:3a:f7:56:24:1e:3e:05:f3:b1:82:b3:a1:7a:ee:ff:37: e4:1f:c3:79:95:db:3c:37:6f:62:93:4c:38:d2:ab:76:ae:4c: 7b:51:3c:31:7a:2e:ed:a8:96:63:35:c9:d0:ab:af:e2:db:d0: e5:91:5c:18:09:e6:87:0b:43:97:7d:ed:97:76:72:57:d4:b2: 8c:ed:5e:c7:e1:3c:18:e4:06:31:bb:4c:10:8b:dd:51:fe:29: c8:22:d7:37:5a:58:b2:2f:17:e8:b4:e4:96:e2:76:f3:59:95: 98:74:71:8b:fd:07:79:64:40:95:43:9e:8a:65:54:df:e2:11: 81:96:d6:64:f2:6f:2e:56:ab:c4:d2:f4:d9:d9:21:5c:46:d5: 14:6b:ed:7a:a2:11:6e:6a:1d:82:b4:ce:35:09:8c:c7:c0:0a: c5:39:34:8b:4f:99:93:e2:e7:ed:f9:03:2c:50:6e:91:88:22: 2b:08:f3:58:d2:ad:8e:7a:ac:cc:c4:ad:24:92:f5:55:66:65: 2e:37:ef:1e:f8:3e:02:6b:4f:dd:67:f0:df:51:8e:e6:7a:09: ab:47:77:90:b7:ad:18:ad:d3:e1:3f:44:11:1c:be:2b:11:0e: 71:13:99:91:e3:80:74:69:08:c4:56:8e:83:ce:c9:82:ed:fd: d9:28:22:c7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICHaYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNTA0MjQw OTEwMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDg3QTIyMjgwMDFEMDRF RkI5RkIxMzU0NjQ2RDdGNzJENTFFREU2QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvF4qvhmR6eFJ6J31jNYGyLGRlvq6US3EqZixd74Q/9/GstJEj Ahshqy5ERaKAiA1a8NG6y+i19M8quDiaF/1CxN4rIQ1zDxZkSXPKyJWFx/CwdaF4 YvorSrnzN61MFNCIFdSVnAuDJgRsYe8z2cHyyTQuHruM2vXkFW7t8Qc46WFUq6Sq xscIAIF7YFwzQoH4Yy7GK44dkmsm0EFAXr/0aF19kR97tU4WXcNxros2HiL8lIjc 1xhcFqUwTaML5GyvlkzhPXPy7cgNo+cr+elp2F4AyhxOvy55L4zaDpCCcg5k06DA i1CWFwoaIfDHP57yzX23YUp9uo+mvP4DVPuTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUh6IigAHQTvufsTVGRtf3LVHt5rcwHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL2g2SWlnQUhRVHZ1ZnNU VkdSdGYzTFZIdDVyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABvdsgwDQYJKoZIhvcNAQELBQADggEBAEkfOvdWJB4+BfOxgrOheu7/N+Qfw3mV 2zw3b2KTTDjSq3auTHtRPDF6Lu2olmM1ydCrr+Lb0OWRXBgJ5ocLQ5d97Zd2clfU soztXsfhPBjkBjG7TBCL3VH+Kcgi1zdaWLIvF+i05JbidvNZlZh0cYv9B3lkQJVD noplVN/iEYGW1mTyby5Wq8TS9NnZIVxG1RRr7XqiEW5qHYK0zjUJjMfACsU5NItP mZPi5+35AyxQbpGIIisI81jSrY56rMzErSSS9VVmZS437x74PgJrT91n8N9RjuZ6 CatHd5C3rRit0+E/RBEcvisRDnETmZHjgHRpCMRWjoPOyYLt/dkoIsc= -----END CERTIFICATE-----Generated at Sat Apr 26 13:11:29 2025 by rpki-client