$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-1TXyCnR9iUOSL2BUXFRzk72O2k.roa File: -1TXyCnR9iUOSL2BUXFRzk72O2k.roa (raw, json) Hash identifier: Gv9OHjB2+pxSSGvait4ep8/w3eAyFS/+a3xNLHuDb58= Subject key identifier: FB:54:D7:C8:29:D1:F6:25:0E:48:BD:81:51:71:51:CE:4E:F6:3B:69 Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Certificate serial: 10 Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-1TXyCnR9iUOSL2BUXFRzk72O2k.roa Signing time: Wed 09 Apr 2025 07:08:26 +0000 ROA not before: Wed 09 Apr 2025 07:08:26 +0000 ROA not after: Thu 09 Apr 2026 06:33:21 +0000 asID: 9391 IP address blocks: 119.16.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16 (0x10) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942 Validity Not Before: Apr 9 07:08:26 2025 GMT Not After : Apr 9 06:33:21 2026 GMT Subject: CN=FB54D7C829D1F6250E48BD81517151CE4EF63B69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c7:d8:51:a8:68:c9:d5:2b:c9:a8:6c:fe:32: b1:ef:f5:54:ef:59:05:8c:d7:e4:0c:0e:30:5a:3b: 7e:56:2e:af:ba:58:ce:d8:69:13:13:b3:6a:5a:13: 7d:4c:91:2a:5e:78:c2:8e:b6:95:91:53:4a:87:f8: e2:98:d6:bb:eb:d5:f5:16:0a:65:88:e7:64:3c:4e: 33:a8:af:37:a0:ac:76:d8:03:66:f3:66:ec:8a:e3: 71:1d:09:a3:00:f7:2a:ec:4d:c7:fb:de:89:0c:ac: cc:c6:1f:81:73:34:2e:c2:b0:2c:65:e4:c2:ca:e6: 5f:4b:1a:d9:bb:a1:ac:0b:52:8f:59:48:b7:9c:78: 35:49:1c:cb:d6:fd:57:d2:18:4a:a9:0f:a4:b1:1c: 74:16:13:8e:de:11:fd:2f:b2:59:b5:66:d5:55:88: af:81:87:1c:a2:3e:0b:d3:da:f1:8f:49:28:bb:ed: 80:c4:43:9c:5a:1f:a8:11:09:3c:66:a3:bc:5b:e7: 6e:ed:65:0c:fe:e0:98:48:ef:9c:68:31:ec:51:91: 58:3c:86:72:f5:5e:7d:6a:8b:6c:21:16:16:99:1d: 72:c1:71:3c:fa:f6:65:09:66:df:42:87:be:50:51: 9d:85:8e:b0:fa:e4:42:3a:70:22:4f:08:9e:82:7d: 31:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:54:D7:C8:29:D1:F6:25:0E:48:BD:81:51:71:51:CE:4E:F6:3B:69 X509v3 Authority Key Identifier: keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-1TXyCnR9iUOSL2BUXFRzk72O2k.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 119.16.0.0/16 Signature Algorithm: sha256WithRSAEncryption 1b:42:93:09:77:c1:9b:57:f6:cc:f7:8e:ff:af:53:cb:a1:08: 2f:6f:32:0b:61:23:13:a9:2c:66:a6:15:04:40:2f:48:2d:8c: 9b:cf:de:c8:a6:06:4d:e6:ef:6a:57:8c:dd:a2:59:9b:04:87: e6:1e:e8:dc:30:d1:a9:97:43:4d:d5:4a:4b:ae:39:23:c3:8f: e6:e1:6c:62:54:34:8f:6d:33:51:0c:1b:0d:33:eb:3f:a7:9f: b2:27:a2:da:de:50:13:d4:94:49:b8:d0:39:45:a9:34:dc:89: ea:07:f9:6b:9d:0a:08:db:a2:67:16:fe:fa:95:0e:e7:9f:d3: ca:62:a1:61:18:c4:27:32:fc:22:fe:f7:6a:fa:ca:33:19:01: 18:a0:bf:1a:96:0b:84:14:de:3a:8a:37:f7:fb:56:19:07:b5: 59:a3:5e:be:4d:6c:a4:ab:da:7e:13:8f:91:27:61:f4:35:2c: ae:0a:4a:05:0b:f1:cb:af:1f:dd:c2:34:d0:75:1d:d5:b7:be: a8:ca:2f:b9:14:b0:ca:b3:05:2e:8f:c0:c9:82:c0:c4:94:5e: 95:df:7c:19:71:5c:60:9f:2e:f5:b9:e4:a5:7d:01:7b:05:42: c4:76:5b:0c:5c:9f:39:60:c9:88:f6:b1:76:ff:91:b7:7e:8c: 5e:01:2b:0d -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyRTI2 NkRDM0VBRDgwRUIyNUQ0OTg1OEE2NERDMUVGMUM4QTFCOTQyMB4XDTI1MDQwOTA3 MDgyNloXDTI2MDQwOTA2MzMyMVowMzExMC8GA1UEAxMoRkI1NEQ3QzgyOUQxRjYy NTBFNDhCRDgxNTE3MTUxQ0U0RUY2M0I2OTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALvH2FGoaMnVK8mobP4yse/1VO9ZBYzX5AwOMFo7flYur7pYzthp ExOzaloTfUyRKl54wo62lZFTSof44pjWu+vV9RYKZYjnZDxOM6ivN6CsdtgDZvNm 7IrjcR0JowD3KuxNx/veiQyszMYfgXM0LsKwLGXkwsrmX0sa2buhrAtSj1lIt5x4 NUkcy9b9V9IYSqkPpLEcdBYTjt4R/S+yWbVm1VWIr4GHHKI+C9Pa8Y9JKLvtgMRD nFofqBEJPGajvFvnbu1lDP7gmEjvnGgx7FGRWDyGcvVefWqLbCEWFpkdcsFxPPr2 ZQlm30KHvlBRnYWOsPrkQjpwIk8InoJ9MasCAwEAAaOCAe4wggHqMB0GA1UdDgQW BBT7VNfIKdH2JQ5IvYFRcVHOTvY7aTAfBgNVHSMEGDAWgBQuJm3D6tgOsl1JhYpk 3B7xyKG5QjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO oEyGSnJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9M aVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL0xpWnR3LXJZRHJKZFNZV0taTndlOGNpaHVVSS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzc2Ly0xVFh5Q25SOWlVT1NMMkJV WEZSems3Mk8yay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5pYy5j bi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwB3 EDANBgkqhkiG9w0BAQsFAAOCAQEAG0KTCXfBm1f2zPeO/69Ty6EIL28yC2EjE6ks ZqYVBEAvSC2Mm8/eyKYGTebvaleM3aJZmwSH5h7o3DDRqZdDTdVKS645I8OP5uFs YlQ0j20zUQwbDTPrP6efsiei2t5QE9SUSbjQOUWpNNyJ6gf5a50KCNuiZxb++pUO 55/TymKhYRjEJzL8Iv73avrKMxkBGKC/GpYLhBTeOoo39/tWGQe1WaNevk1spKva fhOPkSdh9DUsrgpKBQvxy68f3cI00HUd1be+qMovuRSwyrMFLo/AyYLAxJReld98 GXFcYJ8u9bnkpX0BewVCxHZbDFyfOWDJiPaxdv+Rt36MXgErDQ== -----END CERTIFICATE-----Generated at Sat Apr 26 15:05:35 2025 by rpki-client