$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/L53RCzRJkJvv-BoYDtdTaiCN8qo.roa File: L53RCzRJkJvv-BoYDtdTaiCN8qo.roa (raw, json) Hash identifier: ixajAdhME9iKF50FD0z5UqyDt+Cx0y0iLNzXMhDXexc= Subject key identifier: 2F:9D:D1:0B:34:49:90:9B:EF:F8:1A:18:0E:D7:53:6A:20:8D:F2:AA Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 2359 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/L53RCzRJkJvv-BoYDtdTaiCN8qo.roa Signing time: Thu 26 Jun 2025 08:40:18 +0000 ROA not before: Thu 26 Jun 2025 08:40:18 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 209178 IP address blocks: 49.128.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 09:15:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9049 (0x2359) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Jun 26 08:40:18 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=2F9DD10B3449909BEFF81A180ED7536A208DF2AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:53:04:6b:15:f5:d2:8c:7b:f5:e1:7d:81:fc: a9:70:21:2e:5d:ef:47:4f:22:26:cf:67:aa:b2:cc: 6f:2f:50:aa:c4:58:32:95:b2:5e:11:38:62:9b:b1: 82:a0:73:7d:7d:09:9a:fa:df:ae:6c:0b:c9:d8:4d: 54:47:ba:94:fe:06:d7:ea:72:b7:aa:27:c2:23:35: ad:fd:9c:e8:ce:09:e3:6f:c5:9e:03:f3:8c:bb:08: a7:55:9a:a6:43:26:12:9a:f1:10:29:26:19:b3:2e: 73:e4:26:8d:d3:a9:df:c7:88:cf:b2:fd:c4:4a:75: 65:2b:b1:d5:ab:d9:64:13:22:c9:7b:33:65:db:8a: 53:95:5b:df:b2:36:d5:8b:1c:21:25:37:61:bc:09: cc:03:ab:1d:a3:d3:de:05:e6:23:23:0a:6a:45:d3: f2:8d:e0:82:07:dd:50:96:d3:45:ce:99:e9:9c:36: 96:de:4d:4f:6d:fb:39:0b:73:25:fd:b6:7e:a4:a1: 85:c0:2a:2e:b9:88:7e:3d:e4:be:26:d6:f3:f2:df: 09:28:8b:5d:0a:c9:17:60:6a:39:ce:40:af:49:bf: 37:d3:ea:2f:cc:92:9d:a3:6e:7f:5c:4b:11:83:17: 6d:9b:d5:49:19:d9:dd:12:07:ea:34:1f:0f:0b:12: 23:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:9D:D1:0B:34:49:90:9B:EF:F8:1A:18:0E:D7:53:6A:20:8D:F2:AA X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/L53RCzRJkJvv-BoYDtdTaiCN8qo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.128.4.0/22 Signature Algorithm: sha256WithRSAEncryption bb:64:99:c3:6c:b8:53:f4:30:71:1a:f4:c8:eb:04:6c:65:34: de:1d:0d:c6:30:ca:eb:5e:31:7d:a9:bd:24:07:c0:8b:78:08: fc:3d:4e:1b:7e:b3:be:04:7e:0a:19:ce:84:64:93:07:86:c0: 6e:d9:dc:2d:81:b2:ba:9f:fb:8c:cc:62:4b:80:bd:04:0a:c8: 5b:40:6a:06:e5:e3:ea:0e:2f:29:9e:a7:56:7a:aa:75:d0:bc: 90:3d:a0:ca:72:18:79:78:f2:d1:60:0e:18:fe:51:f7:45:78: eb:7b:29:10:78:b6:72:20:e3:d9:0a:53:2b:0c:05:68:e2:a0: 35:61:dd:aa:7d:5f:ab:c3:ba:dc:f1:03:0d:47:78:8c:89:a6: fc:e1:22:87:5a:51:e5:f2:62:e6:5a:0d:25:07:70:09:20:e7: c7:6b:08:01:b9:35:c0:aa:46:a2:30:c2:7c:93:ae:8e:50:a6: d0:9d:5c:ca:99:c6:8c:dc:65:51:08:55:b5:af:18:f0:b2:62: e5:01:42:69:e6:a1:84:99:81:73:6d:38:a7:e3:ca:23:3f:ff: 8c:0d:4b:48:1f:13:f2:4a:e1:dd:63:f0:5e:07:e5:83:5f:f0: 32:f9:31:6e:da:e4:00:79:65:64:81:87:3a:b7:af:17:52:d1: ed:e4:9d:c5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICI1kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNTA2MjYw ODQwMThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDJGOUREMTBCMzQ0OTkw OUJFRkY4MUExODBFRDc1MzZBMjA4REYyQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCbUwRrFfXSjHv14X2B/KlwIS5d70dPIibPZ6qyzG8vUKrEWDKV sl4ROGKbsYKgc319CZr6365sC8nYTVRHupT+BtfqcreqJ8IjNa39nOjOCeNvxZ4D 84y7CKdVmqZDJhKa8RApJhmzLnPkJo3Tqd/HiM+y/cRKdWUrsdWr2WQTIsl7M2Xb ilOVW9+yNtWLHCElN2G8CcwDqx2j094F5iMjCmpF0/KN4IIH3VCW00XOmemcNpbe TU9t+zkLcyX9tn6koYXAKi65iH495L4m1vPy3wkoi10KyRdgajnOQK9JvzfT6i/M kp2jbn9cSxGDF22b1UkZ2d0SB+o0Hw8LEiN9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUL53RCzRJkJvv+BoYDtdTaiCN8qowHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvTDUzUkN6UkprSnZ2 LUJvWUR0ZFRhaUNOOHFvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAjGABDANBgkqhkiG9w0BAQsFAAOCAQEAu2SZw2y4U/QwcRr0yOsEbGU03h0N xjDK614xfam9JAfAi3gI/D1OG36zvgR+ChnOhGSTB4bAbtncLYGyup/7jMxiS4C9 BArIW0BqBuXj6g4vKZ6nVnqqddC8kD2gynIYeXjy0WAOGP5R90V463spEHi2ciDj 2QpTKwwFaOKgNWHdqn1fq8O63PEDDUd4jImm/OEih1pR5fJi5loNJQdwCSDnx2sI Abk1wKpGojDCfJOujlCm0J1cypnGjNxlUQhVta8Y8LJi5QFCaeahhJmBc204p+PK Iz//jA1LSB8T8krh3WPwXgflg1/wMvkxbtrkAHllZIGHOrevF1LR7eSdxQ== -----END CERTIFICATE-----Generated at Fri Jul 4 08:30:51 2025 by rpki-client