$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/2b0eqZVrHP7qtRXvyKZMeVRD9oU.roa File: 2b0eqZVrHP7qtRXvyKZMeVRD9oU.roa (raw, json) Hash identifier: 7m42rJZvdxE3UsFzjJWkk00Eu5CBktkfhvE+4fT6Ggk= Subject key identifier: D9:BD:1E:A9:95:6B:1C:FE:EA:B5:15:EF:C8:A6:4C:79:54:43:F6:85 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1343 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/2b0eqZVrHP7qtRXvyKZMeVRD9oU.roa Signing time: Thu 22 May 2025 09:04:44 +0000 ROA not before: Thu 22 May 2025 09:04:44 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 101.245.48.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:10:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4931 (0x1343) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: May 22 09:04:44 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=D9BD1EA9956B1CFEEAB515EFC8A64C795443F685 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:b4:12:42:7e:c9:4d:e9:3d:dd:a8:d0:b6:bf: b1:2f:41:55:de:a6:30:b4:bc:14:d4:49:03:ee:b2: 94:b7:df:7a:02:5b:58:dc:41:c1:8a:46:00:0e:cd: 6b:9f:6a:a1:df:29:6b:d3:b3:68:5b:58:03:ad:fe: 00:1d:96:eb:da:fe:51:62:41:45:36:6a:e3:2e:16: 7d:26:21:e8:05:7e:a5:28:08:62:9e:06:1a:3a:ff: 52:32:43:c0:74:f4:ab:96:1a:4b:af:7e:04:bc:3b: cf:81:50:ff:b1:da:43:0d:6b:8c:fb:a2:c9:84:87: 29:15:e8:1e:fd:0d:4a:ac:d6:05:d3:3b:eb:5a:4e: f9:38:68:5e:5e:6f:0b:fb:7b:d3:18:be:05:a8:e9: 5c:02:29:23:26:4c:e3:65:94:89:0a:81:23:fa:19: 70:60:6f:21:cb:a6:13:53:8e:0a:b1:89:3e:65:79: 26:21:d9:8e:15:7d:57:c3:cf:10:30:c2:84:6d:a4: 59:a7:5c:f0:df:63:55:67:19:99:6c:f4:dd:5f:51: 2e:52:4e:85:c4:e2:f4:52:26:7e:a7:4b:91:8a:25: ca:a3:9f:4f:2d:13:96:dc:5f:dd:5d:d9:3a:8e:d3: 48:5a:52:9e:a2:67:18:11:a3:ce:08:f3:2e:5c:b4: 85:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:BD:1E:A9:95:6B:1C:FE:EA:B5:15:EF:C8:A6:4C:79:54:43:F6:85 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/2b0eqZVrHP7qtRXvyKZMeVRD9oU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.245.48.0/21 Signature Algorithm: sha256WithRSAEncryption 1c:96:b0:35:ed:3d:41:b4:c4:70:8f:86:65:5f:cf:62:46:d2: 10:13:4b:17:2c:54:af:a3:ff:d5:78:d6:31:44:7f:80:24:2d: 9a:2a:62:b0:a7:15:85:b0:8a:55:45:76:46:41:02:1f:5b:41: b6:5c:23:11:da:19:ee:74:bf:7b:b0:a9:6b:51:47:a6:57:65: 7e:39:17:7c:bd:56:7c:6d:ce:de:d1:0f:74:57:b5:09:e5:6b: c8:ee:26:03:8c:93:44:d0:b4:b9:13:de:a2:82:a4:1d:a9:36: 08:14:2f:15:71:82:cb:a9:c0:3f:a7:01:d6:94:06:bc:eb:15: 41:2b:d1:a1:8f:a7:e5:ca:d7:b4:80:34:d3:cc:4a:1b:b4:41: 82:95:0f:3c:e1:0f:5a:ce:8c:82:28:31:51:87:2f:80:de:a6: 00:2c:2b:a7:13:e4:e6:31:f1:14:cc:a2:aa:51:87:1b:20:db: 37:34:9b:9a:21:c4:b3:bf:88:1c:6c:84:72:94:ba:7e:f2:5d: 22:0b:b8:a9:bf:9a:dd:b5:1a:ab:25:2b:42:b1:1e:bf:1a:78: 73:57:40:81:17:5d:cb:16:04:9b:6f:1f:b4:99:cf:29:88:11: 9a:50:8e:76:70:82:d6:d9:47:f6:3d:e2:3b:41:31:83:cc:68: f5:9b:f5:8f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE0MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw OTA0NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ5QkQxRUE5OTU2QjFD RkVFQUI1MTVFRkM4QTY0Qzc5NTQ0M0Y2ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCUtBJCfslN6T3dqNC2v7EvQVXepjC0vBTUSQPuspS333oCW1jc QcGKRgAOzWufaqHfKWvTs2hbWAOt/gAdluva/lFiQUU2auMuFn0mIegFfqUoCGKe Bho6/1IyQ8B09KuWGkuvfgS8O8+BUP+x2kMNa4z7osmEhykV6B79DUqs1gXTO+ta Tvk4aF5ebwv7e9MYvgWo6VwCKSMmTONllIkKgSP6GXBgbyHLphNTjgqxiT5leSYh 2Y4VfVfDzxAwwoRtpFmnXPDfY1VnGZls9N1fUS5SToXE4vRSJn6nS5GKJcqjn08t E5bcX91d2TqO00haUp6iZxgRo84I8y5ctIVBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2b0eqZVrHP7qtRXvyKZMeVRD9oUwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvMmIwZXFaVnJIUDdx dFJYdnlLWk1lVlJEOW9VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA2X1MDANBgkqhkiG9w0BAQsFAAOCAQEAHJawNe09QbTEcI+GZV/PYkbSEBNL FyxUr6P/1XjWMUR/gCQtmipisKcVhbCKVUV2RkECH1tBtlwjEdoZ7nS/e7Cpa1FH pldlfjkXfL1WfG3O3tEPdFe1CeVryO4mA4yTRNC0uRPeooKkHak2CBQvFXGCy6nA P6cB1pQGvOsVQSvRoY+n5crXtIA008xKG7RBgpUPPOEPWs6MgigxUYcvgN6mACwr pxPk5jHxFMyiqlGHGyDbNzSbmiHEs7+IHGyEcpS6fvJdIgu4qb+a3bUaqyUrQrEe vxp4c1dAgRddyxYEm28ftJnPKYgRmlCOdnCC1tlH9j3iO0Exg8xo9Zv1jw== -----END CERTIFICATE-----Generated at Wed Jun 4 00:58:36 2025 by rpki-client