$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/7wEl8SElVcnDDbeVhImg8NAhSeQ.roa File: 7wEl8SElVcnDDbeVhImg8NAhSeQ.roa (raw, json) Hash identifier: qTYAO55o9TPlBMHUgzPtiJLPMrikoijXLme7pRWzThY= Subject key identifier: EF:01:25:F1:21:25:55:C9:C3:0D:B7:95:84:89:A0:F0:D0:21:49:E4 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0E89 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/7wEl8SElVcnDDbeVhImg8NAhSeQ.roa Signing time: Tue 08 Oct 2024 07:23:01 +0000 ROA not before: Tue 08 Oct 2024 07:23:01 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.45.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 22:57:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3721 (0xe89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Oct 8 07:23:01 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=EF0125F1212555C9C30DB7958489A0F0D02149E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:05:be:dd:c9:43:8a:2c:c2:4f:5f:e6:ee:cf: fc:ce:07:76:10:20:3c:e8:1b:fa:b7:74:e2:40:af: c5:c5:83:0a:e1:67:e3:71:54:36:f9:2e:17:59:70: 4c:2e:92:bf:95:11:0d:e7:ff:ac:09:99:0e:59:be: 6d:36:5b:7d:83:fd:d3:8a:9c:e1:9b:0d:60:a4:df: 19:cd:99:d5:48:7c:ce:d1:cd:5e:6d:0a:7a:13:ff: 0c:84:6e:73:06:9b:05:0d:b7:11:56:3b:7d:54:6a: 9f:05:61:ab:78:28:4f:6b:0b:36:8d:f3:0d:c7:60: b3:d9:af:66:c9:b8:96:e1:3c:27:12:ca:cf:29:12: 9b:dd:61:66:26:c2:85:8a:74:47:33:41:1b:d4:44: cc:86:5f:81:11:71:6c:3f:e0:98:3f:02:7e:bf:53: c7:ae:48:41:8e:af:79:c6:21:11:d4:28:01:84:b6: 5a:2c:73:6d:c9:3c:08:14:bc:bc:53:36:0d:05:b2: f3:b9:f4:5e:1e:8d:23:fe:a1:f2:92:4c:da:81:41: 32:b5:4f:e0:8c:c3:dc:20:b8:0a:f3:e6:15:2a:ec: 6c:30:f6:0b:d0:53:0b:98:40:a6:45:5f:35:83:f5: e6:67:e7:91:c6:10:02:27:a8:85:0a:96:e4:3a:82: 49:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:01:25:F1:21:25:55:C9:C3:0D:B7:95:84:89:A0:F0:D0:21:49:E4 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/7wEl8SElVcnDDbeVhImg8NAhSeQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.45.64.0/19 Signature Algorithm: sha256WithRSAEncryption 32:dc:bd:3c:b6:f2:a6:71:f7:3f:c2:73:f4:59:9e:68:f4:42: 6b:26:f6:d8:bf:b8:a9:f8:7d:95:a1:74:cb:1b:0e:e7:fd:3c: 70:5c:0e:60:e4:f8:f8:d2:63:52:f8:0f:d2:ce:a4:43:c2:16: 5b:e7:12:98:09:62:a2:c7:1e:97:7b:7c:ae:8f:44:dc:a6:ff: 33:59:0e:b0:d6:22:36:e5:9b:87:31:4c:f1:3d:e4:87:04:81: 28:96:fd:56:00:c0:ff:72:aa:ca:49:2a:0a:17:22:cd:47:ce: 3c:61:9c:c4:ee:e8:04:95:a1:3c:e4:d9:57:0a:e7:6d:64:8d: 40:98:f7:9b:37:6d:d4:ba:99:fd:4f:59:fd:60:1c:20:31:c6: 61:46:a3:98:90:2c:a8:04:a3:4b:51:ac:7d:40:ff:ae:df:64: f6:42:3c:d1:0d:35:7f:36:c4:5c:cf:23:60:e0:23:4b:5b:a7: b1:96:3f:e5:a8:21:a4:a6:96:df:bc:a6:5a:6d:67:9b:0e:fa: 83:fe:33:ac:e9:93:63:19:a7:a0:5f:e7:b9:70:0c:bd:dd:e0: 4a:73:25:cc:0e:f2:bb:80:de:df:7f:fb:e4:b0:1f:cf:b0:71: 76:20:46:e6:ae:d5:dd:23:49:4a:82:e1:99:f3:1d:d7:bd:b9: d8:94:b9:0e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEwMDgw NzIzMDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVGMDEyNUYxMjEyNTU1 QzlDMzBEQjc5NTg0ODlBMEYwRDAyMTQ5RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCvBb7dyUOKLMJPX+buz/zOB3YQIDzoG/q3dOJAr8XFgwrhZ+Nx VDb5LhdZcEwukr+VEQ3n/6wJmQ5Zvm02W32D/dOKnOGbDWCk3xnNmdVIfM7RzV5t CnoT/wyEbnMGmwUNtxFWO31Uap8FYat4KE9rCzaN8w3HYLPZr2bJuJbhPCcSys8p EpvdYWYmwoWKdEczQRvURMyGX4ERcWw/4Jg/An6/U8euSEGOr3nGIRHUKAGEtlos c23JPAgUvLxTNg0FsvO59F4ejSP+ofKSTNqBQTK1T+CMw9wguArz5hUq7Gww9gvQ UwuYQKZFXzWD9eZn55HGEAInqIUKluQ6gkmjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU7wEl8SElVcnDDbeVhImg8NAhSeQwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvN3dFbDhTRWxWY25E RGJlVmhJbWc4TkFoU2VRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEtQDANBgkqhkiG9w0BAQsFAAOCAQEAMty9PLbypnH3P8Jz9FmeaPRCayb2 2L+4qfh9laF0yxsO5/08cFwOYOT4+NJjUvgP0s6kQ8IWW+cSmAlioscel3t8ro9E 3Kb/M1kOsNYiNuWbhzFM8T3khwSBKJb9VgDA/3KqykkqChcizUfOPGGcxO7oBJWh POTZVwrnbWSNQJj3mzdt1LqZ/U9Z/WAcIDHGYUajmJAsqASjS1GsfUD/rt9k9kI8 0Q01fzbEXM8jYOAjS1unsZY/5aghpKaW37ymWm1nmw76g/4zrOmTYxmnoF/nuXAM vd3gSnMlzA7yu4De33/75LAfz7BxdiBG5q7V3SNJSoLhmfMd17252JS5Dg== -----END CERTIFICATE-----Generated at Sun Feb 16 21:37:03 2025 by rpki-client