$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/F7iRetijVYyRPFvCUBjtfpwRnJU.roa File: F7iRetijVYyRPFvCUBjtfpwRnJU.roa (raw, json) Hash identifier: Ii2P6rYkpKc/76HByq7Wz9tNn3tNr6KSettvrwmaZE4= Subject key identifier: 17:B8:91:7A:D8:A3:55:8C:91:3C:5B:C2:50:18:ED:7E:9C:11:9C:95 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 134B Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/F7iRetijVYyRPFvCUBjtfpwRnJU.roa Signing time: Thu 22 May 2025 09:04:47 +0000 ROA not before: Thu 22 May 2025 09:04:47 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 101.245.60.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 19:41:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4939 (0x134b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: May 22 09:04:47 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=17B8917AD8A3558C913C5BC25018ED7E9C119C95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ea:be:c2:f5:86:a8:93:f2:04:bf:f2:21:01: 49:bc:58:ae:3e:11:41:5d:0f:e5:bf:9d:9b:8c:52: 2f:82:96:cd:1e:f1:80:41:16:8b:0c:9a:fb:9c:3b: 38:76:ba:a5:d4:a5:be:0e:54:70:c1:e9:84:1e:fc: 30:a2:23:8a:1f:00:81:db:48:9b:48:94:49:4a:fc: d5:7e:45:7e:fb:0d:e3:55:14:5f:b6:27:4b:e1:1a: d3:ee:a8:c5:c4:34:24:06:51:2c:4b:11:40:f0:09: 22:cb:7c:88:fb:37:b9:12:d1:f1:c5:ff:e7:bf:26: aa:49:34:8d:ee:ed:1b:c0:2d:46:31:f9:38:33:df: 35:6b:90:67:38:8b:29:2a:dd:12:a1:af:61:ff:c0: 71:d5:3f:c9:f9:6a:a2:2d:91:2c:57:26:21:63:a9: f1:d8:28:7f:27:bc:db:b4:3b:32:20:41:f8:91:c9: e5:bb:5b:09:ec:7d:06:89:96:ca:86:b6:d4:f7:b5: a7:86:2e:32:e3:fd:4b:ae:0d:7c:b3:37:d3:bd:51: 5f:84:26:2d:d7:c2:f4:72:4c:4c:ff:a1:a7:9a:88: b2:dd:58:34:f0:d5:09:77:54:6b:6d:b2:1a:bd:af: b3:6b:e7:62:b8:58:43:10:2a:4f:99:26:bc:85:fd: 22:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:B8:91:7A:D8:A3:55:8C:91:3C:5B:C2:50:18:ED:7E:9C:11:9C:95 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/F7iRetijVYyRPFvCUBjtfpwRnJU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.245.60.0/22 Signature Algorithm: sha256WithRSAEncryption 8e:db:39:fc:4a:1a:18:89:2b:fc:c0:a1:67:e6:32:59:c0:7a: 4c:74:5e:a5:4d:e1:6b:7e:c2:67:df:48:cd:23:a4:21:4b:6d: f8:a7:f2:a2:71:68:64:a0:e8:4e:61:49:a5:08:84:c2:20:84: 1d:86:28:a3:70:47:1b:5b:3c:0b:5c:53:a4:f7:67:c4:b7:d7: 18:ac:34:93:4b:02:f3:67:30:51:88:b7:35:76:42:33:46:ae: d3:f6:e3:09:d7:82:17:e7:27:88:60:57:82:c7:c2:04:45:73: 8e:cc:94:ef:06:dc:09:5e:f5:ef:56:2f:b1:10:09:b2:db:33: 86:b4:2f:ce:96:eb:b2:59:ea:e1:3d:66:16:87:c4:30:00:a3: 7e:cd:54:79:42:d5:68:72:3f:5c:31:01:3d:6a:93:5b:9d:1c: 19:2c:c8:65:16:a9:d0:86:de:0c:a8:91:6d:27:17:42:ed:ee: 22:0f:36:cc:f9:2e:76:9d:86:47:9f:d1:de:a3:6e:a8:fb:51: a7:76:15:1c:fd:ce:02:9a:58:44:df:59:9e:77:00:48:21:1c: 08:2a:f7:a5:c1:81:41:5e:37:c6:b4:c8:fb:23:dc:23:fe:94: c6:46:79:37:1a:ca:4b:20:bf:27:c7:c0:30:5c:bf:68:5b:f7: 9a:8e:31:75 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE0swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw OTA0NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDE3Qjg5MTdBRDhBMzU1 OEM5MTNDNUJDMjUwMThFRDdFOUMxMTlDOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDf6r7C9Yaok/IEv/IhAUm8WK4+EUFdD+W/nZuMUi+Cls0e8YBB FosMmvucOzh2uqXUpb4OVHDB6YQe/DCiI4ofAIHbSJtIlElK/NV+RX77DeNVFF+2 J0vhGtPuqMXENCQGUSxLEUDwCSLLfIj7N7kS0fHF/+e/JqpJNI3u7RvALUYx+Tgz 3zVrkGc4iykq3RKhr2H/wHHVP8n5aqItkSxXJiFjqfHYKH8nvNu0OzIgQfiRyeW7 WwnsfQaJlsqGttT3taeGLjLj/UuuDXyzN9O9UV+EJi3XwvRyTEz/oaeaiLLdWDTw 1Ql3VGttshq9r7Nr52K4WEMQKk+ZJryF/SKTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUF7iRetijVYyRPFvCUBjtfpwRnJUwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvRjdpUmV0aWpWWXlS UEZ2Q1VCanRmcHdSbkpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmX1PDANBgkqhkiG9w0BAQsFAAOCAQEAjts5/EoaGIkr/MChZ+YyWcB6THRe pU3ha37CZ99IzSOkIUtt+KfyonFoZKDoTmFJpQiEwiCEHYYoo3BHG1s8C1xTpPdn xLfXGKw0k0sC82cwUYi3NXZCM0au0/bjCdeCF+cniGBXgsfCBEVzjsyU7wbcCV71 71YvsRAJstszhrQvzpbrslnq4T1mFofEMACjfs1UeULVaHI/XDEBPWqTW50cGSzI ZRap0IbeDKiRbScXQu3uIg82zPkudp2GR5/R3qNuqPtRp3YVHP3OAppYRN9ZnncA SCEcCCr3pcGBQV43xrTI+yPcI/6UxkZ5NxrKSyC/J8fAMFy/aFv3mo4xdQ== -----END CERTIFICATE-----Generated at Thu Jun 5 19:18:30 2025 by rpki-client