$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/LLDvq8SZCrNntmIwoCvDyW96kn0.roa File: LLDvq8SZCrNntmIwoCvDyW96kn0.roa (raw, json) Hash identifier: c9oNnGMDVly4rzX2eKJnULze7PwLiP3HKka2kvV20Qg= Subject key identifier: 2C:B0:EF:AB:C4:99:0A:B3:67:B6:62:30:A0:2B:C3:C9:6F:7A:92:7D Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 11E7 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/LLDvq8SZCrNntmIwoCvDyW96kn0.roa Signing time: Fri 14 Mar 2025 09:37:10 +0000 ROA not before: Fri 14 Mar 2025 09:37:10 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.46.96.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 13:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4583 (0x11e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Mar 14 09:37:10 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2CB0EFABC4990AB367B66230A02BC3C96F7A927D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:c2:a0:cd:eb:09:64:df:6d:18:c0:12:73:18: 08:53:00:25:74:8f:1e:9d:91:0b:d4:95:ee:91:1d: 4b:a5:f9:17:7c:51:0b:95:ff:d8:3b:8a:86:c6:70: 85:64:e5:0d:13:ce:02:2f:2c:e1:80:a1:d2:bd:6f: 3b:52:07:71:f7:fd:c1:62:81:fd:a3:29:8c:74:c1: 5d:a8:17:86:0c:62:a1:bd:fc:01:76:d5:46:34:8e: f0:7f:f4:ef:ca:1c:fd:44:d6:c7:d0:4c:84:86:d1: be:a6:3b:d3:21:3f:10:70:42:41:24:9d:fe:59:a8: bc:40:3e:ad:80:02:7d:66:e2:54:2f:68:29:f0:bd: ba:01:84:e0:b0:51:1a:0b:8d:cb:71:b7:b3:f7:6a: e9:ff:e3:1a:df:6d:59:b8:80:b8:12:85:4a:4f:d4: 91:f4:93:63:af:05:60:62:23:61:90:e6:cb:b5:84: 17:be:cf:db:b3:dd:5e:a2:3b:81:0a:62:91:bd:ed: 6b:1f:73:e9:e8:e4:7a:6b:1e:17:c3:06:9d:9c:c3: 31:a8:8e:26:ea:e7:32:00:cc:55:90:d7:92:ec:13: e9:b8:0a:fd:16:e7:ce:39:e2:ab:e8:9a:73:0c:d0: 96:d6:53:4b:48:3d:ed:c6:bc:4e:6d:c4:f8:6c:c8: 34:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:B0:EF:AB:C4:99:0A:B3:67:B6:62:30:A0:2B:C3:C9:6F:7A:92:7D X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/LLDvq8SZCrNntmIwoCvDyW96kn0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.96.0/19 Signature Algorithm: sha256WithRSAEncryption 38:90:4b:69:9f:b8:c9:93:0b:b4:9c:d7:43:d2:b6:46:36:63: 5c:93:f3:90:7c:c7:62:51:99:70:e8:d1:c4:67:4e:18:e8:6c: df:89:dc:5b:b6:06:c9:dc:85:d5:45:a7:03:1a:6b:1e:b2:36: 08:29:15:14:b1:64:09:7d:86:7e:4d:5b:d3:6e:be:9f:73:4c: 1d:cd:5e:5a:a6:41:25:69:52:66:4a:19:a5:32:8b:44:b5:cc: a3:3e:cb:9d:b9:ca:e9:67:16:17:7f:13:ff:ab:a1:4e:e2:3b: d7:43:db:cf:59:15:35:4e:2a:3b:a6:10:34:26:26:9e:f1:8b: 84:3a:df:bd:c3:d9:ae:aa:8d:33:8e:f9:47:30:41:a5:b4:33: bd:a8:fb:1f:08:14:cb:a3:90:c6:db:75:52:e6:17:28:82:24: 2a:7c:b2:3e:6b:e7:7f:0f:7e:10:b8:c5:fd:f6:b0:c5:33:49: b7:8c:65:43:be:33:93:06:98:03:34:5c:e3:2b:3c:fa:fc:3b: e0:76:c4:5a:46:63:fe:e7:11:3e:f3:d7:1d:14:62:96:72:c0: 3e:38:50:d0:1f:17:d1:2f:a9:c4:93:01:37:55:f0:21:af:c8: a1:b2:e0:4e:5e:41:42:55:db:47:8d:7b:94:f2:dd:f1:e9:09: 2e:6a:9f:ad -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEecwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw OTM3MTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJDQjBFRkFCQzQ5OTBB QjM2N0I2NjIzMEEwMkJDM0M5NkY3QTkyN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCjwqDN6wlk320YwBJzGAhTACV0jx6dkQvUle6RHUul+Rd8UQuV /9g7iobGcIVk5Q0TzgIvLOGAodK9bztSB3H3/cFigf2jKYx0wV2oF4YMYqG9/AF2 1UY0jvB/9O/KHP1E1sfQTISG0b6mO9MhPxBwQkEknf5ZqLxAPq2AAn1m4lQvaCnw vboBhOCwURoLjctxt7P3aun/4xrfbVm4gLgShUpP1JH0k2OvBWBiI2GQ5su1hBe+ z9uz3V6iO4EKYpG97Wsfc+no5HprHhfDBp2cwzGojibq5zIAzFWQ15LsE+m4Cv0W 58454qvomnMM0JbWU0tIPe3GvE5txPhsyDQBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULLDvq8SZCrNntmIwoCvDyW96kn0wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvTExEdnE4U1pDck5u dG1Jd29DdkR5Vzk2a24wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEuYDANBgkqhkiG9w0BAQsFAAOCAQEAOJBLaZ+4yZMLtJzXQ9K2RjZjXJPz kHzHYlGZcOjRxGdOGOhs34ncW7YGydyF1UWnAxprHrI2CCkVFLFkCX2Gfk1b026+ n3NMHc1eWqZBJWlSZkoZpTKLRLXMoz7LnbnK6WcWF38T/6uhTuI710Pbz1kVNU4q O6YQNCYmnvGLhDrfvcPZrqqNM475RzBBpbQzvaj7HwgUy6OQxtt1UuYXKIIkKnyy Pmvnfw9+ELjF/fawxTNJt4xlQ74zkwaYAzRc4ys8+vw74HbEWkZj/ucRPvPXHRRi lnLAPjhQ0B8X0S+pxJMBN1XwIa/IobLgTl5BQlXbR417lPLd8ekJLmqfrQ== -----END CERTIFICATE-----Generated at Fri Apr 11 12:46:49 2025 by rpki-client