$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/QG6G87l38zLcpwQ9gb-JiR0M0U0.roa File: QG6G87l38zLcpwQ9gb-JiR0M0U0.roa (raw, json) Hash identifier: TqVg9JU02tPtqXDIbq7DL9Qkn1cpixY/MGan+TVbwoA= Subject key identifier: 40:6E:86:F3:B9:77:F3:32:DC:A7:04:3D:81:BF:89:89:1D:0C:D1:4D Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 11E0 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/QG6G87l38zLcpwQ9gb-JiR0M0U0.roa Signing time: Fri 14 Mar 2025 09:37:08 +0000 ROA not before: Fri 14 Mar 2025 09:37:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.46.72.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4576 (0x11e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Mar 14 09:37:08 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=406E86F3B977F332DCA7043D81BF89891D0CD14D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:9c:1e:f8:ca:83:8e:b7:91:26:77:e6:65:29: 75:35:dc:6f:da:4b:c8:b0:4a:03:d4:1f:3e:26:bf: ad:90:43:c5:f0:21:cd:86:e7:33:79:3f:a9:3d:b2: c3:c6:8b:b1:69:61:34:11:02:b7:d1:b6:ea:d6:38: 4d:a6:a6:03:9b:fd:a8:d9:d4:72:f9:d4:01:67:43: 52:44:09:7b:21:e5:f3:a2:85:f2:68:74:94:77:0b: b8:23:ef:09:0d:8f:12:bc:0b:d2:2f:33:74:55:0f: 62:dd:de:65:11:25:8d:0f:c4:f3:d7:28:a7:43:7e: cf:90:9c:83:15:fc:45:cf:29:85:9f:b2:96:06:61: 72:1b:4e:b1:a8:20:bd:9e:df:ea:23:68:34:08:a0: 42:e2:14:04:97:07:14:a0:83:e4:8e:93:41:c3:fa: b5:40:54:25:98:58:1b:f6:40:1c:c8:9b:c4:09:9c: b7:74:89:99:b0:9d:01:9d:7d:15:54:31:63:e8:45: 7a:25:d4:2d:3a:eb:af:99:49:b8:26:68:9a:c9:46: 12:c4:d2:1c:4e:66:6d:cb:00:be:d3:79:90:48:46: f3:b9:99:17:a3:c0:01:c8:33:26:06:40:b3:ae:1b: f1:18:c9:54:a0:a6:92:3c:16:89:05:13:8d:cd:ea: 44:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:6E:86:F3:B9:77:F3:32:DC:A7:04:3D:81:BF:89:89:1D:0C:D1:4D X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/QG6G87l38zLcpwQ9gb-JiR0M0U0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.72.0/21 Signature Algorithm: sha256WithRSAEncryption 66:ef:5e:ad:a7:a9:b2:90:91:e9:84:f4:99:aa:09:6a:25:eb: 5a:55:d5:13:42:fb:80:0b:6a:f9:dc:13:09:8b:c1:b7:b7:3d: 8c:27:90:2d:bc:96:1d:69:80:ef:c4:1b:43:43:05:31:21:bc: 80:32:52:93:ac:47:84:ab:44:75:de:8b:11:2a:d0:6b:60:03: e7:29:b0:1e:d0:35:ed:3d:8c:41:e1:4f:88:79:70:3e:f9:eb: 3c:5b:41:f6:29:cc:9e:29:0c:20:48:62:2c:b0:fd:0d:76:48: 53:62:3f:d2:ff:ee:33:9c:0b:6f:ac:fa:25:27:e7:a8:ff:c7: 38:14:d3:75:cf:2c:4e:61:36:f6:9d:f2:03:bc:22:f5:d3:f6: 48:79:fd:85:1d:de:9f:b0:68:91:4a:87:af:22:13:27:03:a3: 53:fd:ca:68:50:df:17:62:80:33:d3:42:f8:b7:ab:6d:23:bb: 0f:70:ca:0e:bd:ba:75:5e:f3:1e:8f:11:3b:a5:fb:f0:97:26: 1d:e8:22:8e:0c:ea:22:6a:89:58:eb:10:25:2d:2e:a3:71:f1: cb:92:ff:44:bc:98:cf:c1:dd:e4:6c:2b:44:ce:a4:40:9b:df: 3c:68:cb:a6:45:ac:b4:94:5e:12:3d:7a:bc:44:7d:7f:ac:b8: 27:c1:09:3e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEeAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw OTM3MDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQwNkU4NkYzQjk3N0Yz MzJEQ0E3MDQzRDgxQkY4OTg5MUQwQ0QxNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXnB74yoOOt5Emd+ZlKXU13G/aS8iwSgPUHz4mv62QQ8XwIc2G 5zN5P6k9ssPGi7FpYTQRArfRturWOE2mpgOb/ajZ1HL51AFnQ1JECXsh5fOihfJo dJR3C7gj7wkNjxK8C9IvM3RVD2Ld3mURJY0PxPPXKKdDfs+QnIMV/EXPKYWfspYG YXIbTrGoIL2e3+ojaDQIoELiFASXBxSgg+SOk0HD+rVAVCWYWBv2QBzIm8QJnLd0 iZmwnQGdfRVUMWPoRXol1C0666+ZSbgmaJrJRhLE0hxOZm3LAL7TeZBIRvO5mRej wAHIMyYGQLOuG/EYyVSgppI8FokFE43N6kQdAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQG6G87l38zLcpwQ9gb+JiR0M0U0wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvUUc2Rzg3bDM4ekxj cHdROWdiLUppUjBNMFUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA3EuSDANBgkqhkiG9w0BAQsFAAOCAQEAZu9eraepspCR6YT0maoJaiXrWlXV E0L7gAtq+dwTCYvBt7c9jCeQLbyWHWmA78QbQ0MFMSG8gDJSk6xHhKtEdd6LESrQ a2AD5ymwHtA17T2MQeFPiHlwPvnrPFtB9inMnikMIEhiLLD9DXZIU2I/0v/uM5wL b6z6JSfnqP/HOBTTdc8sTmE29p3yA7wi9dP2SHn9hR3en7BokUqHryITJwOjU/3K aFDfF2KAM9NC+LerbSO7D3DKDr26dV7zHo8RO6X78JcmHegijgzqImqJWOsQJS0u o3Hxy5L/RLyYz8Hd5GwrRM6kQJvfPGjLpkWstJReEj16vER9f6y4J8EJPg== -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:17 2025 by rpki-client