$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZUq1BkIBwAmG5awoho2OyHX3K84.roa File: ZUq1BkIBwAmG5awoho2OyHX3K84.roa (raw, json) Hash identifier: NuqjAOzMjt1/DZi1UnOau8zucaBGfVwwOpC2v3T9NN0= Subject key identifier: 65:4A:B5:06:42:01:C0:09:86:E5:AC:28:86:8D:8E:C8:75:F7:2B:CE Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 134D Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZUq1BkIBwAmG5awoho2OyHX3K84.roa Signing time: Thu 22 May 2025 09:04:47 +0000 ROA not before: Thu 22 May 2025 09:04:47 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 115.32.16.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:10:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4941 (0x134d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: May 22 09:04:47 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=654AB5064201C00986E5AC28868D8EC875F72BCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:98:64:0d:14:8d:72:94:cf:75:82:69:df:c9: 76:12:8c:20:44:69:54:3e:05:8f:5b:b1:40:fe:c6: 3d:66:3e:4e:58:da:89:08:8a:00:1e:5c:9c:4f:b1: 9d:ca:65:c3:c2:6d:ce:e4:f4:b3:68:93:80:5c:62: d2:be:b2:db:8d:9e:8e:33:e2:95:d4:97:ce:b0:ab: 02:ca:ef:29:3b:fa:8c:c9:62:7d:cc:66:cf:e2:a6: 31:d5:55:e7:f6:0c:d0:6d:63:4a:3e:7e:8c:fa:bd: 35:8b:67:b2:f5:e6:6a:d2:ec:fd:42:24:57:cf:5b: 47:e0:0e:98:05:2e:cf:c1:ff:e8:16:77:d1:a6:b6: ff:1e:30:3d:5f:a6:2c:42:7c:d0:92:d8:e9:10:39: ee:74:37:92:7d:ca:b2:c5:d6:83:2c:f9:40:7c:a0: 92:6f:e0:37:a2:c8:ac:9c:e7:cd:14:b3:5b:a7:78: e6:77:ce:98:a3:4e:9d:3b:1a:8b:7d:5a:e8:42:df: 38:ae:d7:f8:d8:b4:15:6c:3e:87:ee:be:99:5c:5c: 52:41:ab:12:08:9b:63:5c:91:f2:a2:ae:fb:8c:84: aa:72:4c:8c:5b:32:09:24:97:fc:f4:a4:ab:d7:20: e3:2e:4d:27:3f:3d:7b:34:db:9a:33:a2:78:99:dc: 11:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:4A:B5:06:42:01:C0:09:86:E5:AC:28:86:8D:8E:C8:75:F7:2B:CE X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ZUq1BkIBwAmG5awoho2OyHX3K84.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.32.16.0/20 Signature Algorithm: sha256WithRSAEncryption 33:6f:bb:27:25:25:34:98:07:45:95:95:ce:51:ed:6d:17:0a: cd:ac:e6:76:32:71:51:4f:72:5f:10:fe:1f:44:b8:a1:7d:e4: ff:7c:e3:61:3b:13:07:1a:ec:bb:36:f9:1f:18:7d:97:76:24: 5b:58:6f:e9:1c:98:dc:5c:26:61:c2:92:dc:cf:13:a4:17:ed: 9d:e7:b0:f7:c9:b3:51:ec:3a:8a:c2:83:5d:25:36:b1:e2:79: 79:5e:ff:48:60:88:f3:66:16:8a:95:ad:08:48:2f:71:63:bc: 34:35:27:a6:7e:2c:78:a8:ff:38:4e:dc:29:01:63:0f:e2:cc: 0e:39:05:e8:68:6c:84:71:28:b6:60:10:ad:d3:75:65:12:92: d4:f7:63:c2:a8:db:c2:ea:7c:36:ed:e2:2f:76:92:9f:79:69: 21:e5:96:f4:c6:d2:f7:0d:65:8b:b2:47:95:a7:09:1f:89:ea: e4:3f:28:b2:22:c5:49:f6:f4:e1:22:98:84:34:4c:43:ca:60: d2:6b:71:b8:8f:1c:53:6c:9a:76:be:73:d8:1f:03:25:bd:73: c3:da:4c:30:c5:4d:8a:f7:36:92:7c:52:cb:fd:ec:b8:2a:08: 96:78:69:6c:16:74:8c:c2:7b:88:e6:9f:be:60:31:28:e2:3d: 2e:6c:31:67 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw OTA0NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDY1NEFCNTA2NDIwMUMw MDk4NkU1QUMyODg2OEQ4RUM4NzVGNzJCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCZmGQNFI1ylM91gmnfyXYSjCBEaVQ+BY9bsUD+xj1mPk5Y2okI igAeXJxPsZ3KZcPCbc7k9LNok4BcYtK+stuNno4z4pXUl86wqwLK7yk7+ozJYn3M Zs/ipjHVVef2DNBtY0o+foz6vTWLZ7L15mrS7P1CJFfPW0fgDpgFLs/B/+gWd9Gm tv8eMD1fpixCfNCS2OkQOe50N5J9yrLF1oMs+UB8oJJv4DeiyKyc580Us1uneOZ3 zpijTp07Got9WuhC3ziu1/jYtBVsPofuvplcXFJBqxIIm2NckfKirvuMhKpyTIxb Mgkkl/z0pKvXIOMuTSc/PXs025ozoniZ3BG5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUZUq1BkIBwAmG5awoho2OyHX3K84wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvWlVxMUJrSUJ3QW1H NWF3b2hvMk95SFgzSzg0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBHMgEDANBgkqhkiG9w0BAQsFAAOCAQEAM2+7JyUlNJgHRZWVzlHtbRcKzazm djJxUU9yXxD+H0S4oX3k/3zjYTsTBxrsuzb5Hxh9l3YkW1hv6RyY3FwmYcKS3M8T pBftneew98mzUew6isKDXSU2seJ5eV7/SGCI82YWipWtCEgvcWO8NDUnpn4seKj/ OE7cKQFjD+LMDjkF6GhshHEotmAQrdN1ZRKS1Pdjwqjbwup8Nu3iL3aSn3lpIeWW 9MbS9w1li7JHlacJH4nq5D8osiLFSfb04SKYhDRMQ8pg0mtxuI8cU2yadr5z2B8D Jb1zw9pMMMVNivc2knxSy/3suCoIlnhpbBZ0jMJ7iOafvmAxKOI9LmwxZw== -----END CERTIFICATE-----Generated at Wed Jun 4 01:09:47 2025 by rpki-client