$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/bU3XQkja_ix2S7C9tW4ZU5vCJiY.roa File: bU3XQkja_ix2S7C9tW4ZU5vCJiY.roa (raw, json) Hash identifier: cqFo6ZVNEZhfPa5ZEufRQPMlb+Q6QAsSchs75bIuQVA= Subject key identifier: 6D:4D:D7:42:48:DA:FE:2C:76:4B:B0:BD:B5:6E:19:53:9B:C2:26:26 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 0F69 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bU3XQkja_ix2S7C9tW4ZU5vCJiY.roa Signing time: Mon 18 Nov 2024 08:37:17 +0000 ROA not before: Mon 18 Nov 2024 08:37:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.47.250.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 06:07:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3945 (0xf69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Nov 18 08:37:17 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=6D4DD74248DAFE2C764BB0BDB56E19539BC22626 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:1c:94:58:e5:d5:b9:15:89:83:02:50:fb:63: 76:27:c1:f0:f6:17:06:ff:ab:1f:a2:9d:f1:dd:e5: 7e:13:01:0e:18:5f:9d:90:31:57:31:1c:48:3b:ac: d8:8b:e9:9b:b0:92:d3:99:f8:21:a4:1c:de:10:ee: 58:83:f9:f3:7b:b5:6a:ff:8c:55:13:7b:b4:e3:37: 14:9b:08:fd:dc:9a:02:a1:75:5f:9d:0f:41:59:84: 72:88:26:b9:62:f5:1c:ff:30:71:aa:78:dc:8b:8f: 38:f6:2f:a9:9f:6d:65:93:90:5f:04:7b:7e:91:4a: 48:eb:c3:3f:72:4a:5f:f4:90:c4:a6:33:7a:ee:b8: d9:51:46:2c:3b:ea:c4:e7:36:6f:df:6a:54:8c:07: ab:93:45:f7:17:ec:22:e0:9d:af:55:c8:81:39:a6: b1:b8:2f:0a:80:6c:26:7a:13:c5:37:c7:d4:f3:8a: 00:1b:c7:4b:6b:ed:86:5d:97:ba:59:0b:9d:cc:28: 08:25:1e:d1:19:8a:28:83:a7:e1:ed:c8:2c:3e:81: e3:e3:a3:66:12:dc:fc:39:54:ed:b2:eb:aa:27:19: b8:08:17:ae:e0:c7:6e:d3:27:f4:5e:e1:ff:1f:6a: 2a:8f:47:68:e6:2c:97:01:ca:87:a5:e2:96:99:0b: 7d:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:4D:D7:42:48:DA:FE:2C:76:4B:B0:BD:B5:6E:19:53:9B:C2:26:26 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/bU3XQkja_ix2S7C9tW4ZU5vCJiY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.250.0/23 Signature Algorithm: sha256WithRSAEncryption 7a:85:4b:06:f8:27:e6:f0:66:f2:63:86:93:5b:9e:9f:53:0a: b7:5d:5c:3e:90:3f:f6:f9:a1:66:68:fd:eb:0c:47:8d:be:73: 06:cb:fd:eb:a7:6f:b4:81:4d:4d:6b:ec:18:4e:9f:64:f4:ec: d8:30:92:33:97:c6:0d:12:8e:e8:da:6d:5d:98:47:07:a0:80: 84:da:e1:51:9b:55:69:d4:ae:4c:a4:85:9d:15:40:b2:0b:f6: 6c:f4:b1:2f:65:67:f5:db:75:17:f3:c5:b5:28:a6:11:37:9f: d1:47:82:aa:2b:12:22:f9:80:d2:0f:5c:07:a7:58:87:2c:84: ea:1e:8b:94:6e:41:f0:6b:8e:c5:86:76:85:92:4e:74:76:cd: 2a:ad:dc:ed:b0:b0:d1:a2:02:45:bf:2e:8e:84:02:58:cd:0a: 5f:2c:dd:7d:a2:b9:7f:11:bb:77:41:58:0e:26:84:c0:4b:fd: da:10:87:d6:99:c0:06:87:bc:53:0f:57:b9:26:c7:f4:7b:92: e7:4d:99:e3:20:eb:23:62:60:60:f7:94:c1:1a:56:9c:c8:28: 90:e1:6e:6d:c3:2a:bc:ef:e7:d3:e5:03:82:93:0b:0e:00:d3: 5d:d0:2b:6f:78:c4:f2:55:b6:69:78:a7:c0:80:36:65:0b:01: b2:4a:46:32 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD2kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDExMTgw ODM3MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZENERENzQyNDhEQUZF MkM3NjRCQjBCREI1NkUxOTUzOUJDMjI2MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/HJRY5dW5FYmDAlD7Y3YnwfD2Fwb/qx+infHd5X4TAQ4YX52Q MVcxHEg7rNiL6ZuwktOZ+CGkHN4Q7liD+fN7tWr/jFUTe7TjNxSbCP3cmgKhdV+d D0FZhHKIJrli9Rz/MHGqeNyLjzj2L6mfbWWTkF8Ee36RSkjrwz9ySl/0kMSmM3ru uNlRRiw76sTnNm/falSMB6uTRfcX7CLgna9VyIE5prG4LwqAbCZ6E8U3x9TzigAb x0tr7YZdl7pZC53MKAglHtEZiiiDp+HtyCw+gePjo2YS3Pw5VO2y66onGbgIF67g x27TJ/Re4f8faiqPR2jmLJcByoel4paZC335AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUbU3XQkja/ix2S7C9tW4ZU5vCJiYwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvYlUzWFFramFfaXgy UzdDOXRXNFpVNXZDSmlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv+jANBgkqhkiG9w0BAQsFAAOCAQEAeoVLBvgn5vBm8mOGk1uen1MKt11c PpA/9vmhZmj96wxHjb5zBsv966dvtIFNTWvsGE6fZPTs2DCSM5fGDRKO6NptXZhH B6CAhNrhUZtVadSuTKSFnRVAsgv2bPSxL2Vn9dt1F/PFtSimETef0UeCqisSIvmA 0g9cB6dYhyyE6h6LlG5B8GuOxYZ2hZJOdHbNKq3c7bCw0aICRb8ujoQCWM0KXyzd faK5fxG7d0FYDiaEwEv92hCH1pnABoe8Uw9XuSbH9HuS502Z4yDrI2JgYPeUwRpW nMgokOFubcMqvO/n0+UDgpMLDgDTXdArb3jE8lW2aXinwIA2ZQsBskpGMg== -----END CERTIFICATE-----Generated at Fri Apr 18 03:01:55 2025 by rpki-client