$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/erCKhCXDz8lZdkHJ7OHKh--pebU.roa File: erCKhCXDz8lZdkHJ7OHKh--pebU.roa (raw, json) Hash identifier: 9y16vEWC2WvrGYAYKvxWNfVTnpJWXHxZF6s7ZVs9abQ= Subject key identifier: 7A:B0:8A:84:25:C3:CF:C9:59:76:41:C9:EC:E1:CA:87:EF:A9:79:B5 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 11D4 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/erCKhCXDz8lZdkHJ7OHKh--pebU.roa Signing time: Fri 14 Mar 2025 09:32:40 +0000 ROA not before: Fri 14 Mar 2025 09:32:40 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.47.244.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4564 (0x11d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Mar 14 09:32:40 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=7AB08A8425C3CFC9597641C9ECE1CA87EFA979B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:3b:79:49:c2:65:2d:46:44:db:c2:9e:a8:d5: 36:c7:aa:b5:74:b8:58:82:35:58:67:a8:d8:c4:e3: 74:31:2f:4d:c1:78:b8:6b:2a:a0:ad:67:5e:ab:54: 17:45:b1:05:b6:5a:c6:60:73:22:2f:8b:53:1d:3b: 5b:ad:a1:23:21:f4:07:01:89:ba:41:4c:3e:51:b6: 51:75:4a:8d:f1:66:e2:e0:29:95:e1:01:04:fe:91: e7:40:13:3e:20:c8:53:10:dc:94:18:af:61:bc:bc: 81:62:a4:7d:85:46:8b:e9:6e:ad:7d:1a:49:8a:96: 86:1e:06:61:02:89:2a:48:32:16:13:ab:a7:e4:ae: 7c:50:e6:7b:4c:be:51:9f:52:a4:6f:d4:d6:ff:e0: a1:e7:92:31:aa:c9:86:bf:78:05:8f:4d:2b:44:7c: b3:c1:37:f2:fe:12:1c:48:94:2d:b3:43:4e:1f:53: a8:11:54:4d:42:f7:cd:db:dc:6b:a7:b0:f1:e2:4e: e5:43:94:82:72:ba:e5:14:68:89:47:ef:59:1a:27: a4:54:f2:d6:9e:f4:b3:5a:fa:72:78:d6:63:a4:a7: 9a:ea:09:43:46:01:7c:7c:34:95:1f:91:40:dc:87: 6e:fc:71:35:99:d8:a3:2b:08:58:1a:36:69:47:3f: 55:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:B0:8A:84:25:C3:CF:C9:59:76:41:C9:EC:E1:CA:87:EF:A9:79:B5 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/erCKhCXDz8lZdkHJ7OHKh--pebU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.244.0/23 Signature Algorithm: sha256WithRSAEncryption 77:02:06:cc:c0:9b:c1:6d:af:22:5a:42:49:0e:e0:de:9d:5b: 42:7d:78:ca:d9:4f:d8:15:b3:44:7c:14:a2:5e:48:87:14:e4: 91:a9:f3:a3:d5:2a:e5:d1:a6:67:79:78:88:99:0a:da:0c:85: 3b:14:6e:40:c2:44:3e:ff:15:38:37:e3:85:b2:d4:f7:16:03: a4:13:a8:da:43:5f:ca:f3:5f:ae:41:ba:e4:dc:fb:60:c7:bb: f2:c6:9b:cd:fe:db:a1:d3:3e:b0:f1:29:c9:c4:ee:98:16:e7: 73:c1:a6:88:a8:c6:4e:0c:ed:c0:51:68:91:97:8b:54:8b:39: 65:81:95:74:11:fc:9a:e2:1b:e1:17:ae:a4:86:72:f7:7e:e9: aa:8f:50:b7:2d:1b:95:87:c5:03:a6:5a:f3:19:6d:18:f1:86: b9:6c:79:41:60:db:77:cb:5b:e5:f7:90:89:cf:da:5c:16:08: a6:5e:cd:06:68:03:d1:09:86:dc:b4:83:65:fb:6a:27:b5:f2: de:0f:b8:21:5e:fd:80:a8:7a:4f:73:8c:e9:66:c9:5b:3b:36: 21:93:e4:30:15:11:80:9e:41:54:47:c6:80:5a:e3:67:c7:b7: e0:15:e2:34:78:44:47:ea:6f:a0:cc:ef:b1:d6:5e:de:e0:92: bc:ec:62:60 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEdQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw OTMyNDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdBQjA4QTg0MjVDM0NG Qzk1OTc2NDFDOUVDRTFDQTg3RUZBOTc5QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEO3lJwmUtRkTbwp6o1TbHqrV0uFiCNVhnqNjE43QxL03BeLhr KqCtZ16rVBdFsQW2WsZgcyIvi1MdO1utoSMh9AcBibpBTD5RtlF1So3xZuLgKZXh AQT+kedAEz4gyFMQ3JQYr2G8vIFipH2FRovpbq19GkmKloYeBmECiSpIMhYTq6fk rnxQ5ntMvlGfUqRv1Nb/4KHnkjGqyYa/eAWPTStEfLPBN/L+EhxIlC2zQ04fU6gR VE1C983b3GunsPHiTuVDlIJyuuUUaIlH71kaJ6RU8tae9LNa+nJ41mOkp5rqCUNG AXx8NJUfkUDch278cTWZ2KMrCFgaNmlHP1U9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUerCKhCXDz8lZdkHJ7OHKh++pebUwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvZXJDS2hDWER6OGxa ZGtISjdPSEtoLS1wZWJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv9DANBgkqhkiG9w0BAQsFAAOCAQEAdwIGzMCbwW2vIlpCSQ7g3p1bQn14 ytlP2BWzRHwUol5IhxTkkanzo9Uq5dGmZ3l4iJkK2gyFOxRuQMJEPv8VODfjhbLU 9xYDpBOo2kNfyvNfrkG65Nz7YMe78sabzf7bodM+sPEpycTumBbnc8GmiKjGTgzt wFFokZeLVIs5ZYGVdBH8muIb4ReupIZy937pqo9Qty0blYfFA6Za8xltGPGGuWx5 QWDbd8tb5feQic/aXBYIpl7NBmgD0QmG3LSDZftqJ7Xy3g+4IV79gKh6T3OM6WbJ Wzs2IZPkMBURgJ5BVEfGgFrjZ8e34BXiNHhER+pvoMzvsdZe3uCSvOxiYA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:59 2025 by rpki-client