$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/ly3SbBCsiZBxgsbR_8SosIexsQo.roa File: ly3SbBCsiZBxgsbR_8SosIexsQo.roa (raw, json) Hash identifier: G7d5Cgw6efWJw7c8F9A4SZ29GyVvhmhd2jPL9FJsW28= Subject key identifier: 97:2D:D2:6C:10:AC:89:90:71:82:C6:D1:FF:C4:A8:B0:87:B1:B1:0A Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 11E4 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ly3SbBCsiZBxgsbR_8SosIexsQo.roa Signing time: Fri 14 Mar 2025 09:37:09 +0000 ROA not before: Fri 14 Mar 2025 09:37:09 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.46.64.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 06:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4580 (0x11e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Mar 14 09:37:09 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=972DD26C10AC89907182C6D1FFC4A8B087B1B10A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:65:6e:72:23:32:da:9c:79:d5:44:f1:fc:38: 4b:01:64:de:65:0f:1d:60:ff:0a:a2:8e:25:83:89: 43:77:23:c3:91:fb:54:b9:52:8d:36:92:c7:d8:7f: 58:13:ad:26:d4:3b:4a:92:bc:d6:a8:51:e5:92:82: 71:46:a6:33:a0:c6:d8:d9:25:ee:e3:51:60:0b:0e: 5a:7b:7d:c9:43:cb:cf:d9:18:d8:41:05:cf:34:2a: 96:8b:73:94:b6:f3:ef:83:1f:02:ff:4e:7b:fc:db: ec:5c:64:6e:8b:06:dd:fa:c5:94:2a:0e:36:4a:11: 13:4b:d2:27:36:cf:36:50:cf:bd:c0:25:3f:2e:86: 9b:59:61:de:2d:b2:12:ab:fc:d2:15:df:75:cf:4c: 5e:20:f0:f3:b8:3c:05:88:2b:9b:bb:96:72:cf:75: 20:ba:a9:6a:86:a4:7f:ee:f1:1e:be:68:65:34:70: 75:71:a8:41:41:22:66:97:f2:ec:1a:98:d6:98:88: fd:f4:45:cf:38:77:af:38:e3:e6:e9:17:78:17:76: 3e:41:f8:2e:88:3f:28:5a:a6:38:7b:c6:98:85:e3: e1:de:69:19:3a:52:49:b7:67:a8:26:6c:30:a3:d4: 97:bc:50:7e:48:bd:8d:ec:97:9d:3b:d0:8f:b1:97: b0:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:2D:D2:6C:10:AC:89:90:71:82:C6:D1:FF:C4:A8:B0:87:B1:B1:0A X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/ly3SbBCsiZBxgsbR_8SosIexsQo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.64.0/23 Signature Algorithm: sha256WithRSAEncryption 85:d3:3e:9f:f6:cf:00:9c:7d:06:e0:6e:57:43:75:df:72:ec: 3b:5b:4b:06:1f:ef:3a:fe:ba:49:57:1d:dc:2a:58:dd:5e:5f: 59:61:73:d3:ef:3f:ba:81:62:f3:a2:c4:97:8e:52:fd:9f:ac: 7a:23:49:da:67:3c:8f:da:49:e1:cd:7d:52:7c:4d:76:8e:2f: c9:20:7f:25:41:bf:5d:33:2b:8e:d1:0d:08:4d:1f:cb:41:6f: 90:0f:49:e5:88:d1:af:27:1c:99:c5:dd:7c:1d:71:35:b0:50: da:25:10:d7:af:f1:27:02:1b:52:91:75:02:ca:fb:b8:a4:24: 36:85:79:ce:d1:7e:48:a8:2a:5b:b8:db:b8:02:f1:08:0b:d0: cd:b6:d6:0e:ad:98:73:5d:aa:ae:c3:b2:54:63:12:0c:4f:c5: 6c:ef:28:df:b7:93:cd:a4:2a:b7:65:3a:cd:f7:e5:56:59:37: ac:25:66:81:ed:cc:cd:f2:5f:d4:7e:39:fa:f5:cb:65:0b:fa: 0e:5a:19:90:d3:ea:f8:40:b6:91:7e:9b:29:81:50:a5:6e:df: fb:65:7d:78:fa:73:c6:6c:36:c9:91:da:04:1e:ef:53:e9:6b: 13:c1:96:60:af:3d:eb:31:7a:52:a1:bd:a1:99:25:2a:3f:f4: 0b:1a:14:4c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEeQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw OTM3MDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk3MkREMjZDMTBBQzg5 OTA3MTgyQzZEMUZGQzRBOEIwODdCMUIxMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUZW5yIzLanHnVRPH8OEsBZN5lDx1g/wqijiWDiUN3I8OR+1S5 Uo02ksfYf1gTrSbUO0qSvNaoUeWSgnFGpjOgxtjZJe7jUWALDlp7fclDy8/ZGNhB Bc80KpaLc5S28++DHwL/Tnv82+xcZG6LBt36xZQqDjZKERNL0ic2zzZQz73AJT8u hptZYd4tshKr/NIV33XPTF4g8PO4PAWIK5u7lnLPdSC6qWqGpH/u8R6+aGU0cHVx qEFBImaX8uwamNaYiP30Rc84d6844+bpF3gXdj5B+C6IPyhapjh7xpiF4+HeaRk6 Ukm3Z6gmbDCj1Je8UH5IvY3sl5070I+xl7D3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUly3SbBCsiZBxgsbR/8SosIexsQowHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbHkzU2JCQ3NpWkJ4 Z3NiUl84U29zSWV4c1FvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEuQDANBgkqhkiG9w0BAQsFAAOCAQEAhdM+n/bPAJx9BuBuV0N133LsO1tL Bh/vOv66SVcd3CpY3V5fWWFz0+8/uoFi86LEl45S/Z+seiNJ2mc8j9pJ4c19UnxN do4vySB/JUG/XTMrjtENCE0fy0FvkA9J5YjRryccmcXdfB1xNbBQ2iUQ16/xJwIb UpF1Asr7uKQkNoV5ztF+SKgqW7jbuALxCAvQzbbWDq2Yc12qrsOyVGMSDE/FbO8o 37eTzaQqt2U6zfflVlk3rCVmge3MzfJf1H45+vXLZQv6DloZkNPq+EC2kX6bKYFQ pW7f+2V9ePpzxmw2yZHaBB7vU+lrE8GWYK896zF6UqG9oZklKj/0CxoUTA== -----END CERTIFICATE-----Generated at Mon Apr 14 04:24:50 2025 by rpki-client