$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/nLcB-ljbJuf0uatjRm0MGGagU9Y.roa File: nLcB-ljbJuf0uatjRm0MGGagU9Y.roa (raw, json) Hash identifier: NCJkbKnERQeZSH3qCowt0zj4oMRI3flRuTIgAmL+z/o= Subject key identifier: 9C:B7:01:FA:58:DB:26:E7:F4:B9:AB:63:46:6D:0C:18:66:A0:53:D6 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 11DF Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/nLcB-ljbJuf0uatjRm0MGGagU9Y.roa Signing time: Fri 14 Mar 2025 09:37:08 +0000 ROA not before: Fri 14 Mar 2025 09:37:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.46.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4575 (0x11df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Mar 14 09:37:08 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9CB701FA58DB26E7F4B9AB63466D0C1866A053D6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:11:47:dc:92:1b:24:c8:03:79:46:f2:f1:8c: eb:45:cb:a5:53:0f:db:08:75:77:0d:42:c0:b6:b5: 33:0e:b4:76:91:4f:0b:34:17:f9:cd:04:6a:9f:21: 7f:ca:35:5f:7d:0b:d9:f2:76:72:6f:22:de:37:5b: c8:8a:28:a1:07:89:3d:8d:67:9c:57:40:44:8d:ab: 1a:af:af:fd:79:69:bf:76:04:73:e6:01:f6:28:59: cc:a4:85:44:cc:ca:5f:28:0b:56:64:7e:84:4f:7e: 42:f4:49:d8:2f:48:32:b6:3c:4a:2c:c1:8b:73:2d: 24:14:04:9d:2a:19:33:14:a3:19:c2:48:47:18:8a: fb:67:e9:41:a5:c3:06:09:74:7b:07:78:23:d1:7e: bc:1d:d5:e9:a3:ff:3c:6d:7b:d9:bd:8f:3a:16:31: 2d:6c:af:38:8e:30:87:94:30:d9:67:aa:d0:44:2e: 16:18:60:e4:2a:a5:40:d6:d2:80:f9:7e:38:17:f7: b6:80:6e:19:80:b4:0d:f6:8e:39:86:08:df:95:eb: 6e:8a:35:87:27:0c:15:7b:44:7b:37:2e:43:b6:53: ae:44:e1:da:23:ef:5f:05:4e:42:c6:96:b1:a9:fd: 41:b3:16:57:90:be:44:4d:3c:33:66:86:89:fb:0b: 4f:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:B7:01:FA:58:DB:26:E7:F4:B9:AB:63:46:6D:0C:18:66:A0:53:D6 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/nLcB-ljbJuf0uatjRm0MGGagU9Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.46.0.0/19 Signature Algorithm: sha256WithRSAEncryption 49:f9:f3:f3:f6:90:df:7b:99:6a:aa:e4:ba:97:46:83:82:07: 50:1d:d0:60:d1:66:73:ff:92:0f:82:1c:fd:47:d5:f7:2b:b9: 21:39:e2:91:db:86:c5:cf:64:43:18:bc:81:b1:52:08:b5:be: da:3a:a3:b9:b8:3f:00:b0:4f:2c:ea:f8:70:c8:86:a1:55:2e: 17:9f:c7:b6:89:99:c3:46:c0:d9:28:fb:5f:cb:0e:f3:0d:78: 7c:23:e0:63:82:ce:2e:f0:57:e5:6e:c7:26:13:79:11:64:dc: 37:3b:49:7f:d3:34:f5:7c:96:6c:47:23:75:87:f2:f5:e6:94: eb:43:97:d7:81:29:8c:e0:30:82:42:af:0f:77:a7:b3:7c:2f: e5:32:24:bf:77:21:7a:31:f6:bd:a6:7c:23:52:41:65:c2:c3: 33:26:02:e2:90:9d:84:48:fc:b7:54:fe:b3:32:3f:42:51:e1: ec:36:bf:52:84:0e:db:27:dc:9a:61:c7:4d:24:3c:9d:6d:3a: 95:d5:db:2f:b0:be:76:ef:66:ba:a2:db:43:4b:57:61:d0:10: 65:46:8c:d6:07:b0:52:26:b9:7f:f3:30:34:da:3d:c8:e5:6b: 60:cf:b2:83:bd:a5:7d:8b:76:e0:c5:a1:4b:e2:3f:c8:e3:e8: fd:30:e1:5b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEd8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw OTM3MDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlDQjcwMUZBNThEQjI2 RTdGNEI5QUI2MzQ2NkQwQzE4NjZBMDUzRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxEUfckhskyAN5RvLxjOtFy6VTD9sIdXcNQsC2tTMOtHaRTws0 F/nNBGqfIX/KNV99C9nydnJvIt43W8iKKKEHiT2NZ5xXQESNqxqvr/15ab92BHPm AfYoWcykhUTMyl8oC1ZkfoRPfkL0SdgvSDK2PEoswYtzLSQUBJ0qGTMUoxnCSEcY ivtn6UGlwwYJdHsHeCPRfrwd1emj/zxte9m9jzoWMS1srziOMIeUMNlnqtBELhYY YOQqpUDW0oD5fjgX97aAbhmAtA32jjmGCN+V626KNYcnDBV7RHs3LkO2U65E4doj 718FTkLGlrGp/UGzFleQvkRNPDNmhon7C093AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUnLcB+ljbJuf0uatjRm0MGGagU9YwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvbkxjQi1samJKdWYw dWF0alJtME1HR2FnVTlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXEuADANBgkqhkiG9w0BAQsFAAOCAQEASfnz8/aQ33uZaqrkupdGg4IHUB3Q YNFmc/+SD4Ic/UfV9yu5ITnikduGxc9kQxi8gbFSCLW+2jqjubg/ALBPLOr4cMiG oVUuF5/HtomZw0bA2Sj7X8sO8w14fCPgY4LOLvBX5W7HJhN5EWTcNztJf9M09XyW bEcjdYfy9eaU60OX14EpjOAwgkKvD3ens3wv5TIkv3chejH2vaZ8I1JBZcLDMyYC 4pCdhEj8t1T+szI/QlHh7Da/UoQO2yfcmmHHTSQ8nW06ldXbL7C+du9muqLbQ0tX YdAQZUaM1gewUia5f/MwNNo9yOVrYM+yg72lfYt24MWhS+I/yOPo/TDhWw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:59 2025 by rpki-client