$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/oe0Wv3Zm8bomRiAKQZFqIpVinj0.roa File: oe0Wv3Zm8bomRiAKQZFqIpVinj0.roa (raw, json) Hash identifier: ta/Vf7MQnAStp52nPmr0tG1iVEO6yNLCBynlPIMC86w= Subject key identifier: A1:ED:16:BF:76:66:F1:BA:26:46:20:0A:41:91:6A:22:95:62:9E:3D Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 11D2 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/oe0Wv3Zm8bomRiAKQZFqIpVinj0.roa Signing time: Fri 14 Mar 2025 09:32:40 +0000 ROA not before: Fri 14 Mar 2025 09:32:40 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.47.240.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4562 (0x11d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Mar 14 09:32:40 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A1ED16BF7666F1BA2646200A41916A2295629E3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f4:44:c4:3f:0d:34:03:78:28:3b:aa:79:09: 41:8f:83:87:6d:c3:fc:50:54:37:73:f3:3b:a0:90: d1:89:6c:a4:3a:e8:b7:6c:bb:a5:15:ca:78:03:75: 05:35:5b:ba:df:c5:0f:32:e9:00:dc:69:4f:ec:35: 34:3b:1b:d3:8c:1e:2a:e5:0a:38:9a:e8:cc:39:a8: 31:fa:7d:fd:04:01:3e:6e:35:d9:a6:62:32:bf:81: 79:56:b5:68:65:c9:34:d6:99:0d:74:56:71:01:81: 37:c8:70:4f:b9:01:21:3c:4b:cc:ea:cc:f6:1e:8c: 29:b0:f3:9c:0a:61:3a:d1:96:54:f1:a9:95:e1:40: 5b:90:50:2c:b9:22:28:e2:76:70:8b:39:d4:83:a4: 93:02:2c:39:f3:a7:47:67:02:fd:31:33:e2:7e:33: 07:10:39:d6:73:ce:a6:aa:c8:1d:b8:1a:45:b2:92: cf:96:1d:a5:b3:22:92:1b:7c:e9:5c:03:21:e0:b1: 70:52:26:7c:c1:b0:38:86:44:88:d7:1a:4d:84:d1: 0c:d3:87:6a:51:75:1c:8a:fa:e2:4d:07:4c:a3:cb: 6f:ad:d1:ce:d4:f0:17:d4:2e:38:d5:30:76:1c:a2: 15:c4:99:ff:de:64:99:ea:c2:3b:00:56:4e:65:91: 97:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:ED:16:BF:76:66:F1:BA:26:46:20:0A:41:91:6A:22:95:62:9E:3D X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/oe0Wv3Zm8bomRiAKQZFqIpVinj0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.240.0/23 Signature Algorithm: sha256WithRSAEncryption 5f:26:a6:55:b3:d4:db:89:39:63:37:f0:1c:17:18:7b:43:fd: 49:dc:fb:35:8e:c2:3a:6b:a1:05:bf:8a:d8:c0:f1:2e:1b:ef: 5d:0b:0f:77:05:9d:bc:02:d2:78:fc:29:97:92:56:a7:ca:40: aa:f4:44:27:39:93:8f:55:10:4c:d3:1f:64:d0:a8:f6:c5:96: de:15:de:8a:99:50:05:b4:34:67:16:9e:3e:f7:67:d0:1f:8a: 00:86:5e:34:49:9f:31:5c:d2:6d:3f:f5:c0:ed:30:b9:d9:ca: ad:86:6a:8d:a1:bb:e8:8b:bb:a7:28:75:65:98:bc:67:08:7c: 67:86:9e:66:f6:a9:fb:73:e6:20:8f:81:a3:bd:cc:50:a8:97: 71:9d:e6:ca:90:50:de:b5:44:c1:85:2f:52:0a:96:85:3d:82: a7:66:78:9b:44:48:6e:a6:49:80:86:fc:8d:e4:a2:f0:1f:c1: 2b:71:39:1c:fb:75:75:a8:61:51:df:2d:c2:76:ee:bc:58:e3: 54:66:3d:d8:b3:19:90:a2:30:35:75:cf:69:39:90:11:65:29: fc:ea:3a:40:26:bd:35:46:0e:06:13:2b:80:f8:34:c5:b0:68: 37:9c:d8:68:56:16:99:03:c8:2b:81:c6:a9:cf:d7:03:c5:bf: be:51:64:88 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw OTMyNDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEExRUQxNkJGNzY2NkYx QkEyNjQ2MjAwQTQxOTE2QTIyOTU2MjlFM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCv9ETEPw00A3goO6p5CUGPg4dtw/xQVDdz8zugkNGJbKQ66Lds u6UVyngDdQU1W7rfxQ8y6QDcaU/sNTQ7G9OMHirlCjia6Mw5qDH6ff0EAT5uNdmm YjK/gXlWtWhlyTTWmQ10VnEBgTfIcE+5ASE8S8zqzPYejCmw85wKYTrRllTxqZXh QFuQUCy5IijidnCLOdSDpJMCLDnzp0dnAv0xM+J+MwcQOdZzzqaqyB24GkWyks+W HaWzIpIbfOlcAyHgsXBSJnzBsDiGRIjXGk2E0QzTh2pRdRyK+uJNB0yjy2+t0c7U 8BfULjjVMHYcohXEmf/eZJnqwjsAVk5lkZcRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUoe0Wv3Zm8bomRiAKQZFqIpVinj0wHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvb2UwV3YzWm04Ym9t UmlBS1FaRnFJcFZpbmowLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv8DANBgkqhkiG9w0BAQsFAAOCAQEAXyamVbPU24k5YzfwHBcYe0P9Sdz7 NY7COmuhBb+K2MDxLhvvXQsPdwWdvALSePwpl5JWp8pAqvREJzmTj1UQTNMfZNCo 9sWW3hXeiplQBbQ0ZxaePvdn0B+KAIZeNEmfMVzSbT/1wO0wudnKrYZqjaG76Iu7 pyh1ZZi8Zwh8Z4aeZvap+3PmII+Bo73MUKiXcZ3mypBQ3rVEwYUvUgqWhT2Cp2Z4 m0RIbqZJgIb8jeSi8B/BK3E5HPt1dahhUd8twnbuvFjjVGY92LMZkKIwNXXPaTmQ EWUp/Oo6QCa9NUYOBhMrgPg0xbBoN5zYaFYWmQPIK4HGqc/XA8W/vlFkiA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:17 2025 by rpki-client