$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/oj9gc_bO9Y5Q2ZTVW78zXMcInMg.roa File: oj9gc_bO9Y5Q2ZTVW78zXMcInMg.roa (raw, json) Hash identifier: 2qxhQ71h3TsftfV1UzgiSijfiS/Ywrz/CThbk5CHDms= Subject key identifier: A2:3F:60:73:F6:CE:F5:8E:50:D9:94:D5:5B:BF:33:5C:C7:08:9C:C8 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 11D7 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/oj9gc_bO9Y5Q2ZTVW78zXMcInMg.roa Signing time: Fri 14 Mar 2025 09:32:41 +0000 ROA not before: Fri 14 Mar 2025 09:32:41 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 113.47.232.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4567 (0x11d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Mar 14 09:32:41 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A23F6073F6CEF58E50D994D55BBF335CC7089CC8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:75:d1:8c:f2:91:3f:9a:cc:3d:6d:d1:e8:e3: 36:2c:23:e3:6a:9e:57:e0:5c:d1:d0:7f:48:31:e3: 7d:35:a8:9b:e1:32:0c:18:5b:49:ef:0c:16:f0:1c: 3b:fe:02:9e:4f:19:98:5f:8c:48:5e:b4:1c:d6:08: 86:79:ba:50:eb:b4:c0:11:80:23:82:79:97:36:7c: f0:24:07:4d:af:07:94:c9:6e:33:ee:10:c3:cd:db: a7:c8:68:9c:68:07:f9:ae:6f:fd:19:1c:c6:6c:f6: c5:2c:74:06:1d:52:6f:f1:38:23:2c:c9:a3:23:12: 3e:58:30:06:29:ac:d7:f0:48:49:ca:47:b3:35:ba: 0d:8f:4d:49:fd:d2:6e:21:ec:d8:58:58:df:06:b4: 12:ee:00:95:17:42:02:d4:bb:b3:3f:53:e4:33:21: ac:94:88:23:0a:25:b1:ee:45:c7:4b:48:64:00:cd: 9d:73:8a:31:53:3f:f8:65:41:e0:5f:37:bc:ca:47: 1d:4e:a8:f3:8c:e7:ee:64:e3:3a:58:1b:a6:ef:68: 9a:25:19:38:e9:7c:8a:88:8b:0c:a4:aa:20:6b:70: 61:aa:27:40:86:a5:8f:dd:8a:4a:2b:e0:3e:bb:0f: 15:70:47:5e:5c:77:b6:37:5b:8c:fc:fd:2c:de:d4: fe:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:3F:60:73:F6:CE:F5:8E:50:D9:94:D5:5B:BF:33:5C:C7:08:9C:C8 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/oj9gc_bO9Y5Q2ZTVW78zXMcInMg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.47.232.0/23 Signature Algorithm: sha256WithRSAEncryption 80:89:f1:54:50:e1:c2:ac:19:2b:b8:de:20:8b:dc:82:c5:fa: 0a:09:c5:44:d0:a5:55:1c:33:88:70:eb:e3:30:8e:47:d7:6a: b3:52:6c:ce:8e:63:1a:19:bc:97:b8:e1:0a:39:59:1b:10:18: 65:91:c2:44:ae:f4:48:99:97:7d:ad:38:29:13:c5:0f:56:c6: 65:8a:9e:82:e0:71:d3:06:69:80:e0:36:bb:30:a5:90:ab:67: 7d:e9:8e:e7:68:11:4b:f8:48:d6:27:86:65:1a:60:d9:c3:14: 00:98:d8:29:78:7b:bb:a2:0d:3c:f4:2e:cd:d1:9a:06:1a:30: 48:a8:35:a5:af:60:77:72:83:fa:8a:a1:c2:35:48:2f:48:86: 58:47:f4:64:ad:bc:92:15:89:c1:52:19:3c:b9:0c:f6:01:a0: 89:8f:20:de:85:22:e2:fc:c8:e5:b4:7d:2d:86:e3:15:c9:dd: 9b:66:21:62:4c:22:5d:c2:39:04:59:31:21:1d:a6:60:8a:51: 27:8b:37:bb:bb:07:72:bd:b8:fa:94:69:01:9c:f7:99:44:8c: 66:9b:61:3f:ae:16:7d:f7:44:43:b9:68:75:3a:06:db:e3:ce: 3e:9f:b8:b2:45:23:fd:fd:a8:bc:e0:b4:95:88:02:ca:4f:fb: a1:d9:ec:44 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEdcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAzMTQw OTMyNDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEEyM0Y2MDczRjZDRUY1 OEU1MEQ5OTRENTVCQkYzMzVDQzcwODlDQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2ddGM8pE/msw9bdHo4zYsI+NqnlfgXNHQf0gx4301qJvhMgwY W0nvDBbwHDv+Ap5PGZhfjEhetBzWCIZ5ulDrtMARgCOCeZc2fPAkB02vB5TJbjPu EMPN26fIaJxoB/mub/0ZHMZs9sUsdAYdUm/xOCMsyaMjEj5YMAYprNfwSEnKR7M1 ug2PTUn90m4h7NhYWN8GtBLuAJUXQgLUu7M/U+QzIayUiCMKJbHuRcdLSGQAzZ1z ijFTP/hlQeBfN7zKRx1OqPOM5+5k4zpYG6bvaJolGTjpfIqIiwykqiBrcGGqJ0CG pY/dikor4D67DxVwR15cd7Y3W4z8/Sze1P6vAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUoj9gc/bO9Y5Q2ZTVW78zXMcInMgwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvb2o5Z2NfYk85WTVR MlpUVlc3OHpYTWNJbk1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAXEv6DANBgkqhkiG9w0BAQsFAAOCAQEAgInxVFDhwqwZK7jeIIvcgsX6CgnF RNClVRwziHDr4zCOR9dqs1Jszo5jGhm8l7jhCjlZGxAYZZHCRK70SJmXfa04KRPF D1bGZYqeguBx0wZpgOA2uzClkKtnfemO52gRS/hI1ieGZRpg2cMUAJjYKXh7u6IN PPQuzdGaBhowSKg1pa9gd3KD+oqhwjVIL0iGWEf0ZK28khWJwVIZPLkM9gGgiY8g 3oUi4vzI5bR9LYbjFcndm2YhYkwiXcI5BFkxIR2mYIpRJ4s3u7sHcr24+pRpAZz3 mUSMZpthP64WffdEQ7lodToG2+POPp+4skUj/f2ovOC0lYgCyk/7odnsRA== -----END CERTIFICATE-----Generated at Fri Apr 4 18:46:14 2025 by rpki-client