$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/qkzRmSzn7HXILcpMmbCjvAKgamc.roa File: qkzRmSzn7HXILcpMmbCjvAKgamc.roa (raw, json) Hash identifier: 2b5xsFAn3vkQzu1p5zPZaqy410mFGjaRyn7WO0tb8yQ= Subject key identifier: AA:4C:D1:99:2C:E7:EC:75:C8:2D:CA:4C:99:B0:A3:BC:02:A0:6A:67 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 134A Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/qkzRmSzn7HXILcpMmbCjvAKgamc.roa Signing time: Thu 22 May 2025 09:04:46 +0000 ROA not before: Thu 22 May 2025 09:04:46 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 115.175.160.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:10:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4938 (0x134a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: May 22 09:04:46 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=AA4CD1992CE7EC75C82DCA4C99B0A3BC02A06A67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:b6:a4:20:4c:b9:72:60:55:95:77:1d:6b:91: 79:cd:0c:ec:82:25:5d:88:aa:cc:aa:07:b2:e8:ed: f4:f5:f4:3b:47:81:57:f0:a1:ff:24:7b:35:9c:fe: 3d:23:2d:60:36:2d:37:69:35:1d:fa:4f:b2:c7:dc: 8c:61:5e:f6:30:9d:95:36:87:2c:a2:17:7b:b0:ca: f7:ab:bf:d5:98:81:3d:35:35:07:01:67:f7:71:f5: c7:26:28:c6:5f:8a:7e:34:7e:62:02:45:d0:0e:7a: a6:f5:aa:0e:e8:59:14:dc:ea:37:57:39:84:87:ad: ed:ca:b8:00:9c:5f:7e:d8:e0:18:84:fe:a8:19:49: 6b:78:4f:5e:e8:b2:93:47:c0:b5:ee:13:96:7a:09: 4c:b7:f1:32:10:46:41:b3:df:ee:6e:8b:97:24:a6: 92:d9:8c:15:d4:f4:39:fb:7e:14:fa:6e:60:58:5c: eb:99:9a:f5:dd:a2:bc:b7:b0:c8:b8:16:66:27:62: 49:c7:1f:66:da:34:98:62:16:4d:95:6d:18:cc:94: 3a:db:80:eb:30:53:db:b4:9d:b1:3c:ea:52:1d:6e: d2:38:b1:0d:eb:32:2f:2f:16:54:bb:97:ad:10:67: 60:fc:cd:17:45:45:76:32:4d:91:e9:09:88:5b:04: ee:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:4C:D1:99:2C:E7:EC:75:C8:2D:CA:4C:99:B0:A3:BC:02:A0:6A:67 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/qkzRmSzn7HXILcpMmbCjvAKgamc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.175.160.0/19 Signature Algorithm: sha256WithRSAEncryption 09:d4:a8:62:dc:32:24:49:4c:1e:2b:1d:14:ac:16:40:c2:6f: 20:cd:08:82:95:d5:8f:3c:c3:c8:f5:e3:25:6a:7d:7d:e3:d1: 18:62:70:ca:74:85:2d:ee:4f:a4:86:e1:57:8a:83:18:07:00: 92:13:e6:d8:07:79:ca:8a:0a:b0:b9:63:50:e4:41:12:c0:6e: af:c6:4e:cf:05:4c:fd:17:58:e6:1a:39:13:c8:cd:8a:a3:84: 7f:23:51:e4:73:88:2d:85:13:4a:a8:ce:6b:56:e9:85:46:6c: aa:1c:72:ac:f3:14:79:ec:90:8b:b0:db:91:34:7e:45:3f:cf: 73:5c:3a:e2:da:cd:7d:88:75:4b:55:96:5f:12:3a:f2:9f:cd: f2:2a:0c:d5:78:0e:c7:49:24:5e:9c:da:21:f5:25:56:30:d5: 90:3b:b4:0d:ff:62:ab:c9:e6:ee:2f:b0:1f:51:5c:26:56:34: 6d:d0:a3:c1:24:68:32:c0:75:d5:49:0b:c8:19:34:4f:da:83: 40:e6:3d:1b:35:43:99:58:55:df:01:fe:90:5a:52:dc:ac:93: 1a:f3:71:07:3f:c8:90:f7:fe:36:57:b2:7b:32:59:0a:5f:f1: ac:4e:e8:99:5c:d6:97:f3:2b:35:77:2f:87:01:cb:84:3b:6b: 95:5f:30:cc -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw OTA0NDZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEFBNENEMTk5MkNFN0VD NzVDODJEQ0E0Qzk5QjBBM0JDMDJBMDZBNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmtqQgTLlyYFWVdx1rkXnNDOyCJV2IqsyqB7Lo7fT19DtHgVfw of8kezWc/j0jLWA2LTdpNR36T7LH3IxhXvYwnZU2hyyiF3uwyverv9WYgT01NQcB Z/dx9ccmKMZfin40fmICRdAOeqb1qg7oWRTc6jdXOYSHre3KuACcX37Y4BiE/qgZ SWt4T17ospNHwLXuE5Z6CUy38TIQRkGz3+5ui5ckppLZjBXU9Dn7fhT6bmBYXOuZ mvXdory3sMi4FmYnYknHH2baNJhiFk2VbRjMlDrbgOswU9u0nbE86lIdbtI4sQ3r Mi8vFlS7l60QZ2D8zRdFRXYyTZHpCYhbBO6nAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUqkzRmSzn7HXILcpMmbCjvAKgamcwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvcWt6Um1Tem43SFhJ TGNwTW1iQ2p2QUtnYW1jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXOvoDANBgkqhkiG9w0BAQsFAAOCAQEACdSoYtwyJElMHisdFKwWQMJvIM0I gpXVjzzDyPXjJWp9fePRGGJwynSFLe5PpIbhV4qDGAcAkhPm2Ad5yooKsLljUORB EsBur8ZOzwVM/RdY5ho5E8jNiqOEfyNR5HOILYUTSqjOa1bphUZsqhxyrPMUeeyQ i7DbkTR+RT/Pc1w64trNfYh1S1WWXxI68p/N8ioM1XgOx0kkXpzaIfUlVjDVkDu0 Df9iq8nm7i+wH1FcJlY0bdCjwSRoMsB11UkLyBk0T9qDQOY9GzVDmVhV3wH+kFpS 3KyTGvNxBz/IkPf+NleyezJZCl/xrE7omVzWl/MrNXcvhwHLhDtrlV8wzA== -----END CERTIFICATE-----Generated at Wed Jun 4 00:58:25 2025 by rpki-client