$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/sEP9Tz5oquSLe11GcHVwCUXQwws.roa File: sEP9Tz5oquSLe11GcHVwCUXQwws.roa (raw, json) Hash identifier: bVbXEKvVZ2cgjUo1dpziWijJR/o9dZuE/nAinvQ8Dw0= Subject key identifier: B0:43:FD:4F:3E:68:AA:E4:8B:7B:5D:46:70:75:70:09:45:D0:C3:0B Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1033 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/sEP9Tz5oquSLe11GcHVwCUXQwws.roa Signing time: Wed 25 Dec 2024 03:25:05 +0000 ROA not before: Wed 25 Dec 2024 03:25:05 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 115.175.96.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4147 (0x1033) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Dec 25 03:25:05 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B043FD4F3E68AAE48B7B5D467075700945D0C30B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:09:7e:af:8c:47:59:7c:e0:cd:24:c9:44:e4: 61:4d:e9:40:ce:d3:fd:27:ab:99:4d:08:e9:5e:5f: ba:22:77:51:12:2c:1f:af:48:5c:27:25:2f:b2:69: 5a:d8:b8:9a:eb:27:68:0d:59:ee:62:81:35:4e:2c: cb:fa:b0:75:58:13:22:62:f0:2c:c7:f0:97:33:d8: de:f6:b8:da:e1:94:f6:7a:1c:df:12:de:50:bf:44: 76:4f:10:bb:dd:2c:9f:0e:eb:4e:fa:37:25:9a:82: 8e:c3:0a:c8:89:ef:93:5c:70:a0:c4:ed:74:5b:ba: 38:cd:1b:dc:00:70:5d:84:50:ba:97:ee:2a:b8:5e: 42:a7:13:20:49:9e:63:2f:e2:6d:b9:71:39:6d:ca: c3:65:7a:23:55:79:4a:2e:86:91:d1:7b:1d:b3:61: 5c:5b:35:6e:56:27:60:a4:5a:ef:2f:30:7d:d5:55: fe:8f:68:5e:68:c8:5a:6c:70:1d:cd:17:79:27:75: c6:c8:e4:8b:63:0e:bb:f8:80:e5:48:8d:1a:53:9b: 37:e1:f4:e6:dc:87:66:6e:e3:5c:b5:89:97:db:36: d9:73:9e:83:ee:62:28:dc:2c:41:63:46:39:27:f9: 53:0d:47:58:fa:f1:67:19:71:10:06:61:f5:16:0c: 63:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:43:FD:4F:3E:68:AA:E4:8B:7B:5D:46:70:75:70:09:45:D0:C3:0B X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/sEP9Tz5oquSLe11GcHVwCUXQwws.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.175.96.0/19 Signature Algorithm: sha256WithRSAEncryption 57:da:d9:e3:1c:0a:b9:8c:fc:b8:3c:f4:71:1c:18:b8:42:f4: 04:a1:1b:ed:5e:5c:99:fb:52:72:ab:2d:f0:3b:45:c3:ea:d6: 4b:7a:14:b3:19:07:74:3f:3a:df:56:1b:4e:6d:0d:78:de:c6: 0a:4a:b8:3c:74:7f:03:f2:f6:f3:0c:f3:aa:8e:24:cc:27:47: 24:3b:60:9b:12:e6:32:c1:a8:dc:20:b1:0a:93:42:5b:a6:1d: 2f:b4:c4:c3:12:d2:01:fa:f1:5c:48:76:7c:17:87:96:66:2f: 04:bf:2b:05:22:87:21:ef:69:7e:04:c1:ea:ea:22:84:72:eb: 33:34:26:46:10:d8:52:3e:0e:9e:c4:86:ee:d3:3d:c9:1f:56: d3:d7:51:6b:16:fb:0f:d2:a1:a0:85:50:01:21:a2:45:30:e0: 45:f1:bf:4f:07:66:52:77:dc:f0:d9:99:64:45:e7:3b:f3:45: 07:c4:66:a0:f5:1f:64:3c:52:73:1a:30:5e:7c:c7:1e:8c:3f: 2d:f7:f2:39:e9:62:cd:65:d0:d2:7a:e2:e6:43:9a:74:3f:90: f4:04:7b:69:52:09:3e:0b:7a:b9:0e:a9:bb:6d:34:9c:51:d8: a1:e1:6a:5a:ac:b3:68:4f:14:65:49:0a:35:14:10:18:fc:65: 5b:96:ed:6a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEDMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNDEyMjUw MzI1MDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIwNDNGRDRGM0U2OEFB RTQ4QjdCNUQ0NjcwNzU3MDA5NDVEMEMzMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8CX6vjEdZfODNJMlE5GFN6UDO0/0nq5lNCOleX7oid1ESLB+v SFwnJS+yaVrYuJrrJ2gNWe5igTVOLMv6sHVYEyJi8CzH8Jcz2N72uNrhlPZ6HN8S 3lC/RHZPELvdLJ8O6076NyWago7DCsiJ75NccKDE7XRbujjNG9wAcF2EULqX7iq4 XkKnEyBJnmMv4m25cTltysNleiNVeUouhpHRex2zYVxbNW5WJ2CkWu8vMH3VVf6P aF5oyFpscB3NF3kndcbI5ItjDrv4gOVIjRpTmzfh9Obch2Zu41y1iZfbNtlznoPu YijcLEFjRjkn+VMNR1j68WcZcRAGYfUWDGM3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUsEP9Tz5oquSLe11GcHVwCUXQwwswHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvc0VQOVR6NW9xdVNM ZTExR2NIVndDVVhRd3dzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXOvYDANBgkqhkiG9w0BAQsFAAOCAQEAV9rZ4xwKuYz8uDz0cRwYuEL0BKEb 7V5cmftScqst8DtFw+rWS3oUsxkHdD8631YbTm0NeN7GCkq4PHR/A/L28wzzqo4k zCdHJDtgmxLmMsGo3CCxCpNCW6YdL7TEwxLSAfrxXEh2fBeHlmYvBL8rBSKHIe9p fgTB6uoihHLrMzQmRhDYUj4OnsSG7tM9yR9W09dRaxb7D9KhoIVQASGiRTDgRfG/ TwdmUnfc8NmZZEXnO/NFB8RmoPUfZDxScxowXnzHHow/LffyOelizWXQ0nri5kOa dD+Q9AR7aVIJPgt6uQ6pu200nFHYoeFqWqyzaE8UZUkKNRQQGPxlW5btag== -----END CERTIFICATE-----Generated at Fri Apr 4 18:44:40 2025 by rpki-client