$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/xfw5fXUjKspmyek5svOb8y_IDWo.roa File: xfw5fXUjKspmyek5svOb8y_IDWo.roa (raw, json) Hash identifier: EQyYgUc/ToAaYddbhsFXXMOYHVk4WJ7ruvoDjt7tD2M= Subject key identifier: C5:FC:39:7D:75:23:2A:CA:66:C9:E9:39:B2:F3:9B:F3:2F:C8:0D:6A Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 1347 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xfw5fXUjKspmyek5svOb8y_IDWo.roa Signing time: Thu 22 May 2025 09:04:45 +0000 ROA not before: Thu 22 May 2025 09:04:45 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 101.245.64.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:10:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4935 (0x1347) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: May 22 09:04:45 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=C5FC397D75232ACA66C9E939B2F39BF32FC80D6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:28:2b:ff:97:5c:68:20:6f:88:22:b1:98:7e: 78:82:11:88:98:a0:80:ae:af:81:0a:43:53:04:5c: 98:73:7e:b2:79:f7:fe:70:2d:a6:cf:51:b6:bd:10: 20:42:3b:14:8b:bb:47:f7:11:45:b5:af:81:87:01: 0f:2b:36:78:0d:77:df:67:58:fe:07:d1:fe:5f:e2: de:8e:74:24:a2:c0:cc:e5:73:7c:e4:3f:4d:4a:cd: 91:af:da:d9:4c:80:63:e8:98:a7:76:81:0e:5b:f5: 3b:64:60:07:1b:d0:29:ea:3d:ab:36:dc:fe:30:5e: 8d:6a:c4:52:b0:f1:f0:3d:57:d8:05:aa:48:5d:0e: 12:8a:61:35:94:c9:df:d8:dc:a1:e1:9f:61:be:04: d7:04:c6:d2:e8:7c:99:2b:5a:99:c9:78:f6:f1:2c: 61:f6:6e:17:c7:8a:5a:85:89:8e:08:61:05:0c:5d: f0:dc:8e:97:6c:86:53:b0:3e:70:95:08:3a:3a:90: 74:03:be:76:09:4f:4a:7c:a7:90:89:00:b6:f9:5e: ed:fa:6d:f9:b2:d9:66:da:b7:6f:54:1f:d7:24:64: 46:02:67:95:12:17:91:7d:3b:34:bd:be:10:9d:c2: d2:9e:a6:df:89:c3:7c:4e:6e:23:24:4d:c5:97:7d: 61:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:FC:39:7D:75:23:2A:CA:66:C9:E9:39:B2:F3:9B:F3:2F:C8:0D:6A X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/xfw5fXUjKspmyek5svOb8y_IDWo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.245.64.0/19 Signature Algorithm: sha256WithRSAEncryption 39:67:3a:c5:dd:bf:3d:51:2e:cf:b4:df:18:8a:ae:69:fb:8f: ac:6d:03:c5:0c:f7:dc:8e:d2:f2:9a:43:5b:2d:89:1e:f7:35: 93:5e:19:ef:e9:eb:20:95:1c:f9:52:d7:3e:12:d7:77:00:ee: d9:91:8c:da:71:37:f2:3c:75:a9:ca:cb:74:3a:9e:cf:22:d5: 61:56:97:1d:b2:3e:58:a6:5d:02:52:47:6a:96:db:ec:56:6a: 97:90:da:49:a9:2e:f1:38:0d:eb:19:9b:89:19:97:8f:93:e4: bc:ff:49:4c:91:7a:74:f7:fe:1b:48:c3:6a:51:1c:aa:36:4e: 55:72:7d:c6:b5:3f:e4:b2:9f:f7:f6:7e:a2:26:db:6d:af:68: 9b:77:07:92:da:7f:3d:9a:58:2c:ce:40:37:67:6b:60:42:66: c4:1d:89:70:27:75:d1:88:f0:bd:b5:48:52:df:ed:d0:32:c5: 76:62:c4:ef:e4:af:8f:6c:ba:e2:6e:23:52:77:88:aa:b9:56: 64:ab:79:51:52:46:42:d7:e4:e4:8e:77:e7:6b:86:32:b9:03: 20:f2:ec:b9:9e:47:c1:2c:09:00:05:ef:1d:95:cb:27:31:67: 56:df:6e:7c:ac:81:08:4a:e6:41:be:29:41:54:19:c9:46:86: 1a:5a:03:fe -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE0cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA1MjIw OTA0NDVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEM1RkMzOTdENzUyMzJB Q0E2NkM5RTkzOUIyRjM5QkYzMkZDODBENkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAKCv/l1xoIG+IIrGYfniCEYiYoICur4EKQ1MEXJhzfrJ59/5w LabPUba9ECBCOxSLu0f3EUW1r4GHAQ8rNngNd99nWP4H0f5f4t6OdCSiwMzlc3zk P01KzZGv2tlMgGPomKd2gQ5b9TtkYAcb0CnqPas23P4wXo1qxFKw8fA9V9gFqkhd DhKKYTWUyd/Y3KHhn2G+BNcExtLofJkrWpnJePbxLGH2bhfHilqFiY4IYQUMXfDc jpdshlOwPnCVCDo6kHQDvnYJT0p8p5CJALb5Xu36bfmy2Wbat29UH9ckZEYCZ5US F5F9OzS9vhCdwtKept+Jw3xObiMkTcWXfWH/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUxfw5fXUjKspmyek5svOb8y/IDWowHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQveGZ3NWZYVWpLc3Bt eWVrNXN2T2I4eV9JRFdvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBWX1QDANBgkqhkiG9w0BAQsFAAOCAQEAOWc6xd2/PVEuz7TfGIquafuPrG0D xQz33I7S8ppDWy2JHvc1k14Z7+nrIJUc+VLXPhLXdwDu2ZGM2nE38jx1qcrLdDqe zyLVYVaXHbI+WKZdAlJHapbb7FZql5DaSaku8TgN6xmbiRmXj5PkvP9JTJF6dPf+ G0jDalEcqjZOVXJ9xrU/5LKf9/Z+oibbba9om3cHktp/PZpYLM5AN2drYEJmxB2J cCd10YjwvbVIUt/t0DLFdmLE7+Svj2y64m4jUneIqrlWZKt5UVJGQtfk5I5352uG MrkDIPLsuZ5HwSwJAAXvHZXLJzFnVt9ufKyBCErmQb4pQVQZyUaGGloD/g== -----END CERTIFICATE-----Generated at Wed Jun 4 01:12:44 2025 by rpki-client