$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/zwoztKTCGKqbTWWqeBnGC4CqKOE.roa File: zwoztKTCGKqbTWWqeBnGC4CqKOE.roa (raw, json) Hash identifier: 6Yys23fNJHSGKYeyiUbukkw5mF/fNbVXjUrjhSThwiE= Subject key identifier: CF:0A:33:B4:A4:C2:18:AA:9B:4D:65:AA:78:19:C6:0B:80:AA:28:E1 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 10A4 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/zwoztKTCGKqbTWWqeBnGC4CqKOE.roa Signing time: Thu 16 Jan 2025 07:41:59 +0000 ROA not before: Thu 16 Jan 2025 07:41:59 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 55990 IP address blocks: 124.71.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:05:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4260 (0x10a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jan 16 07:41:59 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=CF0A33B4A4C218AA9B4D65AA7819C60B80AA28E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:65:3c:42:72:4b:84:cc:08:39:78:23:70:08: a1:a7:e7:0a:8a:68:17:61:1c:42:2c:81:5f:e8:b0: 65:5d:b7:1d:e7:e2:ec:4f:3f:4e:4a:bd:c7:2b:bc: 10:81:3d:9f:97:e0:81:e1:03:d8:c7:fb:19:6c:08: 16:69:3c:b1:00:29:01:d4:25:73:8b:64:4f:0c:fe: 41:1c:ef:5c:ba:0c:52:4d:f2:49:de:6d:50:fb:70: d1:5d:44:9b:3d:37:0a:88:be:cd:fd:4c:97:77:af: cb:d5:d6:0c:b7:9f:be:bb:74:99:21:39:a3:f3:7f: 31:da:8a:a4:13:7d:bf:76:05:32:27:b6:94:81:f4: f9:24:32:14:47:90:61:02:44:04:9f:3c:74:f6:9e: e7:d7:c4:38:e9:30:78:65:03:49:40:f6:fa:0d:70: aa:3f:b6:d2:b8:80:e7:85:07:18:5f:55:3f:bc:44: 6b:5b:d9:f2:de:58:51:7f:e5:cb:e6:cb:33:a1:b3: 79:81:c9:08:28:62:98:f6:bb:c2:fc:cf:38:ca:dd: f9:b8:a4:8f:d6:c0:5c:18:b3:3c:20:80:da:7e:e1: f6:47:cf:97:08:e0:91:9b:58:52:4b:87:0d:d1:20: 80:9b:41:8f:51:fb:f9:66:76:6d:ae:72:cd:e1:d1: 78:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:0A:33:B4:A4:C2:18:AA:9B:4D:65:AA:78:19:C6:0B:80:AA:28:E1 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/zwoztKTCGKqbTWWqeBnGC4CqKOE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 124.71.253.0/24 Signature Algorithm: sha256WithRSAEncryption 21:4c:eb:f4:38:06:1e:db:07:22:0a:26:f8:e7:86:45:36:bd: 42:ba:dd:43:c0:0c:8c:d0:f9:f4:af:36:9f:3f:3b:a5:16:be: f9:a8:94:5f:2a:4e:7c:53:97:77:6d:b5:92:3d:db:d2:dd:72: 4c:a3:38:2b:f6:38:22:a2:74:c4:73:f1:2b:c0:bd:dd:06:4b: 38:7a:e8:3b:c3:46:62:1b:96:1a:fa:26:3f:d4:eb:42:08:61: 25:84:86:96:7c:bd:6b:81:b2:c2:36:93:51:01:ba:d3:d6:f7: 60:da:6e:54:7d:c2:1b:a9:21:5b:d9:30:b1:56:10:78:97:cf: b2:5a:4e:ed:37:75:44:9f:11:0d:82:b8:52:94:fd:9a:6b:27: 23:1f:59:aa:2c:9e:f6:76:4d:8b:17:6f:1e:a1:dd:24:8a:80: e3:79:96:d9:39:57:c4:39:ae:86:92:1e:1b:40:96:5c:d4:3e: 8e:24:ec:d7:1c:71:df:29:d9:8e:da:d2:94:4d:4e:30:c6:d4: 9b:c6:d1:4f:fe:56:7e:49:9e:9b:4f:cc:44:53:29:d6:85:af: 3e:1a:64:29:4d:2c:65:8a:8c:d2:69:c2:b1:7a:18:b9:d5:8b: fb:ae:48:21:6d:5a:60:d0:8d:de:40:ed:70:a6:21:51:03:ef: b4:96:82:07 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEKQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTAxMTYw NzQxNTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKENGMEEzM0I0QTRDMjE4 QUE5QjRENjVBQTc4MTlDNjBCODBBQTI4RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDsZTxCckuEzAg5eCNwCKGn5wqKaBdhHEIsgV/osGVdtx3n4uxP P05KvccrvBCBPZ+X4IHhA9jH+xlsCBZpPLEAKQHUJXOLZE8M/kEc71y6DFJN8kne bVD7cNFdRJs9NwqIvs39TJd3r8vV1gy3n767dJkhOaPzfzHaiqQTfb92BTIntpSB 9PkkMhRHkGECRASfPHT2nufXxDjpMHhlA0lA9voNcKo/ttK4gOeFBxhfVT+8RGtb 2fLeWFF/5cvmyzOhs3mByQgoYpj2u8L8zzjK3fm4pI/WwFwYszwggNp+4fZHz5cI 4JGbWFJLhw3RIICbQY9R+/lmdm2ucs3h0XhnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUzwoztKTCGKqbTWWqeBnGC4CqKOEwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvendvenRLVENHS3Fi VFdXcWVCbkdDNENxS09FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHxH/TANBgkqhkiG9w0BAQsFAAOCAQEAIUzr9DgGHtsHIgom+OeGRTa9Qrrd Q8AMjND59K82nz87pRa++aiUXypOfFOXd221kj3b0t1yTKM4K/Y4IqJ0xHPxK8C9 3QZLOHroO8NGYhuWGvomP9TrQghhJYSGlny9a4GywjaTUQG609b3YNpuVH3CG6kh W9kwsVYQeJfPslpO7Td1RJ8RDYK4UpT9mmsnIx9Zqiye9nZNixdvHqHdJIqA43mW 2TlXxDmuhpIeG0CWXNQ+jiTs1xxx3ynZjtrSlE1OMMbUm8bRT/5Wfkmem0/MRFMp 1oWvPhpkKU0sZYqM0mnCsXoYudWL+65IIW1aYNCN3kDtcKYhUQPvtJaCBw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:35:00 2025 by rpki-client