$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/OHvPk4rBe6rYnxWR-IGvTNLW3v4.roa File: OHvPk4rBe6rYnxWR-IGvTNLW3v4.roa (raw, json) Hash identifier: gjcgYWPQGBH0nCigLkahNCzNhcpgPyN7LF+qFsU1XMM= Subject key identifier: 38:7B:CF:93:8A:C1:7B:AA:D8:9F:15:91:F8:81:AF:4C:D2:D6:DE:FE Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CB7 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/OHvPk4rBe6rYnxWR-IGvTNLW3v4.roa Signing time: Thu 02 Jan 2025 13:58:22 +0000 ROA not before: Thu 02 Jan 2025 13:58:22 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 138421 IP address blocks: 118.145.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 10:37:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7351 (0x1cb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:22 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=387BCF938AC17BAAD89F1591F881AF4CD2D6DEFE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:0e:58:2f:5b:dd:fb:20:67:8c:25:6a:25:cb: 3e:de:f2:22:30:8a:15:c6:52:64:c8:46:fa:5c:bd: ce:05:2f:8f:9c:e7:d3:27:b7:dc:4b:00:2d:5f:44: 08:33:1d:58:a5:95:18:c8:41:de:b5:a8:ff:de:f2: e3:1a:1e:c8:18:7f:96:b4:f9:26:9c:53:b6:3a:d5: 64:4c:48:a8:e0:36:3e:21:05:e9:bc:56:13:7f:9f: 3f:d3:b1:02:ea:9d:c3:98:76:67:c6:6a:7a:26:69: 1a:9d:da:1e:e3:3f:42:eb:0d:9d:f8:00:fd:05:ee: 6a:00:76:49:9f:c0:26:5d:62:bc:b7:e0:18:ec:2c: 73:ba:c6:18:0b:c9:f7:f0:8d:ce:7b:f4:c4:9b:7c: e2:af:d3:58:de:95:c8:e4:64:e4:11:77:c3:27:9d: 3a:9b:07:4c:4d:f1:25:12:94:31:a4:6e:ea:4c:2e: 4c:f9:c4:42:f5:17:17:2e:2e:0e:cb:57:17:82:1f: 70:c7:9a:59:17:58:13:de:56:bb:e9:a0:b1:72:a1: 00:76:e0:86:53:b3:f4:85:aa:85:b3:f0:51:16:2d: c9:ca:4a:63:46:61:8f:ad:bb:58:83:02:c9:39:48: cc:01:77:f8:83:9f:a6:a2:a2:1a:3f:59:ed:62:17: 88:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:7B:CF:93:8A:C1:7B:AA:D8:9F:15:91:F8:81:AF:4C:D2:D6:DE:FE X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/OHvPk4rBe6rYnxWR-IGvTNLW3v4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 118.145.32.0/19 Signature Algorithm: sha256WithRSAEncryption 09:ba:86:9e:f3:0d:6b:bd:6c:d2:22:c2:db:1d:3c:57:05:58: 9c:8a:5a:e5:88:e1:d9:6d:3c:58:25:be:93:ba:bb:fe:cc:0b: 3c:b5:99:61:70:1b:82:c5:ad:95:2c:f9:96:ae:90:ad:d7:30: 13:23:78:02:3f:f5:f7:5e:07:6f:3e:93:cb:f9:16:16:5e:83: 9e:16:45:98:f7:1f:5e:d4:86:d2:d1:95:32:06:9b:ff:78:73: e4:a7:3e:26:32:77:bc:aa:24:30:2c:ad:98:a2:0c:ce:9c:e7: de:a0:d1:bf:88:43:22:02:f6:04:54:fa:91:18:b9:5a:fc:5d: 05:3c:b2:12:eb:e1:78:db:da:cd:50:6a:a8:66:b9:75:03:00: bf:0c:4a:03:bd:ba:f5:61:5e:3d:c6:84:9b:b1:ff:8e:74:00: 42:00:45:42:a7:e4:c5:8d:76:ca:9e:d8:f7:fa:d1:36:5d:44: fa:cf:f3:98:0b:93:3e:ac:7f:a1:87:8c:0d:54:d2:35:02:ce: cb:0e:75:5e:c3:37:e5:b2:02:b6:e8:26:c0:f4:67:83:18:3c: 33:65:fc:e1:ed:8d:a3:d4:e9:be:de:92:e9:82:fc:ae:e5:81: c7:cd:8e:cc:38:1d:99:df:83:6f:29:f5:50:06:db:7a:a3:4c: ee:ba:de:6e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHLcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDM4N0JDRjkzOEFDMTdC QUFEODlGMTU5MUY4ODFBRjRDRDJENkRFRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6DlgvW937IGeMJWolyz7e8iIwihXGUmTIRvpcvc4FL4+c59Mn t9xLAC1fRAgzHVillRjIQd61qP/e8uMaHsgYf5a0+SacU7Y61WRMSKjgNj4hBem8 VhN/nz/TsQLqncOYdmfGanomaRqd2h7jP0LrDZ34AP0F7moAdkmfwCZdYry34Bjs LHO6xhgLyffwjc579MSbfOKv01jelcjkZOQRd8MnnTqbB0xN8SUSlDGkbupMLkz5 xEL1FxcuLg7LVxeCH3DHmlkXWBPeVrvpoLFyoQB24IZTs/SFqoWz8FEWLcnKSmNG YY+tu1iDAsk5SMwBd/iDn6aioho/We1iF4iXAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOHvPk4rBe6rYnxWR+IGvTNLW3v4wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvT0h2UGs0ckJlNnJZ bnhXUi1JR3ZUTkxXM3Y0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBXaRIDANBgkqhkiG9w0BAQsFAAOCAQEACbqGnvMNa71s0iLC2x08VwVYnIpa 5Yjh2W08WCW+k7q7/swLPLWZYXAbgsWtlSz5lq6QrdcwEyN4Aj/1914Hbz6Ty/kW Fl6DnhZFmPcfXtSG0tGVMgab/3hz5Kc+JjJ3vKokMCytmKIMzpzn3qDRv4hDIgL2 BFT6kRi5WvxdBTyyEuvheNvazVBqqGa5dQMAvwxKA7269WFePcaEm7H/jnQAQgBF QqfkxY12yp7Y9/rRNl1E+s/zmAuTPqx/oYeMDVTSNQLOyw51XsM35bICtugmwPRn gxg8M2X84e2No9Tpvt6S6YL8ruWBx82OzDgdmd+Dbyn1UAbbeqNM7rrebg== -----END CERTIFICATE-----Generated at Sat Apr 12 09:20:37 2025 by rpki-client