$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3078/YIXqtbW8ewV9dttzBwmjE_0RHFo.roa File: YIXqtbW8ewV9dttzBwmjE_0RHFo.roa (raw, json) Hash identifier: Jvl6RKBM/xdBnXX2h3cAZ41hDAScTWkVStQjzxrcuPo= Subject key identifier: 60:85:EA:B5:B5:BC:7B:05:7D:76:DB:73:07:09:A3:13:FD:11:1C:5A Certificate issuer: /CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785 Certificate serial: 3C Authority key identifier: F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/YIXqtbW8ewV9dttzBwmjE_0RHFo.roa Signing time: Sat 17 May 2025 03:40:40 +0000 ROA not before: Sat 17 May 2025 03:40:40 +0000 ROA not after: Sun 10 May 2026 04:51:55 +0000 asID: 151270 IP address blocks: 110.40.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:09:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785 Validity Not Before: May 17 03:40:40 2025 GMT Not After : May 10 04:51:55 2026 GMT Subject: CN=6085EAB5B5BC7B057D76DB730709A313FD111C5A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:e9:82:4f:48:8e:bd:f4:d5:57:85:24:30:a0: 76:b5:4a:48:61:da:45:ed:76:a8:18:f4:11:61:75: 4e:8d:85:2a:72:9f:cd:12:f1:b0:a9:2b:3b:80:f2: a1:f9:f0:ef:cc:18:55:71:08:66:30:d4:bd:04:7c: b8:81:ca:ce:be:1f:29:57:a3:9e:36:42:dc:1f:58: 9e:38:28:de:53:76:6a:de:6c:1a:e4:50:dc:b6:1e: ef:19:f1:48:85:82:ab:44:9b:39:bc:5b:d5:77:37: 66:f6:ac:d0:ab:86:ef:94:e9:fb:01:3c:d6:54:0c: 3d:39:1b:6a:09:6a:cd:df:de:c9:68:99:04:0b:f7: bb:24:3b:74:cc:37:be:68:76:67:ed:31:af:49:37: f2:52:1d:61:ee:49:8e:ad:76:69:78:b8:43:53:60: 1f:50:65:3a:f9:92:e1:28:65:ff:c8:b5:2d:29:ad: 3c:56:b1:e1:0d:1f:45:8d:41:ad:5a:09:9d:ae:d1: a8:16:fe:42:b2:ed:93:88:fa:fe:b3:ae:4b:01:1e: 2e:5d:c4:bb:ca:a5:5f:04:ec:4b:d9:0f:e9:22:d6: 2a:7b:c8:a0:55:a4:5d:4c:93:cc:94:f6:9e:93:2b: 00:a9:95:69:a2:55:c9:9f:6f:03:18:31:39:76:ff: 40:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:85:EA:B5:B5:BC:7B:05:7D:76:DB:73:07:09:A3:13:FD:11:1C:5A X509v3 Authority Key Identifier: keyid:F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/YIXqtbW8ewV9dttzBwmjE_0RHFo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.40.47.0/24 Signature Algorithm: sha256WithRSAEncryption a8:61:ec:54:43:3c:6a:e2:7e:4f:9b:d2:a4:7f:6e:6c:11:1d: ad:23:d1:6c:b8:73:19:76:10:6b:7a:16:c0:79:fc:8b:99:7b: 6e:d4:a4:1c:8a:8f:c6:45:b9:80:70:0a:7d:db:10:ab:86:aa: d4:39:a6:09:fc:d9:6a:fd:af:75:46:2d:e3:89:aa:3d:c1:9f: 63:a7:98:2c:7a:1e:e4:6a:9d:d9:8c:98:6b:7b:64:c3:3a:e7: da:d4:b3:89:2d:2e:40:d4:e4:b6:14:30:97:4f:62:54:35:27: 1b:81:46:5d:e2:6e:15:76:b3:3d:df:fa:4c:ca:36:af:d5:18: d7:3c:17:f2:16:ca:a8:d6:3e:42:77:f3:24:ed:72:55:71:05: 49:77:3b:09:05:54:fb:7e:f5:11:2d:f8:b1:9d:0c:83:3d:83: d9:ca:a2:f0:c1:12:00:97:4b:6e:29:72:b8:40:d8:d1:14:33: 16:48:f7:dc:14:66:37:04:20:3c:fd:92:22:e7:0e:a0:d4:80: 63:9b:87:56:c4:c5:75:a3:0e:6b:34:42:8f:25:a9:6e:c4:6d: 6c:3d:f1:56:75:f6:d6:e5:93:25:d5:ed:9e:06:36:8c:d4:78: 2f:e3:bf:89:94:92:c2:96:bc:b5:f5:0f:08:25:b1:60:bc:0f: 52:98:64:f2 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGNzAy OTM1RjAyRkMxQjgxMjk3RDFGRkI0Qzc4Q0UwQkExRDQzNzg1MB4XDTI1MDUxNzAz NDA0MFoXDTI2MDUxMDA0NTE1NVowMzExMC8GA1UEAxMoNjA4NUVBQjVCNUJDN0Iw NTdENzZEQjczMDcwOUEzMTNGRDExMUM1QTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALzpgk9Ijr301VeFJDCgdrVKSGHaRe12qBj0EWF1To2FKnKfzRLx sKkrO4Dyofnw78wYVXEIZjDUvQR8uIHKzr4fKVejnjZC3B9Ynjgo3lN2at5sGuRQ 3LYe7xnxSIWCq0SbObxb1Xc3Zvas0KuG75Tp+wE81lQMPTkbaglqzd/eyWiZBAv3 uyQ7dMw3vmh2Z+0xr0k38lIdYe5Jjq12aXi4Q1NgH1BlOvmS4Shl/8i1LSmtPFax 4Q0fRY1BrVoJna7RqBb+QrLtk4j6/rOuSwEeLl3Eu8qlXwTsS9kP6SLWKnvIoFWk XUyTzJT2npMrAKmVaaJVyZ9vAxgxOXb/QL8CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRgheq1tbx7BX1223MHCaMT/REcWjAfBgNVHSMEGDAWgBT3ApNfAvwbgSl9H/tM eM4LodQ3hTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDc4 Lzl3S1RYd0w4RzRFcGZSXzdUSGpPQzZIVU40VS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOXdLVFh3TDhHNEVwZlJfN1RIak9DNkhVTjRVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3OC9ZSVhxdGJXOGV3Vjlk dHR6QndtakVfMFJIRm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAbigvMA0GCSqGSIb3DQEBCwUAA4IBAQCoYexUQzxq4n5Pm9Kkf25sER2tI9Fs uHMZdhBrehbAefyLmXtu1KQcio/GRbmAcAp92xCrhqrUOaYJ/Nlq/a91Ri3jiao9 wZ9jp5gseh7kap3ZjJhre2TDOufa1LOJLS5A1OS2FDCXT2JUNScbgUZd4m4VdrM9 3/pMyjav1RjXPBfyFsqo1j5Cd/Mk7XJVcQVJdzsJBVT7fvURLfixnQyDPYPZyqLw wRIAl0tuKXK4QNjRFDMWSPfcFGY3BCA8/ZIi5w6g1IBjm4dWxMV1ow5rNEKPJalu xG1sPfFWdfbW5ZMl1e2eBjaM1Hgv47+JlJLClry19Q8IJbFgvA9SmGTy -----END CERTIFICATE-----Generated at Wed Jun 4 01:04:09 2025 by rpki-client