$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3078/_aD38F37GLS0Z0g82klrN-dGPAU.roa File: _aD38F37GLS0Z0g82klrN-dGPAU.roa (raw, json) Hash identifier: cwotvzVa++xWVuvXaHhjkF+iE4R3zb5XhSpCZ/5sPjg= Subject key identifier: FD:A0:F7:F0:5D:FB:18:B4:B4:67:48:3C:DA:49:6B:37:E7:46:3C:05 Certificate issuer: /CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785 Certificate serial: 2B Authority key identifier: F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/_aD38F37GLS0Z0g82klrN-dGPAU.roa Signing time: Fri 16 May 2025 15:03:33 +0000 ROA not before: Fri 16 May 2025 15:03:33 +0000 ROA not after: Sun 10 May 2026 04:51:55 +0000 asID: 151270 IP address blocks: 110.40.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:09:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F702935F02FC1B81297D1FFB4C78CE0BA1D43785 Validity Not Before: May 16 15:03:33 2025 GMT Not After : May 10 04:51:55 2026 GMT Subject: CN=FDA0F7F05DFB18B4B467483CDA496B37E7463C05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:3c:b1:06:1e:dc:5b:1a:a6:1b:b7:45:5d:e1: 53:99:d3:e8:fb:21:2b:b8:f4:40:b0:8d:4e:77:5a: c2:8f:e2:3b:26:67:bb:f9:5b:33:70:65:2b:3a:79: 86:18:47:d4:e8:0d:01:6e:fe:b6:eb:0d:fb:51:90: 20:54:72:91:3b:d0:4c:c1:3e:1a:09:68:3c:c2:47: d5:df:ee:fb:45:00:b5:6d:56:a4:3e:78:13:4d:64: a6:33:ff:b5:57:ba:c1:81:62:21:1a:d2:9a:8a:6e: 6d:8d:be:a2:77:6b:de:80:ee:c6:e2:ca:e4:a7:5a: 86:77:76:f7:5c:cd:3b:dc:ee:3e:4f:5b:9e:25:d3: 66:cc:5b:c8:d6:f4:4d:40:02:89:23:0a:37:c4:54: 07:55:b0:23:65:43:90:4f:ae:01:2e:9f:a4:cb:2f: 76:7c:7d:ec:6a:34:7a:bb:8b:ef:37:67:f1:ff:8c: ec:af:9c:92:1f:3e:dc:4b:a2:ae:85:e9:88:52:fc: 59:18:64:9f:78:8a:b2:d6:dc:29:8a:9d:da:d6:0c: 86:45:44:00:bf:da:12:03:5c:d9:b8:5c:6f:b4:1d: 4d:35:f2:71:7d:48:28:b6:90:9f:2a:81:d5:af:97: cc:90:09:65:b4:e8:0c:d4:94:d8:3d:52:22:d8:65: b6:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:A0:F7:F0:5D:FB:18:B4:B4:67:48:3C:DA:49:6B:37:E7:46:3C:05 X509v3 Authority Key Identifier: keyid:F7:02:93:5F:02:FC:1B:81:29:7D:1F:FB:4C:78:CE:0B:A1:D4:37:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/9wKTXwL8G4EpfR_7THjOC6HUN4U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9wKTXwL8G4EpfR_7THjOC6HUN4U.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3078/_aD38F37GLS0Z0g82klrN-dGPAU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.40.48.0/24 Signature Algorithm: sha256WithRSAEncryption ae:dc:6d:df:37:87:15:45:ac:40:20:a5:ce:5f:bc:0f:4d:c7: d9:32:04:37:06:95:bb:f7:96:1a:d9:22:46:01:30:f9:f3:64: 04:dc:1a:9d:d0:02:c3:a7:d4:e4:43:83:db:6e:f4:50:3c:fb: f1:2d:af:01:00:ec:d5:98:1c:e7:5f:72:01:78:65:d7:58:53: ed:46:84:3e:c0:12:42:14:37:96:72:03:0d:d5:51:96:dd:0e: f0:7c:ad:62:1c:3b:b9:8a:0f:77:a4:5c:19:40:4b:d4:58:c4: ee:27:83:2b:05:27:4a:03:2f:2e:c1:f5:8d:95:77:0f:0c:18: 97:b2:cb:4f:a2:fd:c4:56:a5:44:34:b6:aa:64:de:c9:30:4e: 84:19:67:ba:ec:bc:31:a4:31:cd:ed:69:44:de:54:29:88:4d: ff:53:f9:8e:67:8a:73:db:9f:c3:5f:2e:12:02:0d:ba:3b:4a: 7a:7a:64:88:2e:ed:4a:62:fa:64:99:60:58:52:a3:5a:14:1a: e1:a2:85:e8:f7:36:b4:d5:e9:87:40:43:e8:77:71:4e:f9:7b: b4:0b:04:e7:8c:ed:da:92:4e:4f:1f:46:ed:c2:04:6c:d4:94: 95:10:ea:a3:66:61:ea:1a:dc:63:11:59:8a:f3:90:8b:fa:4e: e0:c2:df:35 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGNzAy OTM1RjAyRkMxQjgxMjk3RDFGRkI0Qzc4Q0UwQkExRDQzNzg1MB4XDTI1MDUxNjE1 MDMzM1oXDTI2MDUxMDA0NTE1NVowMzExMC8GA1UEAxMoRkRBMEY3RjA1REZCMThC NEI0Njc0ODNDREE0OTZCMzdFNzQ2M0MwNTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAM08sQYe3Fsaphu3RV3hU5nT6PshK7j0QLCNTndawo/iOyZnu/lb M3BlKzp5hhhH1OgNAW7+tusN+1GQIFRykTvQTME+GgloPMJH1d/u+0UAtW1WpD54 E01kpjP/tVe6wYFiIRrSmopubY2+ondr3oDuxuLK5Kdahnd291zNO9zuPk9bniXT ZsxbyNb0TUACiSMKN8RUB1WwI2VDkE+uAS6fpMsvdnx97Go0eruL7zdn8f+M7K+c kh8+3EuiroXpiFL8WRhkn3iKstbcKYqd2tYMhkVEAL/aEgNc2bhcb7QdTTXycX1I KLaQnyqB1a+XzJAJZbToDNSU2D1SIthltsMCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBT9oPfwXfsYtLRnSDzaSWs350Y8BTAfBgNVHSMEGDAWgBT3ApNfAvwbgSl9H/tM eM4LodQ3hTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMDc4 Lzl3S1RYd0w4RzRFcGZSXzdUSGpPQzZIVU40VS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOXdLVFh3TDhHNEVwZlJfN1RIak9DNkhVTjRVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3OC9fYUQzOEYzN0dMUzBa MGc4Mmtsck4tZEdQQVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAbigwMA0GCSqGSIb3DQEBCwUAA4IBAQCu3G3fN4cVRaxAIKXOX7wPTcfZMgQ3 BpW795Ya2SJGATD582QE3Bqd0ALDp9TkQ4PbbvRQPPvxLa8BAOzVmBznX3IBeGXX WFPtRoQ+wBJCFDeWcgMN1VGW3Q7wfK1iHDu5ig93pFwZQEvUWMTuJ4MrBSdKAy8u wfWNlXcPDBiXsstPov3EVqVENLaqZN7JME6EGWe67LwxpDHN7WlE3lQpiE3/U/mO Z4pz25/DXy4SAg26O0p6emSILu1KYvpkmWBYUqNaFBrhooXo9za01emHQEPod3FO +Xu0CwTnjO3akk5PH0btwgRs1JSVEOqjZmHqGtxjEVmK85CL+k7gwt81 -----END CERTIFICATE-----Generated at Wed Jun 4 00:55:27 2025 by rpki-client