$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3261/EsVvAWAvX2Eo3GOkfzMxAiINA8g.roa File: EsVvAWAvX2Eo3GOkfzMxAiINA8g.roa (raw, json) Hash identifier: 6AGrknvwDG7ihjPS80E0x4CYslbjUEAL2UvIQfteyUk= Subject key identifier: 12:C5:6F:01:60:2F:5F:61:28:DC:63:A4:7F:33:31:02:22:0D:03:C8 Certificate issuer: /CN=DCC4D5F25F3EA2CA67C3D8BEB66BF30933E5916A Certificate serial: 06D3 Authority key identifier: DC:C4:D5:F2:5F:3E:A2:CA:67:C3:D8:BE:B6:6B:F3:09:33:E5:91:6A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3MTV8l8-ospnw9i-tmvzCTPlkWo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/EsVvAWAvX2Eo3GOkfzMxAiINA8g.roa Signing time: Fri 17 Jan 2025 01:27:21 +0000 ROA not before: Fri 17 Jan 2025 01:27:21 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 146787 IP address blocks: 157.15.74.0/23 maxlen: 26 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/3MTV8l8-ospnw9i-tmvzCTPlkWo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/3MTV8l8-ospnw9i-tmvzCTPlkWo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3MTV8l8-ospnw9i-tmvzCTPlkWo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1747 (0x6d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DCC4D5F25F3EA2CA67C3D8BEB66BF30933E5916A Validity Not Before: Jan 17 01:27:21 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=12C56F01602F5F6128DC63A47F333102220D03C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:9a:32:d7:10:e2:e8:af:e8:9e:94:11:d1:66: e0:68:2e:42:11:1c:50:6a:72:1a:cb:1a:ba:7b:bc: 0c:ff:7b:8c:0c:d3:df:82:b8:7c:90:38:d0:a6:a5: 2c:af:7a:87:ea:46:92:1a:38:16:c6:1b:d7:ec:11: 6e:f2:6d:cb:d1:69:1b:6b:e9:59:3c:66:df:87:90: 70:9f:75:91:ee:9c:7b:04:1e:92:c3:79:c0:25:a5: 92:55:b8:61:8c:b1:e0:dd:bd:df:3d:00:27:e6:f2: 0c:6a:ea:03:54:53:4c:ca:a4:40:4b:54:4b:52:a3: 5e:32:22:e3:9f:30:b5:fb:30:4c:f3:07:33:08:e8: 84:23:df:52:ec:af:28:fe:02:0b:b9:e4:4a:16:e8: ed:12:92:3a:f3:a6:e4:c5:42:7f:dc:35:29:1b:54: 6c:c7:c9:66:8a:67:b9:70:eb:a9:da:1e:7d:67:01: 08:be:bd:9a:fe:3e:68:e6:6e:e3:79:20:75:63:02: 44:35:ae:28:fa:26:e3:40:9e:b0:ad:54:85:85:1d: aa:02:4d:61:b0:7c:27:c7:f2:16:b1:b9:45:be:bd: 22:8b:26:9b:ca:1c:36:48:48:cd:d3:f3:19:e0:47: 55:58:ae:95:7e:37:ea:6f:ee:95:bd:b7:e3:96:f7: e2:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:C5:6F:01:60:2F:5F:61:28:DC:63:A4:7F:33:31:02:22:0D:03:C8 X509v3 Authority Key Identifier: keyid:DC:C4:D5:F2:5F:3E:A2:CA:67:C3:D8:BE:B6:6B:F3:09:33:E5:91:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/3MTV8l8-ospnw9i-tmvzCTPlkWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3MTV8l8-ospnw9i-tmvzCTPlkWo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3261/EsVvAWAvX2Eo3GOkfzMxAiINA8g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.15.74.0/23 Signature Algorithm: sha256WithRSAEncryption 8c:ae:72:28:07:77:aa:86:b7:87:26:aa:27:bb:5b:a5:aa:a9: 0f:bf:98:b5:67:10:a1:e6:ac:a4:95:02:5f:ed:45:1e:3c:8f: ca:54:9b:a9:08:17:b8:21:14:cc:af:3f:0d:6b:62:03:22:84: 67:5d:42:41:cc:53:3a:c3:b6:28:02:8d:fb:0f:0f:ef:31:9b: 78:e3:c2:87:34:d6:34:b1:5b:8f:0f:44:79:2e:70:79:ca:b4: c1:15:09:56:c4:cc:95:33:fa:7e:18:a1:27:f2:77:f3:f5:1b: 40:d4:47:77:ad:97:42:ff:8c:f7:30:90:92:42:05:e1:73:ca: ce:e0:7c:e2:d5:a3:46:05:61:88:0f:65:d1:82:47:4b:e0:10: 32:e3:d0:6c:22:41:e4:de:88:1e:10:58:62:23:34:95:b3:3d: 7a:ec:51:6a:5e:2e:33:c5:a2:f9:68:27:47:60:b8:75:30:6b: c2:03:a1:47:12:ac:b3:ef:8e:d4:34:56:f1:b6:20:6b:6f:fa: bb:b6:45:7c:43:16:74:36:62:73:73:1f:75:9b:54:b2:29:79: 75:e1:0f:8c:28:fc:30:68:7d:81:21:fb:b1:de:7f:56:68:6b: 5b:32:d5:26:38:c8:30:13:18:9b:0f:50:7d:92:e9:32:9c:42: 05:31:0f:17 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBtMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREND NEQ1RjI1RjNFQTJDQTY3QzNEOEJFQjY2QkYzMDkzM0U1OTE2QTAeFw0yNTAxMTcw MTI3MjFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDEyQzU2RjAxNjAyRjVG NjEyOERDNjNBNDdGMzMzMTAyMjIwRDAzQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCfmjLXEOLor+ielBHRZuBoLkIRHFBqchrLGrp7vAz/e4wM09+C uHyQONCmpSyveofqRpIaOBbGG9fsEW7ybcvRaRtr6Vk8Zt+HkHCfdZHunHsEHpLD ecAlpZJVuGGMseDdvd89ACfm8gxq6gNUU0zKpEBLVEtSo14yIuOfMLX7MEzzBzMI 6IQj31Lsryj+Agu55EoW6O0SkjrzpuTFQn/cNSkbVGzHyWaKZ7lw66naHn1nAQi+ vZr+PmjmbuN5IHVjAkQ1rij6JuNAnrCtVIWFHaoCTWGwfCfH8haxuUW+vSKLJpvK HDZISM3T8xngR1VYrpV+N+pv7pW9t+OW9+KNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUEsVvAWAvX2Eo3GOkfzMxAiINA8gwHwYDVR0jBBgwFoAU3MTV8l8+ospnw9i+ tmvzCTPlkWowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2 MS8zTVRWOGw4LW9zcG53OWktdG12ekNUUGxrV28uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzNNVFY4bDgtb3Nwbnc5aS10bXZ6Q1RQbGtXby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjEvRXNWdkFXQXZYMkVv M0dPa2Z6TXhBaUlOQThnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ0PSjANBgkqhkiG9w0BAQsFAAOCAQEAjK5yKAd3qoa3hyaqJ7tbpaqpD7+Y tWcQoeaspJUCX+1FHjyPylSbqQgXuCEUzK8/DWtiAyKEZ11CQcxTOsO2KAKN+w8P 7zGbeOPChzTWNLFbjw9EeS5wecq0wRUJVsTMlTP6fhihJ/J38/UbQNRHd62XQv+M 9zCQkkIF4XPKzuB84tWjRgVhiA9l0YJHS+AQMuPQbCJB5N6IHhBYYiM0lbM9euxR al4uM8Wi+WgnR2C4dTBrwgOhRxKss++O1DRW8bYga2/6u7ZFfEMWdDZic3MfdZtU sil5deEPjCj8MGh9gSH7sd5/VmhrWzLVJjjIMBMYmw9QfZLpMpxCBTEPFw== -----END CERTIFICATE-----Generated at Fri Apr 4 18:43:46 2025 by rpki-client