$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/EvsXQSBnZYeHskv4Xrnr8yQ9ypM.roa File: EvsXQSBnZYeHskv4Xrnr8yQ9ypM.roa (raw, json) Hash identifier: wUxRPmXu2V3zdbriU42FqGGpGH5KdIXypqAFGMzHOVk= Subject key identifier: 12:FB:17:41:20:67:65:87:87:B2:4B:F8:5E:B9:EB:F3:24:3D:CA:93 Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF Certificate serial: 0EA6 Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/EvsXQSBnZYeHskv4Xrnr8yQ9ypM.roa Signing time: Mon 10 Mar 2025 15:36:13 +0000 ROA not before: Mon 10 Mar 2025 15:36:13 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4134 IP address blocks: 113.31.90.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Mar 2025 10:57:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3750 (0xea6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF Validity Not Before: Mar 10 15:36:13 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=12FB17412067658787B24BF85EB9EBF3243DCA93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:03:28:f8:c0:55:1a:1c:5a:e8:5c:f1:27:79: aa:f5:2f:fb:8d:c9:3c:d8:88:f1:8a:1f:98:9b:4d: 48:69:26:4d:74:1d:3d:5c:23:2c:6d:35:99:d3:08: 15:2a:99:23:35:05:9c:8a:97:30:ea:13:02:42:a9: b4:e8:5f:2a:3a:44:17:ce:e2:ba:71:fb:12:4f:4a: c7:b2:14:50:67:9f:c0:b1:42:51:18:e0:c2:46:de: f4:23:6c:de:9d:9a:8a:fe:57:3f:7c:65:5e:60:d9: a8:c9:94:bd:71:6f:10:29:c4:94:8d:3d:08:86:69: 96:98:bc:40:48:03:9c:f5:2f:27:53:d0:3f:95:c1: 37:7c:1a:98:a6:04:85:25:ff:95:95:fe:7b:b7:90: 04:47:ad:cc:16:43:c3:25:5a:5f:37:cf:67:08:ba: d2:14:24:37:14:fa:40:7c:05:a4:6c:13:c1:05:9f: f3:ba:c0:99:9f:bf:2d:d7:de:34:c3:45:89:2c:73: 76:f2:1b:92:20:2a:ab:a6:f7:f4:7a:a4:36:8f:9d: 40:15:93:63:52:23:14:ca:18:25:18:8e:ec:0b:87: d4:b7:d0:80:f8:2b:13:fb:c3:a5:77:c5:50:f3:ef: cc:c9:c4:d6:b9:23:5a:71:d9:d8:3e:e8:46:37:63: d2:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:FB:17:41:20:67:65:87:87:B2:4B:F8:5E:B9:EB:F3:24:3D:CA:93 X509v3 Authority Key Identifier: keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/EvsXQSBnZYeHskv4Xrnr8yQ9ypM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.90.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:19:79:b5:5e:e6:1f:a2:45:24:f1:8d:0a:1f:62:d6:02:75: 08:60:b1:2d:80:ba:39:39:fb:7c:0e:d6:00:d5:41:3b:d9:68: a9:f2:44:3f:e0:7f:c1:e4:30:68:bf:e4:35:00:03:8b:ca:28: 10:18:14:4e:00:2d:a6:30:84:df:ad:61:81:d4:bc:13:fd:4b: 9e:0d:df:b8:35:98:ed:d6:ba:2c:8e:93:91:0f:c3:90:01:cc: 48:76:f5:fe:90:25:c4:e8:bb:f7:ba:78:5f:c4:57:6a:39:2b: 56:fd:9c:01:89:f4:44:e0:06:9e:fb:7b:e5:2f:1a:d7:de:86: 62:5e:b8:fb:e9:15:3a:88:e6:79:b1:68:66:84:06:ab:2a:a8: c4:73:6f:56:33:f1:4f:27:5c:e6:69:c0:a9:f5:11:d6:31:47: d2:89:cf:e6:81:82:ad:58:76:a0:37:dd:72:e8:db:4a:f5:79: 28:91:f2:3c:80:2a:59:ae:13:21:48:29:f4:fc:22:20:9c:51: 79:5e:87:51:6d:fb:7e:22:4e:f9:67:3c:b7:cc:a0:76:a9:59: 4a:35:7c:05:22:4e:a7:6f:78:b3:1d:b7:41:9f:c3:aa:fd:75: cb:41:7a:2a:30:7d:7d:c7:a1:4b:73:0f:c2:90:57:f1:a3:b3: e9:4d:28:05 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDqYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3 MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAzMTAx NTM2MTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDEyRkIxNzQxMjA2NzY1 ODc4N0IyNEJGODVFQjlFQkYzMjQzRENBOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxAyj4wFUaHFroXPEnear1L/uNyTzYiPGKH5ibTUhpJk10HT1c IyxtNZnTCBUqmSM1BZyKlzDqEwJCqbToXyo6RBfO4rpx+xJPSseyFFBnn8CxQlEY 4MJG3vQjbN6dmor+Vz98ZV5g2ajJlL1xbxApxJSNPQiGaZaYvEBIA5z1LydT0D+V wTd8GpimBIUl/5WV/nu3kARHrcwWQ8MlWl83z2cIutIUJDcU+kB8BaRsE8EFn/O6 wJmfvy3X3jTDRYksc3byG5IgKqum9/R6pDaPnUAVk2NSIxTKGCUYjuwLh9S30ID4 KxP7w6V3xVDz78zJxNa5I1px2dg+6EY3Y9I5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEvsXQSBnZYeHskv4Xrnr8yQ9ypMwHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL0V2c1hRU0JuWlllSHNr djRYcm5yOHlROXlwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFxH1owDQYJKoZIhvcNAQELBQADggEBAB8ZebVe5h+iRSTxjQofYtYCdQhgsS2A ujk5+3wO1gDVQTvZaKnyRD/gf8HkMGi/5DUAA4vKKBAYFE4ALaYwhN+tYYHUvBP9 S54N37g1mO3WuiyOk5EPw5ABzEh29f6QJcTou/e6eF/EV2o5K1b9nAGJ9ETgBp77 e+UvGtfehmJeuPvpFTqI5nmxaGaEBqsqqMRzb1Yz8U8nXOZpwKn1EdYxR9KJz+aB gq1YdqA33XLo20r1eSiR8jyAKlmuEyFIKfT8IiCcUXleh1Ft+34iTvlnPLfMoHap WUo1fAUiTqdveLMdt0Gfw6r9dctBeiowfX3HoUtzD8KQV/Gjs+lNKAU= -----END CERTIFICATE-----Generated at Thu Mar 13 07:08:26 2025 by rpki-client