$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/410/qosX3_zdjAXzbAp2h5Utf1s4le0.roa File: qosX3_zdjAXzbAp2h5Utf1s4le0.roa (raw, json) Hash identifier: qz6TRBd46dnuHKZSDkhq2NpbeQDgF9gZAUMIJHMSLEQ= Subject key identifier: AA:8B:17:DF:FC:DD:8C:05:F3:6C:0A:76:87:95:2D:7F:5B:38:95:ED Certificate issuer: /CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF Certificate serial: 0E0F Authority key identifier: 77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qosX3_zdjAXzbAp2h5Utf1s4le0.roa Signing time: Sun 09 Feb 2025 13:36:52 +0000 ROA not before: Sun 09 Feb 2025 13:36:52 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4134 IP address blocks: 113.31.64.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 21:27:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3599 (0xe0f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7770B739B9EFCEB8BC1FDA0560E4785561F2BCBF Validity Not Before: Feb 9 13:36:52 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=AA8B17DFFCDD8C05F36C0A7687952D7F5B3895ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:a5:53:06:8f:4c:cb:4c:2d:c1:39:63:9a:ae: 90:15:58:71:62:18:2c:88:1d:7a:2d:c4:11:dc:57: 40:54:ea:9c:e7:1c:13:a9:ef:34:ef:01:72:4d:65: fb:c3:c2:85:9f:60:1e:09:bd:1e:6b:68:2e:eb:2d: 8a:f0:eb:dd:31:91:98:a9:e6:44:f3:8a:17:0c:89: f0:54:47:ad:b8:5d:73:d4:06:8b:27:be:fd:8c:b1: 7c:3b:af:c6:c1:27:ee:ea:f4:ad:56:ed:90:e3:a4: e2:25:a8:5c:f3:8e:5a:1b:ba:c9:22:86:8e:ee:63: b3:c4:1a:19:65:46:4d:f2:39:e5:9c:0d:89:71:20: c1:fe:90:bb:f0:ed:99:29:ba:7c:cd:23:d9:67:24: 6e:1c:05:d8:a0:90:e9:36:9e:eb:d9:a9:36:d2:88: 32:37:ed:3c:5c:7e:fd:32:d1:8c:6d:fa:ad:ea:10: 37:e5:c4:d8:79:6f:b6:4e:6c:5c:47:7c:e3:da:ae: ff:e5:12:db:dd:92:f4:6c:e6:27:62:50:f6:57:cd: ce:09:ef:63:54:81:c1:d6:1c:b3:5d:aa:b5:52:21: 6d:0a:b2:2e:6f:da:93:79:2c:2d:06:dc:36:34:1e: ce:60:29:8f:f0:2c:ca:78:85:26:d5:9e:80:5f:a3: cd:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:8B:17:DF:FC:DD:8C:05:F3:6C:0A:76:87:95:2D:7F:5B:38:95:ED X509v3 Authority Key Identifier: keyid:77:70:B7:39:B9:EF:CE:B8:BC:1F:DA:05:60:E4:78:55:61:F2:BC:BF X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/d3C3Obnvzri8H9oFYOR4VWHyvL8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/d3C3Obnvzri8H9oFYOR4VWHyvL8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/410/qosX3_zdjAXzbAp2h5Utf1s4le0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 113.31.64.0/20 Signature Algorithm: sha256WithRSAEncryption 95:a9:ba:9d:4d:c5:34:66:00:a0:e0:77:d2:7c:0b:b9:f6:6e: 05:e4:d3:98:f7:7d:85:5f:a1:3a:8c:c4:d5:7f:6a:1b:c9:d2: ea:ad:68:bd:5f:1b:fb:22:d5:99:37:5b:5d:a9:87:02:eb:af: d2:e4:2c:25:e4:db:e7:ef:7b:11:cc:8e:89:96:e4:41:5c:ee: df:85:4a:03:a7:f9:57:eb:c6:22:c5:07:8f:9a:09:82:5f:f0: 4b:dc:86:cb:9a:b1:6a:28:31:e4:2d:02:b5:85:5d:bc:8f:25: ce:60:c5:3b:7d:7d:94:6c:87:31:07:41:4e:f2:36:b7:47:6d: 0d:25:b5:56:5c:c1:1c:4a:49:76:de:eb:6b:58:b3:a4:6e:b9: bc:44:71:b2:6b:cf:61:76:70:c1:1b:9d:a8:b4:e7:8a:84:f4: 00:d1:ed:7d:21:5d:6f:f2:e2:61:e3:b7:1f:de:cb:67:62:41: eb:62:0b:0a:d2:71:3e:bb:8c:b2:c6:59:f1:bf:e7:33:0c:8b: e6:9c:9a:a3:66:90:f5:00:ac:35:55:99:f8:7e:fa:19:7f:5e: 80:a7:d5:4c:70:d2:9b:6a:12:4e:aa:06:f0:0f:e2:1f:ee:0d: a3:3a:ed:f3:18:c1:2a:be:3a:1e:5b:90:1c:82:1a:31:94:d2: fa:88:6e:3c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDg8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzc3 MEI3MzlCOUVGQ0VCOEJDMUZEQTA1NjBFNDc4NTU2MUYyQkNCRjAeFw0yNTAyMDkx MzM2NTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFBOEIxN0RGRkNERDhD MDVGMzZDMEE3Njg3OTUyRDdGNUIzODk1RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIpVMGj0zLTC3BOWOarpAVWHFiGCyIHXotxBHcV0BU6pznHBOp 7zTvAXJNZfvDwoWfYB4JvR5raC7rLYrw690xkZip5kTzihcMifBUR624XXPUBosn vv2MsXw7r8bBJ+7q9K1W7ZDjpOIlqFzzjlobuskiho7uY7PEGhllRk3yOeWcDYlx IMH+kLvw7ZkpunzNI9lnJG4cBdigkOk2nuvZqTbSiDI37Txcfv0y0Yxt+q3qEDfl xNh5b7ZObFxHfOParv/lEtvdkvRs5idiUPZXzc4J72NUgcHWHLNdqrVSIW0Ksi5v 2pN5LC0G3DY0Hs5gKY/wLMp4hSbVnoBfo80HAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUqosX3/zdjAXzbAp2h5Utf1s4le0wHwYDVR0jBBgwFoAUd3C3Obnvzri8H9oF YOR4VWHyvL8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEw L2QzQzNPYm52enJpOEg5b0ZZT1I0VldIeXZMOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZDNDM09ibnZ6cmk4SDlvRllPUjRWV0h5dkw4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEwL3Fvc1gzX3pkakFYemJB cDJoNVV0ZjFzNGxlMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BARxH0AwDQYJKoZIhvcNAQELBQADggEBAJWpup1NxTRmAKDgd9J8C7n2bgXk05j3 fYVfoTqMxNV/ahvJ0uqtaL1fG/si1Zk3W12phwLrr9LkLCXk2+fvexHMjomW5EFc 7t+FSgOn+VfrxiLFB4+aCYJf8EvchsuasWooMeQtArWFXbyPJc5gxTt9fZRshzEH QU7yNrdHbQ0ltVZcwRxKSXbe62tYs6RuubxEcbJrz2F2cMEbnai054qE9ADR7X0h XW/y4mHjtx/ey2diQetiCwrScT67jLLGWfG/5zMMi+acmqNmkPUArDVVmfh++hl/ XoCn1Uxw0ptqEk6qBvAP4h/uDaM67fMYwSq+Oh5bkByCGjGU0vqIbjw= -----END CERTIFICATE-----Generated at Wed Feb 19 20:37:33 2025 by rpki-client