$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/561/0F3HvM3mTETH5C_3xndjg6tH0ss.roa File: 0F3HvM3mTETH5C_3xndjg6tH0ss.roa (raw, json) Hash identifier: acTAUgny5ISGHASfQA3K47UuQDIVXqTjiNro/yBUqHU= Subject key identifier: D0:5D:C7:BC:CD:E6:4C:44:C7:E4:2F:F7:C6:77:63:83:AB:47:D2:CB Certificate issuer: /CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Certificate serial: 1BCE Authority key identifier: 83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/0F3HvM3mTETH5C_3xndjg6tH0ss.roa Signing time: Fri 17 Jan 2025 01:30:10 +0000 ROA not before: Fri 17 Jan 2025 01:30:10 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 56282 IP address blocks: 211.155.92.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:10:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7118 (0x1bce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=83E77F37B3B93850835BAA30EE8FC12D55F87054 Validity Not Before: Jan 17 01:30:10 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D05DC7BCCDE64C44C7E42FF7C6776383AB47D2CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:63:89:e2:b6:92:37:2e:f3:39:16:e8:7a:6d: 1c:90:76:2f:1b:42:0e:bd:ed:87:5e:12:f5:95:43: 0d:22:fd:7b:22:a5:ad:49:95:47:f6:32:31:a2:12: e2:57:ed:61:93:00:99:0a:8f:13:17:16:d6:d7:2e: 20:8a:26:73:ad:07:70:66:44:b3:e1:68:76:f6:10: 7d:a0:07:ae:34:d4:e8:6e:94:59:89:71:e1:90:a2: 4c:24:be:eb:d1:21:0d:13:6a:bc:ad:ef:a0:92:f7: c5:96:13:02:3b:f7:ab:18:05:48:0d:de:ec:48:82: d2:ff:4c:0e:d2:eb:a5:64:66:c6:82:5e:72:64:df: a5:ff:e5:39:84:94:c9:dc:82:d9:1d:39:eb:cd:7c: ff:0a:31:3f:19:5c:4b:85:11:81:bd:24:be:7d:5e: 07:4f:1c:8f:a0:58:cc:8a:9c:2f:e9:0c:55:61:c8: 87:f2:b8:ce:74:4a:3d:ed:d3:dc:63:23:dd:d3:3a: 11:04:96:2e:7e:26:4f:04:93:74:c4:ea:9d:c5:f1: cc:b7:5c:3c:b8:14:cc:d6:cb:25:a8:63:d1:bd:80: 2f:7d:4c:83:e8:ec:6a:98:d2:4b:19:a4:69:21:c5: 2d:d4:22:0e:87:9f:9d:37:e4:19:e5:4e:07:51:98: 01:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:5D:C7:BC:CD:E6:4C:44:C7:E4:2F:F7:C6:77:63:83:AB:47:D2:CB X509v3 Authority Key Identifier: keyid:83:E7:7F:37:B3:B9:38:50:83:5B:AA:30:EE:8F:C1:2D:55:F8:70:54 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/g-d_N7O5OFCDW6ow7o_BLVX4cFQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/561/0F3HvM3mTETH5C_3xndjg6tH0ss.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 211.155.92.0/22 Signature Algorithm: sha256WithRSAEncryption 1e:db:fe:49:d3:2c:4d:2d:a8:0a:f6:63:dd:e4:b6:ac:e3:05: 34:24:e9:7a:15:19:6e:44:48:16:6e:2c:38:4b:de:e0:00:60: 13:e4:52:c9:e7:d1:26:3c:07:cb:16:09:9d:59:db:87:60:0a: 82:87:21:56:8c:6e:2b:ce:2d:dd:54:2f:d0:f2:29:34:b3:8b: 05:d5:31:90:91:36:9c:19:33:26:44:59:d1:42:83:68:33:82: be:72:fd:c5:ff:c5:be:15:a0:76:be:ab:15:e9:e7:0c:e2:ad: 81:d1:96:f8:85:ad:07:f7:30:a0:9d:5d:ab:52:05:83:35:de: c7:e8:f1:ee:08:f8:98:cd:7a:37:76:99:81:4a:9c:9f:b8:f6: df:d9:38:c6:df:32:25:7a:2c:c2:12:a7:bf:f3:dc:8a:ca:cd: bc:45:99:a9:11:f9:40:6a:49:2c:67:8d:6e:e4:7e:3b:38:ec: 7d:89:a6:bc:09:02:03:e5:d0:85:05:7e:0e:e3:34:23:e1:60: bc:e5:2b:3d:d2:d8:1b:23:d1:f1:7f:85:65:c3:5e:ce:17:65: e3:0e:de:29:a4:a4:95:cd:a6:9e:03:70:f6:7a:c6:ad:28:8f: 0d:ca:15:38:58:1c:4a:ff:52:c8:12:86:cf:9f:d2:3f:28:41: 10:f1:95:fe -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG84wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODNF NzdGMzdCM0I5Mzg1MDgzNUJBQTMwRUU4RkMxMkQ1NUY4NzA1NDAeFw0yNTAxMTcw MTMwMTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQwNURDN0JDQ0RFNjRD NDRDN0U0MkZGN0M2Nzc2MzgzQUI0N0QyQ0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrY4nitpI3LvM5Fuh6bRyQdi8bQg697YdeEvWVQw0i/Xsipa1J lUf2MjGiEuJX7WGTAJkKjxMXFtbXLiCKJnOtB3BmRLPhaHb2EH2gB6401OhulFmJ ceGQokwkvuvRIQ0Taryt76CS98WWEwI796sYBUgN3uxIgtL/TA7S66VkZsaCXnJk 36X/5TmElMncgtkdOevNfP8KMT8ZXEuFEYG9JL59XgdPHI+gWMyKnC/pDFVhyIfy uM50Sj3t09xjI93TOhEEli5+Jk8Ek3TE6p3F8cy3XDy4FMzWyyWoY9G9gC99TIPo 7GqY0ksZpGkhxS3UIg6Hn5035BnlTgdRmAERAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU0F3HvM3mTETH5C/3xndjg6tH0sswHwYDVR0jBBgwFoAUg+d/N7O5OFCDW6ow 7o/BLVX4cFQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYx L2ctZF9ON081T0ZDRFc2b3c3b19CTFZYNGNGUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZy1kX043TzVPRkNEVzZvdzdvX0JMVlg0Y0ZRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTYxLzBGM0h2TTNtVEVUSDVD XzN4bmRqZzZ0SDBzcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BALTm1wwDQYJKoZIhvcNAQELBQADggEBAB7b/knTLE0tqAr2Y93ktqzjBTQk6XoV GW5ESBZuLDhL3uAAYBPkUsnn0SY8B8sWCZ1Z24dgCoKHIVaMbivOLd1UL9DyKTSz iwXVMZCRNpwZMyZEWdFCg2gzgr5y/cX/xb4VoHa+qxXp5wzirYHRlviFrQf3MKCd XatSBYM13sfo8e4I+JjNejd2mYFKnJ+49t/ZOMbfMiV6LMISp7/z3IrKzbxFmakR +UBqSSxnjW7kfjs47H2JprwJAgPl0IUFfg7jNCPhYLzlKz3S2Bsj0fF/hWXDXs4X ZeMO3imkpJXNpp4DcPZ6xq0ojw3KFThYHEr/UsgShs+f0j8oQRDxlf4= -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:09 2025 by rpki-client