$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/65/3ANA68llOiqAK9kzJqoDW4NPtfI.roa File: 3ANA68llOiqAK9kzJqoDW4NPtfI.roa (raw, json) Hash identifier: uiS2HxQNB0LmVZpVD+63G59hOl/pd6GststSwA1a7yI= Subject key identifier: DC:03:40:EB:C9:65:3A:2A:80:2B:D9:33:26:AA:03:5B:83:4F:B5:F2 Certificate issuer: /CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Certificate serial: 128C Authority key identifier: 98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/3ANA68llOiqAK9kzJqoDW4NPtfI.roa Signing time: Fri 23 May 2025 11:37:39 +0000 ROA not before: Fri 23 May 2025 11:37:39 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 4812 IP address blocks: 120.136.184.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 04 Jun 2025 03:13:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4748 (0x128c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9824C555228B28B698DDE77BC1ADD0E2807B86B9 Validity Not Before: May 23 11:37:39 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=DC0340EBC9653A2A802BD93326AA035B834FB5F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e2:6e:cc:77:17:f5:83:be:5e:b9:0c:0a:f9: 12:75:b6:33:2e:66:64:36:d5:b9:49:88:c3:24:ed: 4b:d6:ce:ee:db:a5:41:87:b9:a2:a3:38:1d:d3:e3: 63:6d:ee:0e:33:d8:f4:ac:2e:7e:b4:83:5b:3d:6a: 4b:2a:5a:5f:b1:ee:ca:40:ee:27:d4:01:28:ce:01: a5:8f:e6:9f:f1:4d:30:ef:0f:31:b5:a8:a3:eb:fe: ae:38:ec:f3:d1:36:9c:db:7b:70:fa:2d:7d:e1:79: 44:2a:2b:4b:54:02:fb:4c:45:ef:58:50:4d:13:06: a7:7d:6e:5f:7f:fb:91:f3:89:d5:4b:fb:f3:51:44: 87:86:44:0b:62:de:a6:fd:51:84:92:1f:5f:8e:53: 14:01:c0:08:fa:92:bb:27:2e:d6:12:f5:7d:1b:be: 6c:a1:90:82:0c:0f:7b:a2:cd:37:a4:93:9f:4f:6c: f4:50:ef:82:4c:ac:99:64:c2:d2:97:0b:38:6f:5d: 50:8e:0e:07:4d:c4:5a:29:69:0e:c9:9d:b4:e8:34: 7c:a4:dc:84:a1:dc:98:eb:16:0e:d8:70:6e:d1:89: ce:26:6d:ab:c0:d1:b1:96:23:82:26:cd:43:ea:9b: 4f:45:e3:ae:c8:c0:ac:fa:a2:07:79:a0:be:25:0b: c4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:03:40:EB:C9:65:3A:2A:80:2B:D9:33:26:AA:03:5B:83:4F:B5:F2 X509v3 Authority Key Identifier: keyid:98:24:C5:55:22:8B:28:B6:98:DD:E7:7B:C1:AD:D0:E2:80:7B:86:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/mCTFVSKLKLaY3ed7wa3Q4oB7hrk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/65/3ANA68llOiqAK9kzJqoDW4NPtfI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 120.136.184.0/22 Signature Algorithm: sha256WithRSAEncryption 62:d3:45:0b:3f:66:ed:a0:b5:6d:9a:f7:67:36:da:47:05:f7: 54:d2:e4:5c:c7:48:71:34:88:61:3c:3a:01:56:9a:b5:81:dd: e2:18:b9:81:46:8c:57:46:dd:d2:7a:fc:95:6e:4d:35:63:fe: a9:b5:85:a1:3c:12:b8:7b:90:4a:36:6a:d1:3d:23:68:47:a5: ed:2a:b7:c5:53:a8:81:b9:fd:e4:dd:c9:ae:69:ba:e8:fb:b9: 30:0d:13:69:b0:ff:3e:55:69:3e:c2:5d:a6:19:8c:2c:79:cb: 8d:22:f7:32:3a:ef:d7:fe:af:7c:e8:76:17:c7:2e:d3:52:eb: 5c:09:17:6c:70:3e:9d:aa:96:64:c3:58:1c:f5:4a:1f:a6:2a: 11:bb:45:d3:14:d0:4f:89:cf:65:f1:3e:5c:3f:d6:c5:3c:c8: 33:90:83:c6:ec:95:97:0b:0b:f9:8e:2a:34:be:2c:1b:68:a9: 60:f8:cc:5f:37:7f:77:3a:28:ee:6e:40:2e:a6:7c:56:03:c5: 63:fa:11:4a:30:d4:b2:bb:90:2a:0a:2d:c1:f3:79:81:99:d4: a2:c2:44:05:77:df:e0:3e:24:20:d1:f3:e5:49:a8:a5:68:2a: 64:7f:da:1e:01:52:ad:72:8d:7d:4d:93:04:b2:c5:28:c8:a5: ff:b8:24:ea -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICEowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTgy NEM1NTUyMjhCMjhCNjk4RERFNzdCQzFBREQwRTI4MDdCODZCOTAeFw0yNTA1MjMx MTM3MzlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERDMDM0MEVCQzk2NTNB MkE4MDJCRDkzMzI2QUEwMzVCODM0RkI1RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC94m7Mdxf1g75euQwK+RJ1tjMuZmQ21blJiMMk7UvWzu7bpUGH uaKjOB3T42Nt7g4z2PSsLn60g1s9aksqWl+x7spA7ifUASjOAaWP5p/xTTDvDzG1 qKPr/q447PPRNpzbe3D6LX3heUQqK0tUAvtMRe9YUE0TBqd9bl9/+5HzidVL+/NR RIeGRAti3qb9UYSSH1+OUxQBwAj6krsnLtYS9X0bvmyhkIIMD3uizTekk59PbPRQ 74JMrJlkwtKXCzhvXVCODgdNxFopaQ7JnbToNHyk3ISh3JjrFg7YcG7Ric4mbavA 0bGWI4ImzUPqm09F467IwKz6ogd5oL4lC8RFAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQU3ANA68llOiqAK9kzJqoDW4NPtfIwHwYDVR0jBBgwFoAUmCTFVSKLKLaY3ed7 wa3Q4oB7hrkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjUv bUNURlZTS0xLTGFZM2VkN3dhM1E0b0I3aHJrLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9tQ1RGVlNLTEtMYVkzZWQ3d2EzUTRvQjdocmsuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC82NS8zQU5BNjhsbE9pcUFLOWt6 SnFvRFc0TlB0Zkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC eIi4MA0GCSqGSIb3DQEBCwUAA4IBAQBi00ULP2btoLVtmvdnNtpHBfdU0uRcx0hx NIhhPDoBVpq1gd3iGLmBRoxXRt3SevyVbk01Y/6ptYWhPBK4e5BKNmrRPSNoR6Xt KrfFU6iBuf3k3cmuabro+7kwDRNpsP8+VWk+wl2mGYwsecuNIvcyOu/X/q986HYX xy7TUutcCRdscD6dqpZkw1gc9UofpioRu0XTFNBPic9l8T5cP9bFPMgzkIPG7JWX Cwv5jio0viwbaKlg+MxfN393OijubkAupnxWA8Vj+hFKMNSyu5AqCi3B83mBmdSi wkQFd9/gPiQg0fPlSailaCpkf9oeAVKtco19TZMEssUoyKX/uCTq -----END CERTIFICATE-----Generated at Wed Jun 4 02:52:59 2025 by rpki-client