$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1826/3bsxnWCV-58Fyia2RYTKsIF6lFo.roa File: 3bsxnWCV-58Fyia2RYTKsIF6lFo.roa (raw, json) Hash identifier: c7zdBem/3Lq6TajecrUZTcy1bz8HaqngV1A2w4kKyvM= Subject key identifier: DD:BB:31:9D:60:95:FB:9F:05:CA:26:B6:45:84:CA:B0:81:7A:94:5A Certificate issuer: /CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F Certificate serial: 14C6 Authority key identifier: 75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/3bsxnWCV-58Fyia2RYTKsIF6lFo.roa Signing time: Sun 27 Apr 2025 09:29:38 +0000 ROA not before: Sun 27 Apr 2025 09:29:38 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 152320 IP address blocks: 45.254.24.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 23:42:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5318 (0x14c6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F Validity Not Before: Apr 27 09:29:38 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=DDBB319D6095FB9F05CA26B64584CAB0817A945A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:bc:0a:c5:00:15:74:f7:a7:55:ed:66:db:c3: 0e:b5:bf:5b:07:57:9e:aa:88:09:15:23:8f:e3:71: 1c:66:d9:05:14:05:82:ce:7c:da:f9:80:68:86:fc: 5a:d6:5a:6e:7b:0d:b6:70:de:bb:b4:a4:29:e3:c6: 6a:0f:2d:bb:f2:21:41:0c:55:2e:44:65:71:01:01: 2c:a5:88:f9:00:5b:23:20:dd:04:87:95:22:da:7f: 80:86:12:68:66:da:84:26:aa:4b:cd:63:07:4a:b7: d6:9b:12:a2:52:70:a6:ab:a5:db:3f:e8:72:de:f9: 2b:7a:eb:dd:d9:8c:52:f8:5f:2b:eb:8b:f3:0a:a0: 52:02:5a:b5:94:7c:84:62:bf:6b:89:fb:bf:38:1f: ff:56:8a:3b:93:17:99:3d:8f:a8:d3:33:84:92:6d: b0:17:e9:d1:37:0d:1d:70:dc:e3:21:21:c0:2e:11: e2:94:a6:4d:82:70:c0:40:f2:da:96:3d:83:91:dc: 88:25:d8:f0:42:ed:e6:86:94:d4:d3:90:ff:45:9a: d4:98:df:0d:8e:1d:26:8e:97:3d:ac:46:5c:c4:28: 23:52:5b:cb:d2:35:eb:e7:73:0a:5c:01:4a:4f:83: 34:16:c8:60:ef:89:dd:26:f1:b1:c5:f1:e1:6c:ad: 9f:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:BB:31:9D:60:95:FB:9F:05:CA:26:B6:45:84:CA:B0:81:7A:94:5A X509v3 Authority Key Identifier: keyid:75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/3bsxnWCV-58Fyia2RYTKsIF6lFo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.254.24.0/22 Signature Algorithm: sha256WithRSAEncryption 9e:a5:fe:0d:95:a0:41:ad:32:c3:fd:3d:e4:c2:a4:67:99:81: 7a:3b:2c:20:c6:cc:c4:dd:e4:f0:30:bf:e5:b1:ef:5a:ec:24: 8b:d9:97:30:b6:27:09:3e:b2:d5:e6:c5:50:d4:ea:08:de:42: da:36:2f:41:9a:3b:d5:ac:5f:7d:59:c0:9a:0c:fe:be:87:04: 1f:75:4a:e9:db:83:b9:4d:b7:5a:e9:44:cd:a7:38:78:42:a7: 2c:62:74:25:4e:af:9a:7b:73:60:4f:fc:b8:30:30:a2:d8:ba: 8f:a1:37:f6:7a:ee:b1:15:eb:4a:b1:1f:d8:84:96:40:20:c4: 64:26:32:bd:94:69:77:b3:f5:40:de:9b:68:76:f8:28:00:38: 70:62:64:ef:56:c0:e2:f1:bd:d6:e0:2f:5a:0d:5c:4f:b1:d2: db:7e:85:ee:03:58:8a:65:60:47:37:80:ca:b4:0d:08:57:6c: 2d:ac:65:cb:b1:bd:01:a6:c6:a7:6d:17:6b:01:c7:25:9b:b3: f0:31:2e:80:0f:78:6b:56:a8:b6:f7:a6:40:04:31:e0:cf:fb: 3e:09:5b:e4:2d:f4:8c:a5:0a:55:c3:bf:bb:c5:1b:7a:78:e8: a3:c2:99:a4:bc:7c:c2:8f:37:0c:87:29:a9:6d:37:0c:54:63: 04:97:32:68 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFMYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzUz MjREM0I4RjFENUVCQTU3NzBFNjYxRUUxNkFGMjRBNzUwNTU0RjAeFw0yNTA0Mjcw OTI5MzhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEREQkIzMTlENjA5NUZC OUYwNUNBMjZCNjQ1ODRDQUIwODE3QTk0NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMvArFABV096dV7Wbbww61v1sHV56qiAkVI4/jcRxm2QUUBYLO fNr5gGiG/FrWWm57DbZw3ru0pCnjxmoPLbvyIUEMVS5EZXEBASyliPkAWyMg3QSH lSLaf4CGEmhm2oQmqkvNYwdKt9abEqJScKarpds/6HLe+St6693ZjFL4Xyvri/MK oFICWrWUfIRiv2uJ+784H/9WijuTF5k9j6jTM4SSbbAX6dE3DR1w3OMhIcAuEeKU pk2CcMBA8tqWPYOR3Igl2PBC7eaGlNTTkP9FmtSY3w2OHSaOlz2sRlzEKCNSW8vS NevncwpcAUpPgzQWyGDvid0m8bHF8eFsrZ/LAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3bsxnWCV+58Fyia2RYTKsIF6lFowHwYDVR0jBBgwFoAUdTJNO48dXrpXcOZh 7havJKdQVU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy Ni9kVEpOTzQ4ZFhycFhjT1poN2hhdkpLZFFWVTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2RUSk5PNDhkWHJwWGNPWmg3aGF2SktkUVZVOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjYvM2JzeG5XQ1YtNThG eWlhMlJZVEtzSUY2bEZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAi3+GDANBgkqhkiG9w0BAQsFAAOCAQEAnqX+DZWgQa0yw/095MKkZ5mBejss IMbMxN3k8DC/5bHvWuwki9mXMLYnCT6y1ebFUNTqCN5C2jYvQZo71axffVnAmgz+ vocEH3VK6duDuU23WulEzac4eEKnLGJ0JU6vmntzYE/8uDAwoti6j6E39nrusRXr SrEf2ISWQCDEZCYyvZRpd7P1QN6baHb4KAA4cGJk71bA4vG91uAvWg1cT7HS236F 7gNYimVgRzeAyrQNCFdsLaxly7G9AabGp20XawHHJZuz8DEugA94a1aotvemQAQx 4M/7Pglb5C30jKUKVcO/u8Ubenjoo8KZpLx8wo83DIcpqW03DFRjBJcyaA== -----END CERTIFICATE-----Generated at Sat May 17 23:27:12 2025 by rpki-client