$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/H9q32OJCWeMsI1iOS9YSlrbko8I.roa File: H9q32OJCWeMsI1iOS9YSlrbko8I.roa (raw, json) Hash identifier: VKtINMtSzfs35WPUZSFaFY+YbMsu1/gBBZ01PzMZESc= Subject key identifier: 1F:DA:B7:D8:E2:42:59:E3:2C:23:58:8E:4B:D6:12:96:B6:E4:A3:C2 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 14AD Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/H9q32OJCWeMsI1iOS9YSlrbko8I.roa Signing time: Wed 30 Jul 2025 02:47:59 +0000 ROA not before: Wed 30 Jul 2025 02:47:59 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 115.32.60.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 11:04:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5293 (0x14ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jul 30 02:47:59 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=1FDAB7D8E24259E32C23588E4BD61296B6E4A3C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:82:87:ec:e0:ef:11:0a:37:89:58:c2:77:ea: 06:d2:7c:05:64:c6:73:b7:1e:93:aa:d1:e1:45:3e: 9b:9f:3c:7f:29:da:53:f0:69:b2:c0:f7:85:75:65: c0:d9:18:63:81:bd:4c:8f:10:de:ed:c2:7b:03:54: b2:da:8e:b0:c0:1d:ff:12:fc:9c:15:25:7c:7c:8c: 7e:fd:5d:29:2d:90:cb:3a:4c:b2:d8:f8:cd:22:e1: 03:8b:17:b5:8b:d3:1b:9a:06:55:31:da:61:6c:29: 5b:61:58:dd:08:6f:e2:4f:f9:90:f2:83:1a:ae:eb: 29:be:fd:b0:02:c8:9b:f9:8f:c4:76:c2:0d:63:51: 58:41:3e:27:8e:32:27:5a:ea:ff:0f:75:08:7f:bb: f1:cc:f9:46:a4:8a:95:6e:ac:e4:58:54:d2:d2:a9: 8f:e3:ed:a7:8f:be:44:9e:23:c6:65:68:e4:e2:3f: 6e:73:05:34:4f:76:40:58:85:56:e3:5d:4d:a2:a3: 7a:94:3c:5f:39:06:2b:7b:b0:5a:80:c7:9e:76:f2: 7d:a9:a1:35:a6:74:4a:6e:4a:16:6f:a5:08:17:16: 87:04:c8:c5:4f:1c:fb:bc:50:97:47:01:0d:65:61: 24:0f:c2:c3:e6:03:35:59:eb:5e:8e:5a:6f:85:d1: 85:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:DA:B7:D8:E2:42:59:E3:2C:23:58:8E:4B:D6:12:96:B6:E4:A3:C2 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/H9q32OJCWeMsI1iOS9YSlrbko8I.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.32.60.0/22 Signature Algorithm: sha256WithRSAEncryption 28:24:14:35:f3:da:03:bf:8b:71:07:51:54:75:ce:e1:0e:d1: 97:cd:f5:e0:30:e3:26:e1:59:f2:6a:8b:ca:64:c3:33:cc:a0: 72:6c:3d:80:98:d2:90:7e:d5:89:0b:2f:60:6b:bd:34:91:37: 61:ed:98:12:d3:18:f3:93:ec:27:80:03:d2:21:33:05:6a:27: a3:0d:fe:fa:2b:85:8a:10:81:f2:1e:5c:89:62:52:0b:4c:18: 1a:5e:67:6c:9a:99:79:cc:39:11:df:2d:60:9f:03:da:26:03: 45:af:96:e3:eb:fa:1c:d1:14:0a:ce:3f:38:b6:a1:52:a9:ae: f4:cf:cc:e9:43:80:cc:d0:fa:39:87:02:6d:26:b9:23:4b:31: 46:80:0d:b1:51:96:e5:e8:c2:df:a3:ae:91:ad:d2:eb:8e:d4: d3:2d:e3:fb:9c:07:37:11:4f:b0:b9:86:ef:1e:72:02:17:ab: d2:d8:a8:5f:c8:be:9f:e7:90:4f:9b:38:c5:b1:4b:10:d8:5e: 4d:11:e5:b4:a0:c6:26:16:9a:56:31:95:3d:9b:5c:41:88:a1: 3c:f3:3a:e8:d8:61:03:bb:95:31:92:58:67:2d:8a:fa:44:0e: 20:dc:b5:cd:b0:00:24:b8:23:98:4f:ff:ce:01:5a:4c:f6:78: c3:2d:35:e8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFK0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA3MzAw MjQ3NTlaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDFGREFCN0Q4RTI0MjU5 RTMyQzIzNTg4RTRCRDYxMjk2QjZFNEEzQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCngofs4O8RCjeJWMJ36gbSfAVkxnO3HpOq0eFFPpufPH8p2lPw abLA94V1ZcDZGGOBvUyPEN7twnsDVLLajrDAHf8S/JwVJXx8jH79XSktkMs6TLLY +M0i4QOLF7WL0xuaBlUx2mFsKVthWN0Ib+JP+ZDygxqu6ym+/bACyJv5j8R2wg1j UVhBPieOMida6v8PdQh/u/HM+UakipVurORYVNLSqY/j7aePvkSeI8ZlaOTiP25z BTRPdkBYhVbjXU2io3qUPF85Bit7sFqAx5528n2poTWmdEpuShZvpQgXFocEyMVP HPu8UJdHAQ1lYSQPwsPmAzVZ616OWm+F0YXTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUH9q32OJCWeMsI1iOS9YSlrbko8IwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvSDlxMzJPSkNXZU1z STFpT1M5WVNscmJrbzhJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnMgPDANBgkqhkiG9w0BAQsFAAOCAQEAKCQUNfPaA7+LcQdRVHXO4Q7Rl831 4DDjJuFZ8mqLymTDM8ygcmw9gJjSkH7ViQsvYGu9NJE3Ye2YEtMY85PsJ4AD0iEz BWonow3++iuFihCB8h5ciWJSC0wYGl5nbJqZecw5Ed8tYJ8D2iYDRa+W4+v6HNEU Cs4/OLahUqmu9M/M6UOAzND6OYcCbSa5I0sxRoANsVGW5ejC36Ouka3S647U0y3j +5wHNxFPsLmG7x5yAher0tioX8i+n+eQT5s4xbFLENheTRHltKDGJhaaVjGVPZtc QYihPPM66NhhA7uVMZJYZy2K+kQOINy1zbAAJLgjmE//zgFaTPZ4wy016A== -----END CERTIFICATE-----Generated at Sun Aug 24 08:59:43 2025 by rpki-client