$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3014/Oc8sfiQ4ZUoyAHg4pEFeTgVH04U.roa File: Oc8sfiQ4ZUoyAHg4pEFeTgVH04U.roa (raw, json) Hash identifier: iiz8kwnyRBFXvw75owc8HfsEnxZTYf5IJhWKDRQECAI= Subject key identifier: 39:CF:2C:7E:24:38:65:4A:32:00:78:38:A4:41:5E:4E:05:47:D3:85 Certificate issuer: /CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Certificate serial: 14A8 Authority key identifier: 3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Oc8sfiQ4ZUoyAHg4pEFeTgVH04U.roa Signing time: Wed 30 Jul 2025 02:47:57 +0000 ROA not before: Wed 30 Jul 2025 02:47:57 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 55990 IP address blocks: 115.32.56.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 11:04:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5288 (0x14a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ACE10C838292C6FC706585B444EBAEDCA2A11B9 Validity Not Before: Jul 30 02:47:57 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=39CF2C7E2438654A32007838A4415E4E0547D385 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:2d:a1:b9:1f:8e:19:3e:15:d1:91:77:ca:61: e1:8b:1f:2f:eb:91:d7:0b:7b:b8:ca:31:cc:b4:3f: f6:8e:63:5e:56:d6:42:cf:e0:85:34:7f:df:98:97: 2d:ce:33:3e:e3:53:d6:37:89:f0:7c:00:5d:ac:cd: fc:72:82:6a:32:1e:20:1d:07:76:de:46:7a:25:ce: 06:bc:76:06:02:aa:b5:71:47:8e:b1:2f:38:81:8a: 6c:f6:8c:2b:29:52:3b:fb:9e:e3:6c:38:7d:de:d0: 2b:be:40:a4:d6:75:ac:72:03:6d:bf:cf:3c:79:35: 44:82:ee:cc:1a:b4:02:b5:4e:d1:59:14:8f:9c:22: d9:ab:de:72:e2:16:c7:cd:77:a7:76:dd:c6:7e:3c: 6c:41:fa:b3:a0:94:0d:a8:bd:c8:4a:c3:78:30:68: cc:a6:1c:52:fe:e7:b5:82:81:04:94:d9:24:91:9c: 34:10:ac:77:7f:bf:60:ed:71:32:7e:8d:2e:0d:c3: b9:9d:97:f1:6b:f4:63:83:4b:28:86:08:14:7e:11: dc:a4:72:2b:a7:2a:1c:59:f6:3b:b7:5f:8b:f6:6d: c7:af:42:f0:88:c8:48:cd:3c:4a:f7:ab:e5:4a:5a: 22:f2:7d:d3:07:40:39:7d:93:fd:fa:48:00:f8:fb: 82:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:CF:2C:7E:24:38:65:4A:32:00:78:38:A4:41:5E:4E:05:47:D3:85 X509v3 Authority Key Identifier: keyid:3A:CE:10:C8:38:29:2C:6F:C7:06:58:5B:44:4E:BA:ED:CA:2A:11:B9 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Os4QyDgpLG_HBlhbRE667coqEbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Os4QyDgpLG_HBlhbRE667coqEbk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3014/Oc8sfiQ4ZUoyAHg4pEFeTgVH04U.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.32.56.0/22 Signature Algorithm: sha256WithRSAEncryption 89:93:31:b7:b5:2f:aa:f9:64:af:95:f1:58:7c:c7:0b:be:b8: 49:7e:a6:60:35:3d:e5:70:4e:08:0e:e3:15:b2:e6:30:31:e5: 32:2f:8d:97:5a:0a:9b:ec:9a:7b:2e:bd:b1:49:d4:c6:f8:00: 2d:da:98:aa:e4:91:cf:de:3d:6b:4b:2d:c2:92:85:f5:8f:7f: 96:94:ef:06:c2:71:72:f4:b1:78:a3:2b:9a:2a:23:3b:4c:33: 63:4a:b8:18:e6:c2:88:ac:63:79:bf:fa:42:e7:8e:2d:b7:4b: 1d:af:52:c0:cb:71:3d:da:9e:27:b2:c0:31:e3:4f:69:b3:da: 4e:a8:0a:49:59:9e:9e:b8:f9:87:9a:5a:7e:24:4a:ea:d7:f8: 70:2a:7c:b6:c0:3a:8d:e5:55:83:72:8c:2a:e8:11:7e:18:42: da:7c:98:71:92:d5:2d:c5:be:59:12:c5:f2:54:f8:21:77:41: 46:d1:0e:c6:57:86:b1:aa:4b:f6:8e:6d:de:43:e6:08:c5:fd: 87:03:46:3a:d7:57:8f:55:2b:38:46:0f:51:bf:3b:83:33:6f: 01:98:db:11:89:28:87:03:e3:11:44:64:4d:5b:bc:d2:b5:d8: 8f:e3:f6:d5:12:e6:b4:4b:1f:4c:cc:17:19:33:f3:5c:e0:c4: f5:65:84:31 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD RTEwQzgzODI5MkM2RkM3MDY1ODVCNDQ0RUJBRURDQTJBMTFCOTAeFw0yNTA3MzAw MjQ3NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM5Q0YyQzdFMjQzODY1 NEEzMjAwNzgzOEE0NDE1RTRFMDU0N0QzODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6LaG5H44ZPhXRkXfKYeGLHy/rkdcLe7jKMcy0P/aOY15W1kLP 4IU0f9+Yly3OMz7jU9Y3ifB8AF2szfxygmoyHiAdB3beRnolzga8dgYCqrVxR46x LziBimz2jCspUjv7nuNsOH3e0Cu+QKTWdaxyA22/zzx5NUSC7swatAK1TtFZFI+c Itmr3nLiFsfNd6d23cZ+PGxB+rOglA2ovchKw3gwaMymHFL+57WCgQSU2SSRnDQQ rHd/v2DtcTJ+jS4Nw7mdl/Fr9GODSyiGCBR+EdykciunKhxZ9ju3X4v2bcevQvCI yEjNPEr3q+VKWiLyfdMHQDl9k/36SAD4+4JJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOc8sfiQ4ZUoyAHg4pEFeTgVH04UwHwYDVR0jBBgwFoAUOs4QyDgpLG/HBlhb RE667coqEbkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAx NC9PczRReURncExHX0hCbGhiUkU2Njdjb3FFYmsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL09zNFF5RGdwTEdfSEJsaGJSRTY2N2NvcUViay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMTQvT2M4c2ZpUTRaVW95 QUhnNHBFRmVUZ1ZIMDRVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAnMgODANBgkqhkiG9w0BAQsFAAOCAQEAiZMxt7Uvqvlkr5XxWHzHC764SX6m YDU95XBOCA7jFbLmMDHlMi+Nl1oKm+yaey69sUnUxvgALdqYquSRz949a0stwpKF 9Y9/lpTvBsJxcvSxeKMrmiojO0wzY0q4GObCiKxjeb/6QueOLbdLHa9SwMtxPdqe J7LAMeNPabPaTqgKSVmenrj5h5pafiRK6tf4cCp8tsA6jeVVg3KMKugRfhhC2nyY cZLVLcW+WRLF8lT4IXdBRtEOxleGsapL9o5t3kPmCMX9hwNGOtdXj1UrOEYPUb87 gzNvAZjbEYkohwPjEURkTVu80rXYj+P21RLmtEsfTMwXGTPzXODE9WWEMQ== -----END CERTIFICATE-----Generated at Sun Aug 24 09:04:14 2025 by rpki-client