$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/413/oNap6OsaVMyII3E4-Mkjm2_xQTM.roa File: oNap6OsaVMyII3E4-Mkjm2_xQTM.roa (raw, json) Hash identifier: NagxkZ8Cy1dw6Pvlu7fc6+DIF151BQp0pmLfFe/wVCo= Subject key identifier: A0:D6:A9:E8:EB:1A:54:CC:88:23:71:38:F8:C9:23:9B:6F:F1:41:33 Certificate issuer: /CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Certificate serial: 1221 Authority key identifier: C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/oNap6OsaVMyII3E4-Mkjm2_xQTM.roa Signing time: Tue 06 May 2025 08:43:26 +0000 ROA not before: Tue 06 May 2025 08:43:26 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 62387 IP address blocks: 101.232.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 03:40:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4641 (0x1221) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=C65BF57BDC9B5BE7D97E0D65AA4222B1EFAABEAA Validity Not Before: May 6 08:43:26 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A0D6A9E8EB1A54CC88237138F8C9239B6FF14133 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:54:be:aa:1a:79:f5:53:0c:0c:e7:0c:70:5a: d2:13:39:bd:45:b2:e6:2c:9d:e9:f6:54:67:d2:09: d0:e6:37:28:37:f6:f9:a9:8d:e9:d0:ac:92:ff:0b: ff:b2:13:94:3b:cf:64:a0:d6:17:78:a3:ea:70:0a: 21:f1:22:19:62:6a:5f:6e:de:4d:4a:51:0d:55:aa: a8:8c:ba:14:01:46:dd:8e:69:81:e7:87:03:9b:b0: 3d:6c:af:1a:bb:b6:03:6f:64:7c:e6:36:50:49:6a: 2a:39:7a:31:12:7c:c7:17:ed:6e:d9:8f:1c:7b:ed: b6:c8:be:0a:b1:cb:55:4a:90:9d:49:52:bd:4b:63: 60:e2:21:c2:5b:2d:1d:b9:90:8d:da:bb:0b:60:b3: e8:1e:f0:49:21:33:49:83:f6:26:0a:54:4e:62:7c: a2:62:bf:12:df:9a:9f:7b:13:ec:3c:73:59:7f:13: a4:10:28:54:ce:45:bb:d2:15:a2:c2:b3:55:b2:bb: a9:57:09:00:80:13:8d:bc:50:42:e6:cf:6a:f5:88: 9d:87:25:70:02:4b:14:f4:f3:6d:1c:b2:42:46:04: 52:d6:97:4b:8e:6f:52:2e:a2:63:49:8a:0f:05:7a: 08:dc:d4:0b:2f:35:f0:41:30:7c:21:8b:48:97:31: de:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:D6:A9:E8:EB:1A:54:CC:88:23:71:38:F8:C9:23:9B:6F:F1:41:33 X509v3 Authority Key Identifier: keyid:C6:5B:F5:7B:DC:9B:5B:E7:D9:7E:0D:65:AA:42:22:B1:EF:AA:BE:AA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/xlv1e9ybW-fZfg1lqkIise-qvqo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/xlv1e9ybW-fZfg1lqkIise-qvqo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/413/oNap6OsaVMyII3E4-Mkjm2_xQTM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 101.232.40.0/22 Signature Algorithm: sha256WithRSAEncryption 25:9f:d8:a7:45:cf:de:2d:79:67:e1:b9:c2:38:cf:24:48:51: a0:db:2f:8d:02:4c:1e:8e:f2:eb:52:88:78:7e:96:4a:da:b3: 92:a5:07:dc:7f:14:40:2b:0e:30:18:d2:83:45:ab:81:37:da: f7:ea:0f:4e:33:28:db:7d:c7:3c:2a:0e:78:eb:e8:60:af:1d: 24:e1:8f:cb:b5:9d:48:57:a0:29:ad:77:67:ce:65:16:98:d1: 41:98:c9:74:a6:0d:a1:36:6a:43:ff:ac:a1:45:a9:53:ff:6d: 71:60:dc:dc:06:e8:1f:fc:be:29:80:cb:e2:45:61:bf:b7:b8: 6b:fa:64:de:12:d4:26:f3:f4:f5:51:77:0f:79:22:de:ce:a4: cb:57:1b:72:e2:08:8d:db:3d:4c:b4:02:91:f0:58:7f:31:f7: cc:56:00:a4:74:ab:4d:36:9e:fb:79:c4:4c:11:86:d7:d4:10: 55:a2:cf:82:d7:17:91:d4:c6:1e:f2:8b:32:fa:8b:9d:17:5f: fd:00:c8:82:c7:72:f5:8f:4b:66:a2:b4:69:22:1d:9f:e1:08: 38:fd:b5:f9:54:87:97:9e:52:2b:c6:46:f4:89:0f:51:61:6d: 75:7b:16:f6:41:5b:d5:5a:b6:e4:1d:c6:a1:d5:45:aa:23:9e: ae:28:4f:0e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzY1 QkY1N0JEQzlCNUJFN0Q5N0UwRDY1QUE0MjIyQjFFRkFBQkVBQTAeFw0yNTA1MDYw ODQzMjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEEwRDZBOUU4RUIxQTU0 Q0M4ODIzNzEzOEY4QzkyMzlCNkZGMTQxMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfVL6qGnn1UwwM5wxwWtITOb1FsuYsnen2VGfSCdDmNyg39vmp jenQrJL/C/+yE5Q7z2Sg1hd4o+pwCiHxIhlial9u3k1KUQ1VqqiMuhQBRt2OaYHn hwObsD1srxq7tgNvZHzmNlBJaio5ejESfMcX7W7Zjxx77bbIvgqxy1VKkJ1JUr1L Y2DiIcJbLR25kI3auwtgs+ge8EkhM0mD9iYKVE5ifKJivxLfmp97E+w8c1l/E6QQ KFTORbvSFaLCs1Wyu6lXCQCAE428UELmz2r1iJ2HJXACSxT0820cskJGBFLWl0uO b1IuomNJig8Fegjc1AsvNfBBMHwhi0iXMd7hAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUoNap6OsaVMyII3E4+Mkjm2/xQTMwHwYDVR0jBBgwFoAUxlv1e9ybW+fZfg1l qkIise+qvqowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEz L3hsdjFlOXliVy1mWmZnMWxxa0lpc2UtcXZxby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAveGx2MWU5eWJXLWZaZmcxbHFrSWlzZS1xdnFvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDEzL29OYXA2T3NhVk15SUkz RTQtTWtqbTJfeFFUTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJl6CgwDQYJKoZIhvcNAQELBQADggEBACWf2KdFz94teWfhucI4zyRIUaDbL40C TB6O8utSiHh+lkras5KlB9x/FEArDjAY0oNFq4E32vfqD04zKNt9xzwqDnjr6GCv HSThj8u1nUhXoCmtd2fOZRaY0UGYyXSmDaE2akP/rKFFqVP/bXFg3NwG6B/8vimA y+JFYb+3uGv6ZN4S1Cbz9PVRdw95It7OpMtXG3LiCI3bPUy0ApHwWH8x98xWAKR0 q002nvt5xEwRhtfUEFWiz4LXF5HUxh7yizL6i50XX/0AyILHcvWPS2aitGkiHZ/h CDj9tflUh5eeUivGRvSJD1FhbXV7FvZBW9VatuQdxqHVRaojnq4oTw4= -----END CERTIFICATE-----Generated at Fri May 16 02:37:34 2025 by rpki-client