$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3387/dEIw97IC--lfB7uZmz6Os4ERyP4.roa File: dEIw97IC--lfB7uZmz6Os4ERyP4.roa (raw, json) Hash identifier: sca1+jICK/ivC1jrdSAkUU0z0/GAdVgbLG2sOFZ34d4= Subject key identifier: 74:42:30:F7:B2:02:FB:E9:5F:07:BB:99:9B:3E:8E:B3:81:11:C8:FE Certificate issuer: /CN=A1A0ABC5CA6F508F19F7907E94C3162152296934 Certificate serial: 04 Authority key identifier: A1:A0:AB:C5:CA:6F:50:8F:19:F7:90:7E:94:C3:16:21:52:29:69:34 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/dEIw97IC--lfB7uZmz6Os4ERyP4.roa Signing time: Thu 07 Aug 2025 08:07:52 +0000 ROA not before: Thu 07 Aug 2025 08:07:52 +0000 ROA not after: Fri 07 Aug 2026 05:14:01 +0000 asID: 151230 IP address blocks: 45.115.18.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 14:33:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A1A0ABC5CA6F508F19F7907E94C3162152296934 Validity Not Before: Aug 7 08:07:52 2025 GMT Not After : Aug 7 05:14:01 2026 GMT Subject: CN=744230F7B202FBE95F07BB999B3E8EB38111C8FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4b:bb:b7:72:86:ef:0e:c0:16:55:c7:19:de: 41:67:2b:89:06:37:0e:27:55:ca:03:b1:98:0e:45: 7a:67:d3:ad:ed:b1:d9:2f:ef:56:38:65:f2:30:0c: ef:63:34:b8:59:01:fc:14:2d:57:e7:1d:d5:3c:eb: a4:00:02:c5:ad:36:f0:4c:d4:5d:85:f1:23:2f:c6: d3:53:0b:78:d3:4d:c1:9b:b8:d4:ae:b9:fa:dc:cc: 83:b8:a1:5c:85:72:f8:5b:18:21:f7:49:d3:80:03: 78:6e:db:d4:82:08:05:9a:a7:49:0b:8c:7e:ef:c8: fa:08:3e:0c:d4:30:05:77:52:8a:a0:68:33:e2:76: f9:4f:eb:aa:a7:71:6b:b6:a6:ac:45:71:88:be:58: ec:5a:dc:0a:92:be:52:98:41:39:4c:49:80:a5:b1: f2:25:53:a2:51:09:0a:17:47:0b:05:c8:48:c7:0b: 04:60:9f:36:84:96:0f:f1:13:bb:f8:85:23:5d:85: 32:c0:d2:fa:09:a9:89:74:5c:75:2e:cb:c1:9f:da: 05:89:b9:b6:97:af:dc:43:1e:1b:53:ce:d7:9e:9e: b8:f7:48:88:b4:9f:c6:0d:76:1e:81:ee:05:b2:9f: 1e:bb:b8:75:30:ec:d8:2f:31:63:85:3f:72:fd:c5: 89:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:42:30:F7:B2:02:FB:E9:5F:07:BB:99:9B:3E:8E:B3:81:11:C8:FE X509v3 Authority Key Identifier: keyid:A1:A0:AB:C5:CA:6F:50:8F:19:F7:90:7E:94:C3:16:21:52:29:69:34 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/oaCrxcpvUI8Z95B-lMMWIVIpaTQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3387/dEIw97IC--lfB7uZmz6Os4ERyP4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.115.18.0/23 Signature Algorithm: sha256WithRSAEncryption 16:4b:87:83:33:09:ac:08:6b:b0:54:73:3b:22:7b:32:4b:8b: 1e:83:64:5c:0a:6a:a1:a3:c9:4d:2f:43:ca:e4:ff:c8:36:1b: 7e:6e:fd:aa:37:e9:3d:2d:a6:84:e7:4b:b4:a4:c7:e3:21:0c: 36:4f:b6:1b:04:2d:01:9b:89:09:c4:59:41:41:b3:c5:d9:3f: 9a:55:ab:f0:01:e0:aa:74:5f:c0:07:7b:f9:ef:6c:1c:a8:85: 42:c5:41:a5:2c:40:99:05:2e:54:be:cf:fe:8b:b0:be:f9:db: db:ba:ed:3c:8d:a7:40:c8:67:65:bd:07:53:61:de:aa:0d:58: e2:4c:3a:29:d0:00:dd:5b:59:38:ba:67:4d:86:ff:07:ec:ff: 24:65:5e:32:4c:ff:23:37:20:5d:88:83:25:36:8e:be:ae:4a: 22:82:7b:a8:60:eb:a7:fa:c7:74:67:e8:5d:00:7e:66:90:8b: 4b:21:9c:32:cc:13:af:b2:c6:4a:27:2e:8a:36:ac:d4:d8:5e: e5:b7:80:5a:aa:6a:6b:1d:0c:6a:79:e6:21:cf:f2:f3:4f:2d: 08:22:b6:a0:bf:04:fa:55:14:37:21:d6:f7:92:da:d4:54:51: 2a:8a:17:3a:df:72:81:ee:a9:60:83:1e:f8:6d:32:2f:78:0d: 65:0d:3b:c0 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBMUEw QUJDNUNBNkY1MDhGMTlGNzkwN0U5NEMzMTYyMTUyMjk2OTM0MB4XDTI1MDgwNzA4 MDc1MloXDTI2MDgwNzA1MTQwMVowMzExMC8GA1UEAxMoNzQ0MjMwRjdCMjAyRkJF OTVGMDdCQjk5OUIzRThFQjM4MTExQzhGRTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMpLu7dyhu8OwBZVxxneQWcriQY3DidVygOxmA5FemfTre2x2S/v Vjhl8jAM72M0uFkB/BQtV+cd1TzrpAACxa028EzUXYXxIy/G01MLeNNNwZu41K65 +tzMg7ihXIVy+FsYIfdJ04ADeG7b1IIIBZqnSQuMfu/I+gg+DNQwBXdSiqBoM+J2 +U/rqqdxa7amrEVxiL5Y7FrcCpK+UphBOUxJgKWx8iVTolEJChdHCwXISMcLBGCf NoSWD/ETu/iFI12FMsDS+gmpiXRcdS7LwZ/aBYm5tpev3EMeG1PO156euPdIiLSf xg12HoHuBbKfHru4dTDs2C8xY4U/cv3FiTMCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBR0QjD3sgL76V8Hu5mbPo6zgRHI/jAfBgNVHSMEGDAWgBShoKvFym9Qjxn3kH6U wxYhUilpNDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMzg3 L29hQ3J4Y3B2VUk4Wjk1Qi1sTU1XSVZJcGFUUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvb2FDcnhjcHZVSThaOTVCLWxNTVdJVklwYVRRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM4Ny9kRUl3OTdJQy0tbGZC N3VabXo2T3M0RVJ5UDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBLXMSMA0GCSqGSIb3DQEBCwUAA4IBAQAWS4eDMwmsCGuwVHM7InsyS4seg2Rc Cmqho8lNL0PK5P/INht+bv2qN+k9LaaE50u0pMfjIQw2T7YbBC0Bm4kJxFlBQbPF 2T+aVavwAeCqdF/AB3v572wcqIVCxUGlLECZBS5Uvs/+i7C++dvbuu08jadAyGdl vQdTYd6qDVjiTDop0ADdW1k4umdNhv8H7P8kZV4yTP8jNyBdiIMlNo6+rkoignuo YOun+sd0Z+hdAH5mkItLIZwyzBOvssZKJy6KNqzU2F7lt4BaqmprHQxqeeYhz/Lz Ty0IIragvwT6VRQ3Idb3ktrUVFEqihc633KB7qlggx74bTIveA1lDTvA -----END CERTIFICATE-----Generated at Thu Aug 14 11:42:10 2025 by rpki-client