$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1SCBPTTSZqC1gRTM27c6REKTAgU.roa File: 1SCBPTTSZqC1gRTM27c6REKTAgU.roa (raw, json) Hash identifier: lDzcrbHNSFZtTnY9iQCqPVnuWjPHtpB6uxwOw/zo3iQ= Subject key identifier: D5:20:81:3D:34:D2:66:A0:B5:81:14:CC:DB:B7:3A:44:42:93:02:05 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1908 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1SCBPTTSZqC1gRTM27c6REKTAgU.roa Signing time: Fri 17 Jan 2025 01:25:58 +0000 ROA not before: Fri 17 Jan 2025 01:25:58 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6408 (0x1908) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:58 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D520813D34D266A0B58114CCDBB73A4442930205 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:be:3e:cf:58:0f:5d:c3:e2:34:4b:9d:7d:aa: a2:88:b6:95:38:eb:7c:7e:af:71:8c:30:e8:3a:18: 25:37:1d:19:ff:3d:50:e0:ba:e5:4f:52:dd:3c:5e: 7d:ef:0b:0e:8d:a6:0c:ad:04:38:3a:8d:d0:da:44: 62:ca:15:16:10:81:78:5d:8c:01:79:bd:07:97:d3: 7b:36:eb:9c:95:f7:57:3b:e3:11:fc:b5:c5:84:1a: b0:70:bb:b3:0d:86:f6:1a:3c:30:ca:85:ae:e7:2f: 58:56:6e:2e:91:aa:38:db:fa:18:04:19:67:10:46: 54:af:28:7b:d9:39:4a:26:02:23:88:a3:38:50:ba: e5:23:ab:d3:e4:7b:6c:db:71:75:13:78:2c:56:3c: ce:ec:eb:de:e2:6e:22:1b:bd:6a:ed:4a:9e:c1:41: 87:6b:a2:9e:6a:c7:20:14:81:7d:c4:e0:e5:31:36: 7e:6b:c8:18:7e:a0:22:32:2b:01:99:48:88:29:32: e8:dc:86:bb:43:b7:d6:04:81:fa:03:ba:2c:fb:6c: 42:86:e3:05:8c:da:78:c0:d3:3b:b1:94:97:39:7f: 4f:07:2f:30:9c:76:f6:46:30:97:10:a0:cc:d8:a9: 08:55:c9:80:c8:59:9f:c7:4e:6f:af:02:08:39:96: 57:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:20:81:3D:34:D2:66:A0:B5:81:14:CC:DB:B7:3A:44:42:93:02:05 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1SCBPTTSZqC1gRTM27c6REKTAgU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.3.0/24 Signature Algorithm: sha256WithRSAEncryption 10:75:e2:3e:f2:63:7e:10:be:a1:54:a2:ab:94:1f:a3:cd:3d: e3:13:6b:09:9a:b9:ee:19:f4:70:4d:f2:9a:86:02:26:60:0a: 2c:2b:d4:29:d0:b5:14:0a:48:fc:bb:47:33:ea:9b:c8:cb:27: 62:76:27:cd:bc:4e:92:3f:22:40:42:16:ec:57:c1:94:6d:46: 3b:11:fe:bd:0f:fb:46:26:5d:7a:d3:b5:da:aa:63:cb:3a:7e: 48:a5:e2:83:b1:b8:f0:7a:98:54:fb:e8:27:1c:aa:18:45:96: e0:8c:c2:c7:b3:c3:be:a2:00:e9:9e:ea:56:1d:bc:e0:e3:5b: f3:07:c1:2a:57:de:b7:75:9a:61:6b:0b:21:88:53:52:fd:31: 3a:73:1a:08:06:51:e8:b2:8b:0d:73:02:73:ec:ff:0c:f0:95: ca:63:73:58:21:ff:9b:c1:ad:b9:4a:64:91:71:b6:f1:e8:e0: 4a:38:03:76:97:9a:a7:66:b6:bc:cb:72:28:97:a4:43:8f:cb: 87:63:6b:41:5b:8e:ab:b4:37:99:bf:c5:53:e1:8f:43:04:0a: 1f:8b:99:e9:a0:1c:2a:30:97:0a:0c:f2:0e:c0:cf:03:f6:dd: f6:97:e6:29:4d:15:5a:c1:e4:ff:92:01:d0:bd:c8:36:fb:e7: 23:03:3f:53 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGQgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1NThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ1MjA4MTNEMzREMjY2 QTBCNTgxMTRDQ0RCQjczQTQ0NDI5MzAyMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4vj7PWA9dw+I0S519qqKItpU463x+r3GMMOg6GCU3HRn/PVDg uuVPUt08Xn3vCw6NpgytBDg6jdDaRGLKFRYQgXhdjAF5vQeX03s265yV91c74xH8 tcWEGrBwu7MNhvYaPDDKha7nL1hWbi6Rqjjb+hgEGWcQRlSvKHvZOUomAiOIozhQ uuUjq9Pke2zbcXUTeCxWPM7s697ibiIbvWrtSp7BQYdrop5qxyAUgX3E4OUxNn5r yBh+oCIyKwGZSIgpMujchrtDt9YEgfoDuiz7bEKG4wWM2njA0zuxlJc5f08HLzCc dvZGMJcQoMzYqQhVyYDIWZ/HTm+vAgg5lld3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1SCBPTTSZqC1gRTM27c6REKTAgUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFTQ0JQVFRTWnFDMWdS VE0yN2M2UkVLVEFnVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QMwDQYJKoZIhvcNAQELBQADggEBABB14j7yY34QvqFUoquUH6PNPeMTawma ue4Z9HBN8pqGAiZgCiwr1CnQtRQKSPy7RzPqm8jLJ2J2J828TpI/IkBCFuxXwZRt RjsR/r0P+0YmXXrTtdqqY8s6fkil4oOxuPB6mFT76CccqhhFluCMwsezw76iAOme 6lYdvODjW/MHwSpX3rd1mmFrCyGIU1L9MTpzGggGUeiyiw1zAnPs/wzwlcpjc1gh /5vBrblKZJFxtvHo4Eo4A3aXmqdmtrzLciiXpEOPy4dja0Fbjqu0N5m/xVPhj0ME Ch+LmemgHCowlwoM8g7AzwP23faX5ilNFVrB5P+SAdC9yDb75yMDP1M= -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:40 2025 by rpki-client