$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/1rqPv4Uwo7Q5lxUx4OsjB_NojZI.roa File: 1rqPv4Uwo7Q5lxUx4OsjB_NojZI.roa (raw, json) Hash identifier: B24ErTEGRZTQZgqX1tZd3mVxjZNeez3Y3dn5EKxu2p8= Subject key identifier: D6:BA:8F:BF:85:30:A3:B4:39:97:15:31:E0:EB:23:07:F3:68:8D:92 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 185B Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1rqPv4Uwo7Q5lxUx4OsjB_NojZI.roa Signing time: Fri 17 Jan 2025 01:24:57 +0000 ROA not before: Fri 17 Jan 2025 01:24:57 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 59083 IP address blocks: 202.136.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6235 (0x185b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:57 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D6BA8FBF8530A3B439971531E0EB2307F3688D92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:81:20:ae:1a:94:d5:61:d8:da:33:6b:97:ad: 34:ed:60:ad:18:79:48:d8:60:92:ec:1f:6d:db:76: a5:68:53:d4:ac:c2:e7:6c:29:e6:79:5c:8c:16:29: fc:a5:8e:42:3a:eb:ee:42:75:82:3a:ec:51:8f:af: 19:00:33:3e:94:58:5d:1a:b5:fb:2a:1d:92:73:2e: 81:ed:18:6c:53:1d:01:41:10:87:18:96:c4:2c:42: 5e:f6:26:12:77:ce:b6:d8:96:88:72:c7:dd:ac:ce: 2c:b7:ca:26:d0:f9:e5:f6:d5:d5:df:aa:dc:08:0f: ba:53:ba:78:a0:3f:63:e7:b5:77:90:37:45:9e:bd: f2:2a:2f:c8:be:7e:34:15:2f:a2:c0:95:7f:2a:e4: cf:bc:55:db:fb:25:da:2e:84:1e:d4:1d:aa:36:d7: 48:19:92:5d:3f:0c:01:73:e5:6a:4e:0f:da:4e:8e: 9c:29:ca:88:58:9f:45:6b:c7:06:aa:49:06:b2:b7: 78:2b:2d:93:f0:fe:b1:12:f2:a6:7e:87:b6:61:8e: 6b:70:43:20:4b:70:1f:90:c9:58:8d:84:bc:95:55: 90:20:53:88:56:c0:4e:e6:1f:d6:9d:16:b4:a8:b2: c4:e5:a4:8f:83:a4:41:3f:0f:25:b1:c1:68:56:0b: dd:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:BA:8F:BF:85:30:A3:B4:39:97:15:31:E0:EB:23:07:F3:68:8D:92 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/1rqPv4Uwo7Q5lxUx4OsjB_NojZI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.136.248.0/22 Signature Algorithm: sha256WithRSAEncryption 5a:d9:15:28:7b:dc:9a:2f:d5:f5:e6:0d:5a:5c:76:ee:5e:80: 1b:62:a0:03:ed:5c:dc:42:2b:ed:79:9f:3f:11:6c:a4:64:7f: 35:98:a8:27:4b:28:a4:85:e4:c7:b0:52:db:33:ea:50:55:d3: 13:ed:05:2c:d2:c5:56:87:86:7f:38:bb:f2:57:86:26:f0:38: c8:90:0b:4e:fb:00:4b:42:43:d6:71:23:14:b7:68:30:c3:fe: cf:07:8b:e5:87:32:98:d5:2c:b9:26:96:37:e2:f8:fd:c3:bb: 8a:80:b9:df:fb:3f:fb:fc:47:76:c2:b9:47:32:b3:e5:9e:4d: b6:6f:76:24:ab:98:46:2d:07:f5:7e:12:b7:35:06:47:7b:07: f2:e0:f0:6d:87:84:be:b5:0b:8e:14:f8:67:60:fd:e8:1e:b4: 11:cf:d9:52:5b:41:c8:e7:12:5c:2b:bf:26:fc:14:7d:55:ae: 32:0f:24:55:3b:e1:5f:39:40:87:75:40:3a:84:39:bc:99:37: c8:c0:33:29:9f:da:8f:03:56:b3:a5:b0:9a:26:33:7a:00:96: 98:78:9a:ce:3c:21:2c:8f:3c:f5:0c:5c:2e:7d:65:89:e5:38: 76:fa:55:0d:f1:9c:9c:7a:b5:20:a1:0b:88:50:67:f4:1d:10: d1:01:bf:c4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ2QkE4RkJGODUzMEEz QjQzOTk3MTUzMUUwRUIyMzA3RjM2ODhEOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUgSCuGpTVYdjaM2uXrTTtYK0YeUjYYJLsH23bdqVoU9Sswuds KeZ5XIwWKfyljkI66+5CdYI67FGPrxkAMz6UWF0atfsqHZJzLoHtGGxTHQFBEIcY lsQsQl72JhJ3zrbYlohyx92sziy3yibQ+eX21dXfqtwID7pTunigP2PntXeQN0We vfIqL8i+fjQVL6LAlX8q5M+8Vdv7JdouhB7UHao210gZkl0/DAFz5WpOD9pOjpwp yohYn0VrxwaqSQayt3grLZPw/rES8qZ+h7ZhjmtwQyBLcB+QyViNhLyVVZAgU4hW wE7mH9adFrSossTlpI+DpEE/DyWxwWhWC93/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU1rqPv4Uwo7Q5lxUx4OsjB/NojZIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzFycVB2NFV3bzdRNWx4 VXg0T3NqQl9Ob2paSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BALKiPgwDQYJKoZIhvcNAQELBQADggEBAFrZFSh73Jov1fXmDVpcdu5egBtioAPt XNxCK+15nz8RbKRkfzWYqCdLKKSF5MewUtsz6lBV0xPtBSzSxVaHhn84u/JXhibw OMiQC077AEtCQ9ZxIxS3aDDD/s8Hi+WHMpjVLLkmljfi+P3Du4qAud/7P/v8R3bC uUcys+WeTbZvdiSrmEYtB/V+Erc1Bkd7B/Lg8G2HhL61C44U+Gdg/egetBHP2VJb QcjnElwrvyb8FH1VrjIPJFU74V85QId1QDqEObyZN8jAMymf2o8DVrOlsJomM3oA lph4ms48ISyPPPUMXC59ZYnlOHb6VQ3xnJx6tSChC4hQZ/QdENEBv8Q= -----END CERTIFICATE-----Generated at Fri Apr 4 18:44:15 2025 by rpki-client