$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/3QjC3-XSLmJZz02wQZuCkta7Xnw.roa File: 3QjC3-XSLmJZz02wQZuCkta7Xnw.roa (raw, json) Hash identifier: ln0fFwBXrapjwzHdHhBnfDZ7fb/4SGC9W2ay/1NUTew= Subject key identifier: DD:08:C2:DF:E5:D2:2E:62:59:CF:4D:B0:41:9B:82:92:D6:BB:5E:7C Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 185F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3QjC3-XSLmJZz02wQZuCkta7Xnw.roa Signing time: Fri 17 Jan 2025 01:24:59 +0000 ROA not before: Fri 17 Jan 2025 01:24:59 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6239 (0x185f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:59 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=DD08C2DFE5D22E6259CF4DB0419B8292D6BB5E7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b4:27:2e:4b:07:5b:fd:06:5c:6f:bd:d6:67: 7c:1d:2d:8a:79:21:95:23:08:76:d4:dd:a8:00:8f: da:81:0d:04:c0:ea:67:69:02:0d:30:2b:db:82:7b: d3:94:b1:01:03:41:0f:f7:b1:5d:51:71:f7:68:15: 73:77:fe:b7:dd:84:ac:17:35:93:34:f2:9c:e9:c9: 05:a3:d9:9e:f2:03:5e:5d:4e:9c:b4:1d:f9:32:39: 73:52:50:76:d9:1f:6b:79:1d:fd:4d:62:83:c6:5f: e1:c8:6c:85:95:fb:58:b3:ee:1e:4a:d3:c1:e4:29: b7:0a:a0:34:a6:2e:10:41:bd:f9:ec:d2:41:32:21: b9:74:01:72:b9:08:36:9c:c6:5b:42:a7:56:d1:be: c0:9d:44:e0:5f:a7:c7:1a:81:a8:2c:fc:0d:45:6f: 86:0a:b7:9a:d0:0b:38:cb:85:4c:bb:66:d8:70:74: dc:6c:f6:2f:bd:47:c6:72:68:9c:03:12:3b:11:81: 6d:6c:23:a0:d1:bb:78:c3:a9:0d:ce:61:63:bb:39: c1:dd:82:57:b5:81:50:ce:97:ac:8c:59:4f:a3:54: 81:bc:eb:70:85:3d:5c:6b:1e:3b:5b:e6:0b:93:ea: 28:1f:5c:13:18:ff:51:f7:23:06:10:5a:f8:8a:a9: 85:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:08:C2:DF:E5:D2:2E:62:59:CF:4D:B0:41:9B:82:92:D6:BB:5E:7C X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/3QjC3-XSLmJZz02wQZuCkta7Xnw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.16.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:84:52:45:d1:19:a9:07:d2:c6:d4:7f:12:0d:0b:d1:c3:7b: 80:45:74:aa:65:bb:c3:31:c4:14:70:b4:62:0d:73:f2:41:39: 93:4c:34:29:42:4f:50:00:d2:5d:2f:3c:bc:59:a9:6c:f9:d1: 65:f5:69:47:c8:2f:cd:41:c3:21:0e:37:dc:30:7d:43:fa:84: c6:d5:a6:0c:98:5c:a5:95:96:a0:97:9b:c1:29:fb:4f:ad:cb: 35:c0:e3:66:52:03:b3:51:6d:dd:b4:9a:9f:1f:e7:4c:5d:fd: b4:80:5c:82:11:e5:8c:e2:0e:c6:94:1d:ab:6d:c5:f7:93:67: 65:86:78:10:3a:3f:1b:5f:af:76:ab:fd:9f:1e:af:9a:c9:e5: da:6a:52:52:9b:e4:d0:34:cb:55:28:f2:37:d1:06:6b:cf:b7: cd:97:e7:3b:02:05:d8:2e:e4:86:0a:52:c5:b0:20:9f:08:de: 35:f2:fd:ae:ac:65:a1:8c:45:b0:c9:8b:a4:04:c2:6e:47:ff: dc:a8:4d:30:f8:cc:bf:9a:70:6f:ce:12:12:4a:ee:c5:9c:cc: 58:06:69:57:9b:65:01:8f:79:c2:ac:8a:d6:34:5b:0a:e6:f3: fa:7f:dc:cd:ec:38:7a:58:e7:bb:4e:61:ad:c4:f5:a3:17:cd: 6a:51:65:3e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGF8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEREMDhDMkRGRTVEMjJF NjI1OUNGNERCMDQxOUI4MjkyRDZCQjVFN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDWtCcuSwdb/QZcb73WZ3wdLYp5IZUjCHbU3agAj9qBDQTA6mdp Ag0wK9uCe9OUsQEDQQ/3sV1RcfdoFXN3/rfdhKwXNZM08pzpyQWj2Z7yA15dTpy0 HfkyOXNSUHbZH2t5Hf1NYoPGX+HIbIWV+1iz7h5K08HkKbcKoDSmLhBBvfns0kEy Ibl0AXK5CDacxltCp1bRvsCdROBfp8cagags/A1Fb4YKt5rQCzjLhUy7ZthwdNxs 9i+9R8ZyaJwDEjsRgW1sI6DRu3jDqQ3OYWO7OcHdgle1gVDOl6yMWU+jVIG863CF PVxrHjtb5guT6igfXBMY/1H3IwYQWviKqYWFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU3QjC3+XSLmJZz02wQZuCkta7XnwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzNRakMzLVhTTG1KWnow MndRWnVDa3RhN1hudy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RAwDQYJKoZIhvcNAQELBQADggEBAG+EUkXRGakH0sbUfxINC9HDe4BFdKpl u8MxxBRwtGINc/JBOZNMNClCT1AA0l0vPLxZqWz50WX1aUfIL81BwyEON9wwfUP6 hMbVpgyYXKWVlqCXm8Ep+0+tyzXA42ZSA7NRbd20mp8f50xd/bSAXIIR5YziDsaU HattxfeTZ2WGeBA6Pxtfr3ar/Z8er5rJ5dpqUlKb5NA0y1Uo8jfRBmvPt82X5zsC Bdgu5IYKUsWwIJ8I3jXy/a6sZaGMRbDJi6QEwm5H/9yoTTD4zL+acG/OEhJK7sWc zFgGaVebZQGPecKsitY0Wwrm8/p/3M3sOHpY57tOYa3E9aMXzWpRZT4= -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:08 2025 by rpki-client