$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/4dHiXjVN_0t5E82Eruoj4TRptK0.roa File: 4dHiXjVN_0t5E82Eruoj4TRptK0.roa (raw, json) Hash identifier: VeuDebVeM6ux2AxrW31z8M9HjU/2KhW1G45gljSduAw= Subject key identifier: E1:D1:E2:5E:35:4D:FF:4B:79:13:CD:84:AE:EA:23:E1:34:69:B4:AD Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1895 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/4dHiXjVN_0t5E82Eruoj4TRptK0.roa Signing time: Fri 17 Jan 2025 01:25:17 +0000 ROA not before: Fri 17 Jan 2025 01:25:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.6.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 22:07:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6293 (0x1895) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:17 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=E1D1E25E354DFF4B7913CD84AEEA23E13469B4AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f9:b7:e8:25:46:3d:93:19:cd:a9:5a:94:94: 9c:f9:61:e3:0d:2e:21:10:6e:03:b4:3b:d4:41:c9: fc:f6:d4:ef:2c:9b:13:f1:53:28:7a:f5:e6:c8:57: e0:ac:04:f0:4e:e7:32:f1:23:70:9b:31:ea:f3:af: d6:92:b4:1e:71:b5:4d:33:ca:76:42:3e:d9:b3:60: 58:67:dd:f2:d9:c4:c2:97:1b:e5:56:54:21:92:05: 16:3f:0d:6d:6d:6c:07:4f:89:98:46:14:44:d4:af: 60:45:c7:58:a2:fd:66:6a:d7:06:63:6b:d0:12:71: d9:9f:3e:32:77:16:2e:2c:76:39:84:36:72:e4:48: 89:3e:48:33:c8:21:dc:bc:77:8c:a5:53:51:c9:ce: 70:c0:39:2d:28:8a:59:12:d8:03:9c:32:c6:a0:56: d7:8a:6a:52:3e:49:44:10:f3:93:4c:c0:67:a7:cd: 02:2d:7d:c4:1f:46:e6:32:29:b7:5c:a3:6e:24:a1: 04:bc:16:d2:23:27:3b:38:f9:84:b3:49:c8:32:f2: b0:d5:69:e1:b6:77:f1:01:7e:e5:aa:d6:3b:76:e3: 71:b7:b3:26:01:e5:4f:56:49:c9:89:0f:ce:93:b0: b6:f9:64:3f:fc:24:63:71:8d:f9:ea:b2:ea:c2:4b: 88:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:D1:E2:5E:35:4D:FF:4B:79:13:CD:84:AE:EA:23:E1:34:69:B4:AD X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/4dHiXjVN_0t5E82Eruoj4TRptK0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.6.0/24 Signature Algorithm: sha256WithRSAEncryption 85:ae:32:48:32:fe:82:cd:22:a6:23:51:83:5d:83:c7:ff:58: 79:14:84:59:fc:85:ac:20:13:86:37:00:24:87:b1:23:00:18: 1d:10:37:2a:67:da:ec:64:e0:38:68:f1:e6:e5:87:03:54:fe: 7a:7d:48:08:e4:32:5d:01:14:cb:f7:9c:41:c7:bd:9b:b4:db: f5:92:b4:1e:c4:a2:e0:56:3b:5c:96:08:c2:bf:6d:0f:cb:06: a5:ee:8f:76:6b:e4:51:92:76:20:cb:ff:1d:49:9a:5f:10:9a: 20:41:07:d9:1d:9c:be:d0:cd:35:d1:90:fe:64:02:93:a6:05: f4:6a:e0:73:11:a1:e3:5f:d1:cc:55:e1:67:5a:18:d0:be:78: 58:f8:b1:9a:f2:3b:f9:cd:34:a9:27:61:0a:fc:10:a4:12:ab: 56:31:92:41:50:b8:39:e8:c4:76:30:4d:71:4d:bd:32:41:39: df:f9:cb:27:04:1c:a2:65:65:27:5b:3f:8f:3e:5c:77:55:85: f2:5c:f7:6e:a3:1d:9f:c2:23:dc:12:88:80:f4:f6:69:a6:ed: eb:5f:74:87:cc:39:a8:bc:02:cd:64:74:f7:29:4d:a1:3d:b8: 5d:e5:8d:9e:cb:a6:d4:da:03:2e:8e:d5:6c:60:c8:47:4e:e7: c9:31:28:9c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEUxRDFFMjVFMzU0REZG NEI3OTEzQ0Q4NEFFRUEyM0UxMzQ2OUI0QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDC+bfoJUY9kxnNqVqUlJz5YeMNLiEQbgO0O9RByfz21O8smxPx Uyh69ebIV+CsBPBO5zLxI3CbMerzr9aStB5xtU0zynZCPtmzYFhn3fLZxMKXG+VW VCGSBRY/DW1tbAdPiZhGFETUr2BFx1ii/WZq1wZja9AScdmfPjJ3Fi4sdjmENnLk SIk+SDPIIdy8d4ylU1HJznDAOS0oilkS2AOcMsagVteKalI+SUQQ85NMwGenzQIt fcQfRuYyKbdco24koQS8FtIjJzs4+YSzScgy8rDVaeG2d/EBfuWq1jt243G3syYB 5U9WScmJD86TsLb5ZD/8JGNxjfnqsurCS4hzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU4dHiXjVN/0t5E82Eruoj4TRptK0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzRkSGlYalZOXzB0NUU4 MkVydW9qNFRScHRLMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QYwDQYJKoZIhvcNAQELBQADggEBAIWuMkgy/oLNIqYjUYNdg8f/WHkUhFn8 hawgE4Y3ACSHsSMAGB0QNypn2uxk4Dho8eblhwNU/np9SAjkMl0BFMv3nEHHvZu0 2/WStB7EouBWO1yWCMK/bQ/LBqXuj3Zr5FGSdiDL/x1Jml8QmiBBB9kdnL7QzTXR kP5kApOmBfRq4HMRoeNf0cxV4WdaGNC+eFj4sZryO/nNNKknYQr8EKQSq1YxkkFQ uDnoxHYwTXFNvTJBOd/5yycEHKJlZSdbP48+XHdVhfJc926jHZ/CI9wSiID09mmm 7etfdIfMOai8As1kdPcpTaE9uF3ljZ7LptTaAy6O1WxgyEdO58kxKJw= -----END CERTIFICATE-----Generated at Fri Apr 4 22:04:54 2025 by rpki-client