$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/7kSCR2_LeZ4yRC_XwaM_j1KW1DA.roa File: 7kSCR2_LeZ4yRC_XwaM_j1KW1DA.roa (raw, json) Hash identifier: Va7sTUYjPlUt08bI7wuYQX/5wk9nRb372pUdcZxa7Qs= Subject key identifier: EE:44:82:47:6F:CB:79:9E:32:44:2F:D7:C1:A3:3F:8F:52:96:D4:30 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 189D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/7kSCR2_LeZ4yRC_XwaM_j1KW1DA.roa Signing time: Fri 17 Jan 2025 01:25:19 +0000 ROA not before: Fri 17 Jan 2025 01:25:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 24373 IP address blocks: 103.221.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6301 (0x189d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:19 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=EE4482476FCB799E32442FD7C1A33F8F5296D430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:1e:b9:e7:4e:e1:1c:8f:c8:2b:65:2e:49:12: 43:cd:05:ac:f5:7b:ee:a9:a5:0c:5f:23:8d:6b:48: 6d:97:ba:dc:57:20:2f:ac:02:70:67:35:5c:b2:55: e5:e8:dc:be:7e:b0:af:91:30:8f:4b:3e:a3:1c:9c: a0:5f:f4:2a:49:8b:a7:91:35:6d:ed:92:6f:6e:62: 1a:7b:fa:6d:33:19:fb:74:96:7b:c3:7f:1c:29:d0: c7:1f:ca:69:7e:95:30:9a:13:7b:37:ff:5f:58:85: 46:9c:54:90:c7:22:67:26:77:65:9c:c8:da:18:f2: 5e:30:a5:63:89:6e:26:3a:1c:c0:1e:d0:ab:fd:68: 26:4e:d5:ff:6b:86:59:6d:96:6c:ab:82:4f:18:60: 9c:bc:0d:fe:2b:b6:c1:42:e4:27:5f:75:f5:20:07: c1:dd:aa:0c:28:53:87:86:da:f7:22:c0:0e:df:e3: 09:60:17:73:e0:09:f7:32:a3:af:ad:3e:d8:ea:2f: 4f:ed:3e:ec:35:72:be:bf:13:f9:28:08:06:57:38: 24:b2:a3:ed:06:cf:55:a3:e0:cf:8f:a9:75:70:96: 02:2d:4d:5f:d5:d8:8a:ca:96:47:01:be:74:25:44: 65:6a:3c:8d:c2:d5:7b:a8:04:74:ec:a4:e3:76:bd: dc:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:44:82:47:6F:CB:79:9E:32:44:2F:D7:C1:A3:3F:8F:52:96:D4:30 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/7kSCR2_LeZ4yRC_XwaM_j1KW1DA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.32.0/22 Signature Algorithm: sha256WithRSAEncryption 1b:6f:45:d0:e5:e6:14:f7:4e:7e:24:49:68:10:54:c7:91:d6: bf:a4:16:1d:cd:05:e9:c6:c4:9c:ae:ed:91:8b:0c:3d:0a:ab: 22:0f:29:e0:b8:7a:36:2a:83:f0:64:dc:73:f8:d9:71:e5:2d: c3:54:38:64:f2:1c:fe:eb:24:94:59:20:7f:b4:dd:7d:bd:4b: 29:25:42:da:22:fe:70:d7:de:30:71:c5:15:1e:3c:6c:74:35: a9:a4:d6:bc:1b:ac:13:fb:a0:b7:31:0d:f1:29:bd:08:65:b6: 1e:d1:ca:b8:f6:87:06:d5:e5:38:5e:91:87:a7:cc:06:43:76: 9b:11:38:09:a3:ec:62:10:3f:ea:f6:22:8d:ae:04:bc:a0:a3: c7:55:09:81:b4:fd:74:32:7d:ab:7b:18:55:79:69:d6:2d:a3: ee:95:6c:db:28:26:05:d5:16:b7:2a:ac:28:b0:00:00:18:68: 5a:14:86:95:83:3f:3a:4f:6b:1a:89:d8:de:0b:01:e4:4c:51: 4d:47:c3:cc:64:18:4c:e1:04:46:88:ee:f1:0e:ed:5a:b0:50: 0e:81:9a:38:a5:7d:3e:72:46:01:fe:4f:07:23:b2:1b:2d:e0: b4:a0:3a:60:29:71:04:7b:5e:62:44:a6:29:4e:de:b6:21:64: e9:82:ec:3e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGJ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEVFNDQ4MjQ3NkZDQjc5 OUUzMjQ0MkZEN0MxQTMzRjhGNTI5NkQ0MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlHrnnTuEcj8grZS5JEkPNBaz1e+6ppQxfI41rSG2XutxXIC+s AnBnNVyyVeXo3L5+sK+RMI9LPqMcnKBf9CpJi6eRNW3tkm9uYhp7+m0zGft0lnvD fxwp0Mcfyml+lTCaE3s3/19YhUacVJDHImcmd2WcyNoY8l4wpWOJbiY6HMAe0Kv9 aCZO1f9rhlltlmyrgk8YYJy8Df4rtsFC5CdfdfUgB8HdqgwoU4eG2vciwA7f4wlg F3PgCfcyo6+tPtjqL0/tPuw1cr6/E/koCAZXOCSyo+0Gz1Wj4M+PqXVwlgItTV/V 2IrKlkcBvnQlRGVqPI3C1XuoBHTspON2vdyrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU7kSCR2/LeZ4yRC/XwaM/j1KW1DAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzdrU0NSMl9MZVo0eVJD X1h3YU1fajFLVzFEQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SAwDQYJKoZIhvcNAQELBQADggEBABtvRdDl5hT3Tn4kSWgQVMeR1r+kFh3N BenGxJyu7ZGLDD0KqyIPKeC4ejYqg/Bk3HP42XHlLcNUOGTyHP7rJJRZIH+03X29 SyklQtoi/nDX3jBxxRUePGx0Namk1rwbrBP7oLcxDfEpvQhlth7Ryrj2hwbV5The kYenzAZDdpsROAmj7GIQP+r2Io2uBLygo8dVCYG0/XQyfat7GFV5adYto+6VbNso JgXVFrcqrCiwAAAYaFoUhpWDPzpPaxqJ2N4LAeRMUU1Hw8xkGEzhBEaI7vEO7Vqw UA6BmjilfT5yRgH+Twcjshst4LSgOmApcQR7XmJEpilO3rYhZOmC7D4= -----END CERTIFICATE-----Generated at Fri Apr 4 18:38:00 2025 by rpki-client