$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/BLqrMYyIRzwbm0WMHPTeufJdNpE.roa File: BLqrMYyIRzwbm0WMHPTeufJdNpE.roa (raw, json) Hash identifier: O2OTMtPFfb++6oky+3Jnnw3BmoF6kq0DOvNGf8ODtWs= Subject key identifier: 04:BA:AB:31:8C:88:47:3C:1B:9B:45:8C:1C:F4:DE:B9:F2:5D:36:91 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 18D6 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BLqrMYyIRzwbm0WMHPTeufJdNpE.roa Signing time: Fri 17 Jan 2025 01:25:38 +0000 ROA not before: Fri 17 Jan 2025 01:25:38 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.6.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6358 (0x18d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:38 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=04BAAB318C88473C1B9B458C1CF4DEB9F25D3691 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:59:9b:a7:43:0b:16:ad:a8:fe:0d:c7:1e:1a: 97:32:dc:cf:66:63:e5:2f:eb:ac:33:5e:83:ef:5f: 6c:0f:ea:b6:4e:a5:4e:94:e6:2a:32:e5:b2:ea:db: f7:71:06:7b:47:ca:4e:33:11:7f:2d:2f:39:cc:d3: cf:3f:bc:b1:40:0d:41:55:48:77:fb:bb:d2:01:49: 15:44:7a:7e:e4:6e:aa:b2:b3:55:c3:3b:8d:1a:7f: 03:4e:52:86:f3:03:74:8e:fe:09:04:c2:19:91:75: da:e3:17:0d:ba:65:17:33:83:6a:b2:51:51:39:82: dd:51:09:bb:f1:bb:c8:b2:a4:bc:11:cc:58:e6:1f: a3:6f:75:58:d0:fc:66:cf:8d:bc:58:08:a4:95:12: 8a:13:3c:ad:89:19:ee:7c:71:21:77:1c:62:a6:2c: f2:20:90:f9:59:88:b7:b6:5d:67:a9:fb:17:13:d3: ef:42:9e:4b:2f:77:91:7d:81:56:d9:e3:4b:f9:93: 70:2b:bf:3f:f2:e3:c9:dc:db:29:ab:ba:3d:09:11: 18:ee:2d:4c:f2:78:4a:18:53:13:f6:79:f3:f9:8e: 7f:b2:77:af:30:41:fe:d4:1e:33:04:d6:3c:04:34: f2:6e:b5:34:17:cb:02:14:a6:8e:e3:13:21:03:dd: 63:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:BA:AB:31:8C:88:47:3C:1B:9B:45:8C:1C:F4:DE:B9:F2:5D:36:91 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/BLqrMYyIRzwbm0WMHPTeufJdNpE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.6.111.0/24 Signature Algorithm: sha256WithRSAEncryption dd:b7:c5:18:c2:32:4b:d7:fe:75:41:37:7b:c9:87:61:73:fd: 81:63:9c:64:d1:d2:13:5e:09:ca:e9:ed:8f:2b:f9:de:e6:18: f1:d0:50:cf:67:59:b9:b7:9e:cf:c0:9e:ea:10:17:b8:8b:e6: bd:82:fd:65:4c:2b:0a:26:b9:7e:df:8c:6a:14:13:4e:ef:02: b7:98:c3:73:31:42:67:78:85:68:c5:a1:d0:2b:8a:22:17:a6: e8:88:a4:4a:6e:66:85:6e:ba:a3:df:03:33:68:59:be:2d:d0: b7:72:b1:37:39:90:71:57:55:50:97:41:5d:81:95:b6:a5:d1: 82:b3:eb:0f:48:52:a7:1f:05:d7:b2:4f:9b:05:a5:e4:c7:57: 82:44:ef:e4:0b:b8:6a:36:b6:14:fe:bb:75:dd:00:aa:fd:a7: 9a:8f:7c:57:5f:b6:cf:c8:44:21:f5:3b:dc:50:a4:d1:40:3b: 2a:a6:32:cb:2b:c6:18:0f:b1:7c:92:7a:9d:8a:0d:1e:8e:72: 96:72:97:6f:4b:6b:43:64:de:d4:2a:4f:a8:d2:bf:d7:9b:f3: 68:8c:12:0f:fa:ea:d0:c9:0d:f2:25:04:8d:12:db:56:69:33: ff:50:26:10:39:54:2f:f9:29:58:98:08:b3:88:01:2e:b2:15: 81:68:69:21 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MzhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA0QkFBQjMxOEM4ODQ3 M0MxQjlCNDU4QzFDRjRERUI5RjI1RDM2OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8WZunQwsWraj+DcceGpcy3M9mY+Uv66wzXoPvX2wP6rZOpU6U 5ioy5bLq2/dxBntHyk4zEX8tLznM088/vLFADUFVSHf7u9IBSRVEen7kbqqys1XD O40afwNOUobzA3SO/gkEwhmRddrjFw26ZRczg2qyUVE5gt1RCbvxu8iypLwRzFjm H6NvdVjQ/GbPjbxYCKSVEooTPK2JGe58cSF3HGKmLPIgkPlZiLe2XWep+xcT0+9C nksvd5F9gVbZ40v5k3Arvz/y48nc2ymruj0JERjuLUzyeEoYUxP2efP5jn+yd68w Qf7UHjME1jwENPJutTQXywIUpo7jEyED3WMtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUBLqrMYyIRzwbm0WMHPTeufJdNpEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0JMcXJNWXlJUnp3Ym0w V01IUFRldWZKZE5wRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnBm8wDQYJKoZIhvcNAQELBQADggEBAN23xRjCMkvX/nVBN3vJh2Fz/YFjnGTR 0hNeCcrp7Y8r+d7mGPHQUM9nWbm3ns/AnuoQF7iL5r2C/WVMKwomuX7fjGoUE07v AreYw3MxQmd4hWjFodAriiIXpuiIpEpuZoVuuqPfAzNoWb4t0LdysTc5kHFXVVCX QV2Blbal0YKz6w9IUqcfBdeyT5sFpeTHV4JE7+QLuGo2thT+u3XdAKr9p5qPfFdf ts/IRCH1O9xQpNFAOyqmMssrxhgPsXySep2KDR6OcpZyl29La0Nk3tQqT6jSv9eb 82iMEg/66tDJDfIlBI0S21ZpM/9QJhA5VC/5KViYCLOIAS6yFYFoaSE= -----END CERTIFICATE-----Generated at Fri Apr 4 18:42:06 2025 by rpki-client