$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/C6vuUoBYWJEO4Yew3tjzZP82Db4.roa File: C6vuUoBYWJEO4Yew3tjzZP82Db4.roa (raw, json) Hash identifier: VSIomVhjqykRR5PF6Rh4A1MsVBd+KJqQpW8599qHx3U= Subject key identifier: 0B:AB:EE:52:80:58:58:91:0E:E1:87:B0:DE:D8:F3:64:FF:36:0D:BE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 183A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/C6vuUoBYWJEO4Yew3tjzZP82Db4.roa Signing time: Fri 17 Jan 2025 01:24:46 +0000 ROA not before: Fri 17 Jan 2025 01:24:46 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6202 (0x183a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:46 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0BABEE52805858910EE187B0DED8F364FF360DBE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f2:b6:69:71:1b:23:31:a4:4a:e2:cd:a5:d1: e9:70:ad:96:4b:0b:88:60:55:45:45:77:d1:65:9a: dc:9a:cd:cf:c3:75:6c:7e:c7:27:43:1a:75:d4:b5: 83:11:95:83:f4:85:4d:84:e1:d7:ee:14:85:8b:cf: 01:93:94:17:74:dd:7f:ca:92:2b:2a:ef:19:70:13: c4:5d:62:c0:a7:b6:c6:2a:a1:8b:b3:3b:3b:13:c6: 67:2e:43:67:24:74:3e:33:01:7b:be:13:93:1a:b8: f8:f7:b4:44:e5:11:95:4a:72:76:df:11:07:6b:45: bd:9c:97:8b:b0:48:92:71:70:c2:24:c3:e3:31:50: 4c:9b:22:04:2f:31:59:8a:02:16:72:e0:ce:8d:df: 2f:6e:e5:84:8c:16:ae:12:ef:b4:7a:b5:75:f9:8e: d4:64:c7:d2:e0:18:61:09:d6:97:04:cf:e2:3d:a6: 25:59:8c:f5:7b:75:6d:1a:16:ce:a6:d1:08:79:ed: cf:10:84:99:aa:18:a2:58:c5:a8:23:06:1b:7a:5a: 62:bc:61:ca:2a:62:3c:ca:cd:b6:24:4d:64:76:43: 94:10:61:03:ac:71:4e:a4:6e:14:7b:9c:74:ac:72: 25:43:5c:4a:41:12:9e:20:9f:a6:11:88:ad:5e:f9: c4:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:AB:EE:52:80:58:58:91:0E:E1:87:B0:DE:D8:F3:64:FF:36:0D:BE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/C6vuUoBYWJEO4Yew3tjzZP82Db4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.31.0/24 Signature Algorithm: sha256WithRSAEncryption 88:12:16:fc:04:c2:0a:2c:2b:89:ec:b5:64:55:4c:56:9b:8e: 05:4f:63:e5:b7:24:31:0f:48:23:74:91:5f:d9:d8:73:00:3c: 97:77:a9:51:c9:4c:6e:b3:05:a4:1f:75:a6:d2:e6:1b:83:97: f8:96:3c:36:bc:2f:83:ed:fb:26:54:8f:b8:94:4a:1b:91:35: cf:bc:04:d1:bf:d5:72:91:00:8e:75:da:6d:b8:5b:e1:2c:eb: a7:a3:24:df:27:af:12:63:96:77:f8:ce:11:e4:2b:0b:87:37: 42:10:40:4c:83:63:f2:ef:69:86:1c:6b:9b:44:1b:3a:c0:41: 50:64:ec:fd:9f:9f:51:41:8e:09:dc:a4:1e:c9:ce:9c:85:6e: e0:63:17:29:1e:e2:2a:6f:2e:60:11:84:b6:77:a2:39:27:e3: 81:85:e3:7c:08:39:7d:1a:09:a7:5a:67:e4:96:17:98:9d:9b: e7:c6:03:35:92:da:16:d8:b9:25:f7:84:74:f8:f2:0a:22:c5: 4e:df:7a:74:ee:99:b2:bf:73:0d:8b:38:33:5d:4e:51:8d:27: 62:4c:fd:4d:52:c0:d4:38:f9:bc:43:df:de:78:3c:83:5a:f3: 43:b0:b0:16:5d:0a:e0:8c:ff:51:e8:76:de:e5:41:52:74:da: 4a:be:1e:71 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBCQUJFRTUyODA1ODU4 OTEwRUUxODdCMERFRDhGMzY0RkYzNjBEQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDF8rZpcRsjMaRK4s2l0elwrZZLC4hgVUVFd9Flmtyazc/DdWx+ xydDGnXUtYMRlYP0hU2E4dfuFIWLzwGTlBd03X/Kkisq7xlwE8RdYsCntsYqoYuz OzsTxmcuQ2ckdD4zAXu+E5MauPj3tETlEZVKcnbfEQdrRb2cl4uwSJJxcMIkw+Mx UEybIgQvMVmKAhZy4M6N3y9u5YSMFq4S77R6tXX5jtRkx9LgGGEJ1pcEz+I9piVZ jPV7dW0aFs6m0Qh57c8QhJmqGKJYxagjBht6WmK8YcoqYjzKzbYkTWR2Q5QQYQOs cU6kbhR7nHSsciVDXEpBEp4gn6YRiK1e+cTJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUC6vuUoBYWJEO4Yew3tjzZP82Db4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0M2dnVVb0JZV0pFTzRZ ZXczdGp6WlA4MkRiNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3R8wDQYJKoZIhvcNAQELBQADggEBAIgSFvwEwgosK4nstWRVTFabjgVPY+W3 JDEPSCN0kV/Z2HMAPJd3qVHJTG6zBaQfdabS5huDl/iWPDa8L4Pt+yZUj7iUShuR Nc+8BNG/1XKRAI512m24W+Es66ejJN8nrxJjlnf4zhHkKwuHN0IQQEyDY/LvaYYc a5tEGzrAQVBk7P2fn1FBjgncpB7JzpyFbuBjFyke4ipvLmARhLZ3ojkn44GF43wI OX0aCadaZ+SWF5idm+fGAzWS2hbYuSX3hHT48goixU7fenTumbK/cw2LODNdTlGN J2JM/U1SwNQ4+bxD3954PINa80OwsBZdCuCM/1Hodt7lQVJ02kq+HnE= -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:01 2025 by rpki-client