$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/CZUrvgTe-w8U_bi6NTR9G7tEhf4.roa File: CZUrvgTe-w8U_bi6NTR9G7tEhf4.roa (raw, json) Hash identifier: nfJOi9/L5PRal2V7HQkkRanvCs08tM2muxweGqlodp0= Subject key identifier: 09:95:2B:BE:04:DE:FB:0F:14:FD:B8:BA:35:34:7D:1B:BB:44:85:FE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1826 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/CZUrvgTe-w8U_bi6NTR9G7tEhf4.roa Signing time: Fri 17 Jan 2025 01:24:39 +0000 ROA not before: Fri 17 Jan 2025 01:24:39 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.220.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 23:38:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6182 (0x1826) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:39 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=09952BBE04DEFB0F14FDB8BA35347D1BBB4485FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:79:63:f2:9d:b5:49:9e:39:eb:82:d8:3c:96: 1e:2a:a3:b2:e7:73:3f:e7:dd:b6:0a:9f:af:d2:f1: 6f:4a:76:77:49:44:48:41:c1:20:70:79:ef:cc:73: 2d:63:8e:a4:2d:34:ab:fb:24:1a:5b:74:8e:ec:3c: 59:dc:f6:ef:a1:41:0f:75:2e:9c:51:94:cb:1e:db: e4:e9:14:13:bf:65:d0:9c:f2:cd:5f:1c:25:54:3c: cc:58:04:fe:92:80:10:10:b1:bf:12:ac:a3:dd:58: 74:8c:26:09:bb:73:67:e1:cc:85:81:13:e0:cd:5c: 43:db:4b:71:cc:c7:0f:e0:aa:0c:8b:bc:fa:88:4b: 81:95:1c:24:f6:11:41:24:12:ff:1a:59:33:aa:c7: 30:a9:7d:9d:56:ff:91:7f:50:18:f1:80:4d:06:9b: a2:0a:83:02:60:8c:c9:19:29:5c:a9:41:e3:ec:4f: da:5b:0a:53:18:da:fd:ec:8c:2c:87:60:22:35:98: bb:cd:6a:3e:db:66:51:e2:5d:f7:45:5e:83:82:04: 2a:01:4d:67:eb:1f:c9:07:51:96:6a:23:20:25:1b: c2:c9:62:75:d9:30:be:08:55:dd:fc:d2:a1:5f:e9: db:f5:2f:7f:ff:65:8d:91:7f:18:ef:fe:ba:fb:fe: 03:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:95:2B:BE:04:DE:FB:0F:14:FD:B8:BA:35:34:7D:1B:BB:44:85:FE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/CZUrvgTe-w8U_bi6NTR9G7tEhf4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.248.0/24 Signature Algorithm: sha256WithRSAEncryption 64:a3:ff:e1:c1:1c:3a:b1:be:e3:c4:95:45:fa:96:a4:72:2b: 66:fa:2a:40:3e:c2:14:96:e5:00:b4:83:22:48:2e:3e:3b:06: c1:26:76:ea:0b:47:2c:6d:f1:91:39:96:c6:df:a0:be:ff:35: a0:bc:45:eb:35:7e:38:f4:fa:08:fd:52:4e:36:ff:5d:12:25: 0f:4a:91:1c:01:c4:f3:84:38:01:7b:b9:f1:d6:6a:a5:73:8e: 9c:8b:d5:51:f5:b4:2a:53:e7:fd:2b:30:02:5b:fb:d8:87:13: 6b:e9:4b:90:81:45:d6:22:f2:3e:2a:bc:aa:76:47:a4:ec:2c: 39:8a:92:b4:f0:73:56:b0:dd:0b:83:15:d5:46:68:ca:cd:5f: 31:1c:9e:4b:97:1c:a9:b1:a7:3b:f2:b5:5e:46:54:43:5c:c4: d8:d8:80:b5:f4:9f:ee:8f:a4:a0:9f:a9:d8:0a:44:1d:21:fb: a0:61:42:4f:fa:ab:b0:4b:17:9c:a5:7e:62:aa:98:d3:0e:50: 8f:a5:45:0f:57:f0:33:c9:07:a9:42:05:a7:3f:16:63:64:c5: 45:fc:c2:ea:ae:14:61:6a:dc:0c:00:53:a0:9a:c6:cb:f8:9f: 32:ba:b9:71:a2:48:55:8a:aa:02:3d:70:32:14:7f:7c:93:ed: fe:de:94:ec -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0MzlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDA5OTUyQkJFMDRERUZC MEYxNEZEQjhCQTM1MzQ3RDFCQkI0NDg1RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDjeWPynbVJnjnrgtg8lh4qo7Lncz/n3bYKn6/S8W9KdndJREhB wSBwee/Mcy1jjqQtNKv7JBpbdI7sPFnc9u+hQQ91LpxRlMse2+TpFBO/ZdCc8s1f HCVUPMxYBP6SgBAQsb8SrKPdWHSMJgm7c2fhzIWBE+DNXEPbS3HMxw/gqgyLvPqI S4GVHCT2EUEkEv8aWTOqxzCpfZ1W/5F/UBjxgE0Gm6IKgwJgjMkZKVypQePsT9pb ClMY2v3sjCyHYCI1mLvNaj7bZlHiXfdFXoOCBCoBTWfrH8kHUZZqIyAlG8LJYnXZ ML4IVd380qFf6dv1L3//ZY2Rfxjv/rr7/gP7AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUCZUrvgTe+w8U/bi6NTR9G7tEhf4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0NaVXJ2Z1RlLXc4VV9i aTZOVFI5Rzd0RWhmNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3PgwDQYJKoZIhvcNAQELBQADggEBAGSj/+HBHDqxvuPElUX6lqRyK2b6KkA+ whSW5QC0gyJILj47BsEmduoLRyxt8ZE5lsbfoL7/NaC8Res1fjj0+gj9Uk42/10S JQ9KkRwBxPOEOAF7ufHWaqVzjpyL1VH1tCpT5/0rMAJb+9iHE2vpS5CBRdYi8j4q vKp2R6TsLDmKkrTwc1aw3QuDFdVGaMrNXzEcnkuXHKmxpzvytV5GVENcxNjYgLX0 n+6PpKCfqdgKRB0h+6BhQk/6q7BLF5ylfmKqmNMOUI+lRQ9X8DPJB6lCBac/FmNk xUX8wuquFGFq3AwAU6Caxsv4nzK6uXGiSFWKqgI9cDIUf3yT7f7elOw= -----END CERTIFICATE-----Generated at Mon Apr 14 21:19:08 2025 by rpki-client