$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/DX6HPawOK58PjWX2wB6Hgl4wbrc.roa File: DX6HPawOK58PjWX2wB6Hgl4wbrc.roa (raw, json) Hash identifier: XriYkcJCjvw3tpQejRDEjD5SqRjPOcgE1yPpQxraSH0= Subject key identifier: 0D:7E:87:3D:AC:0E:2B:9F:0F:8D:65:F6:C0:1E:87:82:5E:30:6E:B7 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 19E2 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DX6HPawOK58PjWX2wB6Hgl4wbrc.roa Signing time: Fri 28 Feb 2025 17:00:50 +0000 ROA not before: Fri 28 Feb 2025 17:00:50 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4812 IP address blocks: 103.5.194.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6626 (0x19e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Feb 28 17:00:50 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0D7E873DAC0E2B9F0F8D65F6C01E87825E306EB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:12:e5:52:11:46:37:eb:18:06:89:70:83:19: b4:25:eb:3b:d4:f6:08:e0:b1:1e:44:01:59:2d:6d: 44:ab:53:1f:4b:7c:95:09:aa:ce:c4:8f:ac:df:91: ef:98:e4:1d:35:75:7f:d7:0d:56:f0:fd:21:79:8e: e3:80:36:0d:94:63:e2:4f:f1:8f:88:17:38:6a:63: 5f:01:d6:ae:db:bd:1a:f7:2c:80:5b:a0:e6:0e:4d: e4:90:a0:2a:90:6b:24:e7:62:fe:47:98:1e:15:aa: 66:99:00:b0:be:88:3e:14:29:fc:c7:71:46:f3:8e: 55:7b:50:f1:5a:31:9f:06:a4:d6:a2:e5:3c:09:71: 9e:99:65:79:2c:1f:e6:a1:83:dd:4f:b5:88:92:87: b3:4c:33:9d:a2:7d:58:b1:30:6d:12:a7:d1:78:28: 33:8e:fa:42:96:87:c5:83:3e:da:b9:b6:5f:13:99: 95:3b:00:c4:98:44:ec:ca:43:6f:a0:33:83:89:6d: 31:29:92:1f:d4:ee:5a:c2:e8:b2:3c:4d:64:b1:f3: d9:4d:d9:67:89:36:d9:60:77:b7:46:13:1a:64:8e: 79:10:fd:cd:03:72:1e:59:e5:24:63:bb:2c:1e:51: b5:87:6b:68:9b:9e:fb:0d:37:3e:a6:7b:f9:4f:ee: 30:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:7E:87:3D:AC:0E:2B:9F:0F:8D:65:F6:C0:1E:87:82:5E:30:6E:B7 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DX6HPawOK58PjWX2wB6Hgl4wbrc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.5.194.0/24 Signature Algorithm: sha256WithRSAEncryption 46:3f:2a:8e:16:4a:f7:57:95:6c:01:c3:40:e6:86:31:d6:53: fe:c9:34:71:70:9d:91:e1:53:38:88:a7:94:68:1d:23:33:55: 2c:92:3c:ca:03:f3:89:6c:5a:91:01:b0:db:8a:0a:a7:c7:3f: ad:a8:8b:ca:b4:16:27:c8:13:67:2b:f0:e7:c5:d4:71:9b:df: 20:53:03:42:5d:ee:5e:4e:ad:c0:c0:01:cb:bc:e4:5d:a8:fc: c8:d5:6a:67:49:cf:e3:9c:ff:b6:64:16:24:14:8e:4f:48:32: 5b:06:97:07:46:5a:d5:c7:f0:5a:b3:bd:74:57:ec:40:b0:37: 40:72:a0:77:28:32:a8:ec:76:ba:1d:20:87:01:7a:e2:d8:a4: 3b:29:eb:be:22:15:78:2d:3d:02:3f:f3:54:9b:b1:c7:3d:17: 95:cf:98:42:6b:c3:8f:1c:98:42:36:3e:2d:8e:c3:7a:b2:e3: 1c:8a:91:1e:7b:dd:83:66:25:11:03:ac:2e:7a:f0:f8:5b:86: 78:49:34:10:45:74:0a:8e:1d:0a:de:62:c8:da:98:2a:a7:66: 31:bb:cf:6d:db:ca:1c:70:da:e1:b2:02:b5:75:d2:ad:34:9b: c6:22:4b:58:5c:13:bb:81:45:e2:a2:4a:f8:fd:cc:d0:99:96: ea:b8:32:0b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAyMjgx NzAwNTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBEN0U4NzNEQUMwRTJC OUYwRjhENjVGNkMwMUU4NzgyNUUzMDZFQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDqEuVSEUY36xgGiXCDGbQl6zvU9gjgsR5EAVktbUSrUx9LfJUJ qs7Ej6zfke+Y5B01dX/XDVbw/SF5juOANg2UY+JP8Y+IFzhqY18B1q7bvRr3LIBb oOYOTeSQoCqQayTnYv5HmB4VqmaZALC+iD4UKfzHcUbzjlV7UPFaMZ8GpNai5TwJ cZ6ZZXksH+ahg91PtYiSh7NMM52ifVixMG0Sp9F4KDOO+kKWh8WDPtq5tl8TmZU7 AMSYROzKQ2+gM4OJbTEpkh/U7lrC6LI8TWSx89lN2WeJNtlgd7dGExpkjnkQ/c0D ch5Z5SRjuyweUbWHa2ibnvsNNz6me/lP7jA1AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDX6HPawOK58PjWX2wB6Hgl4wbrcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0RYNkhQYXdPSzU4UGpX WDJ3QjZIZ2w0d2JyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnBcIwDQYJKoZIhvcNAQELBQADggEBAEY/Ko4WSvdXlWwBw0DmhjHWU/7JNHFw nZHhUziIp5RoHSMzVSySPMoD84lsWpEBsNuKCqfHP62oi8q0FifIE2cr8OfF1HGb 3yBTA0Jd7l5OrcDAAcu85F2o/MjVamdJz+Oc/7ZkFiQUjk9IMlsGlwdGWtXH8Fqz vXRX7ECwN0ByoHcoMqjsdrodIIcBeuLYpDsp674iFXgtPQI/81Sbscc9F5XPmEJr w48cmEI2Pi2Ow3qy4xyKkR573YNmJREDrC568PhbhnhJNBBFdAqOHQreYsjamCqn ZjG7z23byhxw2uGyArV10q00m8YiS1hcE7uBReKiSvj9zNCZluq4Mgs= -----END CERTIFICATE-----Generated at Fri Apr 4 18:39:23 2025 by rpki-client