$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EGC2cptKtYJ2Pni_VLeIe2dfAP8.roa File: EGC2cptKtYJ2Pni_VLeIe2dfAP8.roa (raw, json) Hash identifier: FzQd3vIcwcJsBgBhSreg6Whv74nyTYiFwlCW3KR5BjU= Subject key identifier: 10:60:B6:72:9B:4A:B5:82:76:3E:78:BF:54:B7:88:7B:67:5F:00:FF Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1881 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EGC2cptKtYJ2Pni_VLeIe2dfAP8.roa Signing time: Fri 17 Jan 2025 01:25:09 +0000 ROA not before: Fri 17 Jan 2025 01:25:09 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 24373 IP address blocks: 103.221.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6273 (0x1881) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:09 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1060B6729B4AB582763E78BF54B7887B675F00FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:32:e2:79:4b:3c:b1:b7:4e:b3:41:aa:35:7d: b8:80:b3:48:8c:eb:f8:65:18:f4:2a:63:b3:39:f9: eb:e0:a4:23:6e:81:fa:46:54:ac:d1:19:0d:92:d5: 0c:35:5e:4c:f1:fc:bf:bc:d9:3a:fb:88:db:f8:b3: 2c:62:f4:89:a4:2c:b3:f8:a9:20:0f:53:36:1a:1a: 10:4a:ef:3f:6b:fe:7a:98:b8:17:9e:e5:95:d3:bf: c7:d6:f5:94:32:90:3b:7a:2f:41:15:70:35:a3:6d: 2e:07:a9:98:c7:87:93:c9:8f:8c:89:9a:a8:3f:af: 09:36:2c:ad:3d:2d:2f:88:bc:b7:01:83:71:93:97: bd:8e:9a:fc:2d:0a:de:5f:09:c7:2a:61:91:33:c0: 4d:fc:9a:71:7f:f1:15:f1:ff:da:c9:86:dc:30:57: bb:06:b0:16:67:c5:5e:af:d1:43:29:3b:03:bb:72: a1:32:2f:f5:bb:8d:3f:b7:af:e8:03:78:5c:ec:89: ee:a5:59:8e:fe:b4:2e:b1:76:42:f6:be:d6:b6:64: e1:ae:89:23:7b:67:da:25:11:e6:11:02:b8:b3:99: b6:dc:5d:e7:6f:e7:b1:2b:40:89:c9:5e:ee:4b:67: 5e:c5:2e:85:70:0b:7e:d7:97:ac:33:70:f3:d5:71: ee:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:60:B6:72:9B:4A:B5:82:76:3E:78:BF:54:B7:88:7B:67:5F:00:FF X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EGC2cptKtYJ2Pni_VLeIe2dfAP8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.16.0/22 Signature Algorithm: sha256WithRSAEncryption 17:89:86:3d:76:07:95:02:e3:47:3d:e4:06:76:e0:9b:cc:aa: 27:a5:fb:e7:61:06:24:d4:17:e9:55:c0:60:4b:10:4b:57:25: 0d:52:be:55:46:5e:67:13:a9:d4:ae:71:ca:53:ec:da:74:a2: 60:40:8f:48:7a:f6:1a:cc:48:6a:12:ad:0e:f7:65:9d:3d:77: 19:da:1a:50:e1:3c:a8:5d:d0:b5:b4:e2:e7:e4:f8:f2:1f:1c: a7:98:e3:66:eb:ca:6e:13:08:de:e1:0e:61:59:e3:a7:7b:59: f5:8b:31:7d:d5:f0:62:91:1f:ad:0a:b2:c3:8e:2e:ef:c3:9c: 15:6c:21:3c:4d:c4:9a:55:74:2c:b3:12:aa:85:24:d1:7e:51: 67:28:e3:b0:99:69:ec:dd:f7:8d:eb:8d:78:88:ff:ae:20:1d: 0f:84:e3:47:1b:20:4c:91:de:8f:25:ae:51:11:2b:39:f6:63: 3d:13:be:03:b9:44:68:ad:fa:a6:1d:3d:56:ea:d1:2a:bd:a9: 0a:a2:b1:9a:df:b8:71:1e:43:5f:24:c3:a3:a5:11:39:84:15: 7c:6b:98:69:91:cd:65:0e:e0:8f:15:10:09:73:6e:64:1a:ad: 10:f2:2c:fa:16:3b:8c:0d:aa:93:85:b4:2b:ac:b6:33:42:5d: c0:0b:02:88 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDEwNjBCNjcyOUI0QUI1 ODI3NjNFNzhCRjU0Qjc4ODdCNjc1RjAwRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkMuJ5Szyxt06zQao1fbiAs0iM6/hlGPQqY7M5+evgpCNugfpG VKzRGQ2S1Qw1Xkzx/L+82Tr7iNv4syxi9ImkLLP4qSAPUzYaGhBK7z9r/nqYuBee 5ZXTv8fW9ZQykDt6L0EVcDWjbS4HqZjHh5PJj4yJmqg/rwk2LK09LS+IvLcBg3GT l72OmvwtCt5fCccqYZEzwE38mnF/8RXx/9rJhtwwV7sGsBZnxV6v0UMpOwO7cqEy L/W7jT+3r+gDeFzsie6lWY7+tC6xdkL2vta2ZOGuiSN7Z9olEeYRArizmbbcXedv 57ErQInJXu5LZ17FLoVwC37Xl6wzcPPVce7rAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEGC2cptKtYJ2Pni/VLeIe2dfAP8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0VHQzJjcHRLdFlKMlBu aV9WTGVJZTJkZkFQOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RAwDQYJKoZIhvcNAQELBQADggEBABeJhj12B5UC40c95AZ24JvMqiel++dh BiTUF+lVwGBLEEtXJQ1SvlVGXmcTqdSuccpT7Np0omBAj0h69hrMSGoSrQ73ZZ09 dxnaGlDhPKhd0LW04ufk+PIfHKeY42brym4TCN7hDmFZ46d7WfWLMX3V8GKRH60K ssOOLu/DnBVsITxNxJpVdCyzEqqFJNF+UWco47CZaezd943rjXiI/64gHQ+E40cb IEyR3o8lrlERKzn2Yz0TvgO5RGit+qYdPVbq0Sq9qQqisZrfuHEeQ18kw6OlETmE FXxrmGmRzWUO4I8VEAlzbmQarRDyLPoWO4wNqpOFtCustjNCXcALAog= -----END CERTIFICATE-----Generated at Fri Apr 4 18:34:48 2025 by rpki-client