$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EfX1rS6kFHWFt8z51RGtD9tReQ0.roa File: EfX1rS6kFHWFt8z51RGtD9tReQ0.roa (raw, json) Hash identifier: lbqF2XcBaZZt+QVKWgF/Mp7HFmYW8BBkfzjNJUgewes= Subject key identifier: 11:F5:F5:AD:2E:A4:14:75:85:B7:CC:F9:D5:11:AD:0F:DB:51:79:0D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 180D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EfX1rS6kFHWFt8z51RGtD9tReQ0.roa Signing time: Fri 17 Jan 2025 01:24:30 +0000 ROA not before: Fri 17 Jan 2025 01:24:30 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.221.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6157 (0x180d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:30 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=11F5F5AD2EA4147585B7CCF9D511AD0FDB51790D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:b3:68:e3:0c:d8:69:f0:8e:3b:1d:6c:d8:87: 0c:e4:9c:13:c3:5b:76:dc:94:65:88:66:6f:e5:06: ea:b1:25:3a:7b:66:d5:45:d7:97:46:2e:28:6e:89: 78:cc:d9:4d:a7:23:75:4e:f8:93:57:b6:22:80:4b: 58:6f:af:2f:27:07:43:f3:47:d4:3b:44:1b:dd:98: b1:f5:83:1e:2d:4e:74:59:94:3b:5e:40:f3:47:7c: 10:06:67:8a:f9:11:dc:bb:ab:42:ff:ba:94:a5:db: 7e:ce:71:94:49:0c:08:57:8a:da:49:55:8e:6d:b6: f7:ca:48:6f:66:a8:8d:c0:15:9d:d1:8a:fa:c7:fe: 9e:6b:41:f3:55:52:f1:7e:08:27:2f:39:91:2c:6d: fc:71:ad:84:22:ca:e7:44:9e:8b:76:5e:23:28:3a: 00:b6:85:76:37:9b:fa:1f:14:40:37:cd:b5:47:f7: 21:7b:6d:25:cc:34:9e:b8:28:c2:fb:6c:b1:30:3c: 82:6c:92:a1:3f:87:56:74:38:6e:9b:a0:f4:f3:82: 89:ab:4d:45:2a:3b:20:39:65:e9:76:07:55:50:00: fc:e3:fc:14:81:67:f9:21:d4:06:1c:49:6c:75:43: 39:a3:94:d6:67:5e:21:ee:ea:6b:78:27:20:e1:f7: a7:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:F5:F5:AD:2E:A4:14:75:85:B7:CC:F9:D5:11:AD:0F:DB:51:79:0D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EfX1rS6kFHWFt8z51RGtD9tReQ0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.29.0/24 Signature Algorithm: sha256WithRSAEncryption b3:6f:c9:f2:42:41:bc:ab:30:b1:31:90:09:df:39:a8:bf:d3: 5d:29:2c:7a:e3:8f:f1:56:1d:55:2f:33:4b:ce:b2:f0:a6:24: 47:b8:51:3b:4c:1e:e3:36:ca:4f:72:b2:6f:a2:c5:f0:e8:d7: fa:66:75:cd:bf:8e:34:51:e7:e5:c8:53:fc:96:a6:db:eb:4b: cd:c6:0e:60:92:83:23:ce:3e:32:3d:1d:90:26:b9:be:07:36: 8f:1f:41:ab:2d:14:b3:56:c9:be:7d:c1:8a:34:e7:88:75:ba: b0:bf:3d:9e:4a:41:92:ca:83:93:f8:ca:5f:8a:04:24:24:54: fd:e5:8e:dd:64:e5:60:a2:ef:63:05:83:92:83:13:6e:b4:ad: af:e6:8d:ad:81:e8:3d:64:18:af:aa:cc:09:be:7c:81:7c:13: 85:6c:ae:3f:b3:f7:25:ec:97:f9:e4:92:41:e5:d4:d6:7d:a2: 17:d5:27:a2:c0:f6:56:6c:9f:9c:62:4a:60:bc:ef:98:bf:3e: a8:69:c3:cd:c6:23:35:12:a7:64:e3:48:85:be:aa:bd:f5:06: db:b1:4b:fa:61:a1:4b:de:6d:89:8c:87:a5:b5:62:40:a6:f4: b1:08:74:36:23:a6:69:d8:b8:f6:66:2e:40:33:af:83:e8:24: 46:49:18:32 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0MzBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDExRjVGNUFEMkVBNDE0 NzU4NUI3Q0NGOUQ1MTFBRDBGREI1MTc5MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD1s2jjDNhp8I47HWzYhwzknBPDW3bclGWIZm/lBuqxJTp7ZtVF 15dGLihuiXjM2U2nI3VO+JNXtiKAS1hvry8nB0PzR9Q7RBvdmLH1gx4tTnRZlDte QPNHfBAGZ4r5Edy7q0L/upSl237OcZRJDAhXitpJVY5ttvfKSG9mqI3AFZ3RivrH /p5rQfNVUvF+CCcvOZEsbfxxrYQiyudEnot2XiMoOgC2hXY3m/ofFEA3zbVH9yF7 bSXMNJ64KML7bLEwPIJskqE/h1Z0OG6boPTzgomrTUUqOyA5Zel2B1VQAPzj/BSB Z/kh1AYcSWx1QzmjlNZnXiHu6mt4JyDh96erAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEfX1rS6kFHWFt8z51RGtD9tReQ0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0VmWDFyUzZrRkhXRnQ4 ejUxUkd0RDl0UmVRMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3R0wDQYJKoZIhvcNAQELBQADggEBALNvyfJCQbyrMLExkAnfOai/010pLHrj j/FWHVUvM0vOsvCmJEe4UTtMHuM2yk9ysm+ixfDo1/pmdc2/jjRR5+XIU/yWptvr S83GDmCSgyPOPjI9HZAmub4HNo8fQastFLNWyb59wYo054h1urC/PZ5KQZLKg5P4 yl+KBCQkVP3ljt1k5WCi72MFg5KDE260ra/mja2B6D1kGK+qzAm+fIF8E4Vsrj+z 9yXsl/nkkkHl1NZ9ohfVJ6LA9lZsn5xiSmC875i/Pqhpw83GIzUSp2TjSIW+qr31 BtuxS/phoUvebYmMh6W1YkCm9LEIdDYjpmnYuPZmLkAzr4PoJEZJGDI= -----END CERTIFICATE-----Generated at Fri Apr 4 18:47:33 2025 by rpki-client