$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/FN9JvGPWYLpIJgpUWW9KEfxtfKA.roa File: FN9JvGPWYLpIJgpUWW9KEfxtfKA.roa (raw, json) Hash identifier: wqhicPYRuaIOdPFaEBXw2kKtiQ7qfZa4vrKvKln8dmo= Subject key identifier: 14:DF:49:BC:63:D6:60:BA:48:26:0A:54:59:6F:4A:11:FC:6D:7C:A0 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 18E6 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/FN9JvGPWYLpIJgpUWW9KEfxtfKA.roa Signing time: Fri 17 Jan 2025 01:25:45 +0000 ROA not before: Fri 17 Jan 2025 01:25:45 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.221.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6374 (0x18e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:45 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=14DF49BC63D660BA48260A54596F4A11FC6D7CA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:28:0e:d5:cf:6c:ae:6e:22:8f:75:88:64:11: 62:82:5f:5d:9a:77:e3:86:82:05:60:18:b1:d0:20: ab:58:a6:4b:62:5f:5f:55:4e:0c:cb:0f:13:98:93: 06:fe:ca:9b:73:8a:5c:bb:95:23:b1:b0:a7:0c:97: ff:8f:78:3f:e4:8d:33:dc:b4:f3:8e:82:fc:09:9d: 0b:32:04:b0:cd:3b:42:a2:79:94:04:12:31:27:5f: 52:ac:fa:e1:e0:19:4a:23:e5:3d:cb:a6:f3:7b:93: 28:64:dc:43:ee:a1:0e:93:40:eb:7f:f6:fe:a5:24: 7b:78:99:87:3b:41:54:79:f7:8e:80:93:b3:37:6f: 00:d7:9f:9a:6a:3b:f8:7f:49:00:91:02:5b:a3:8a: a3:8d:40:d3:60:8f:47:0f:40:8e:77:f7:a1:19:3e: 72:57:00:9e:d3:89:72:57:b5:a8:eb:2e:72:40:c1: ac:6a:0f:3f:f2:c6:94:79:c7:64:d1:81:5b:c6:c5: 45:d1:c2:14:ea:d4:0e:35:1e:b8:98:19:df:66:01: c6:4d:32:a4:8b:d8:83:b7:47:2e:03:de:ce:fa:a9: a3:37:75:76:38:9d:e3:46:01:f0:ba:9d:18:c8:e5: 5d:e1:90:fb:49:3a:46:37:6b:a3:71:40:cc:41:32: ea:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:DF:49:BC:63:D6:60:BA:48:26:0A:54:59:6F:4A:11:FC:6D:7C:A0 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/FN9JvGPWYLpIJgpUWW9KEfxtfKA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.4.0/24 Signature Algorithm: sha256WithRSAEncryption 82:5c:94:b9:49:39:d4:85:72:52:79:1c:27:1f:a3:b3:5c:bf: 8a:52:53:07:c7:ab:96:f5:b0:41:ea:4a:15:15:4e:4a:72:e5: ff:0f:cb:88:83:3d:e8:68:a2:96:91:8c:60:17:48:e4:b4:4a: be:e0:bc:55:d4:96:9a:c7:9f:d0:c5:3e:2c:83:b1:14:70:1c: 1e:67:0f:70:2c:ed:bd:81:3e:d0:c9:1e:e9:3e:50:3a:3a:0a: de:06:2e:3e:12:e9:17:eb:d8:ed:61:a5:23:31:2d:b1:35:c5: 08:7e:07:9a:2c:44:94:d1:f7:af:50:12:fc:fa:4e:fc:d4:2a: 07:b7:4f:bf:e1:2b:15:3d:dc:1f:54:17:38:69:80:90:4b:bc: 3a:a8:39:2c:b1:60:d2:7b:05:69:5c:99:26:69:f7:be:59:64: 7d:bd:50:73:62:01:0d:4e:b6:10:93:9c:d6:fb:64:db:5a:10: b1:6b:90:5d:de:04:52:92:e5:b4:bb:6c:02:6d:e3:56:2f:80: ea:ef:bb:a2:98:cb:9e:4c:85:cb:8a:19:bc:a7:b1:bc:ca:ec: b3:7b:4a:2e:ae:ca:f9:88:ad:32:e1:38:42:6d:61:d9:61:49: 4e:32:b3:d4:a3:2b:96:3b:ac:04:32:e7:68:e3:28:9f:7b:53: cb:c4:d0:66 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGOYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1NDVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE0REY0OUJDNjNENjYw QkE0ODI2MEE1NDU5NkY0QTExRkM2RDdDQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgKA7Vz2yubiKPdYhkEWKCX12ad+OGggVgGLHQIKtYpktiX19V TgzLDxOYkwb+yptzily7lSOxsKcMl/+PeD/kjTPctPOOgvwJnQsyBLDNO0KieZQE EjEnX1Ks+uHgGUoj5T3LpvN7kyhk3EPuoQ6TQOt/9v6lJHt4mYc7QVR5946Ak7M3 bwDXn5pqO/h/SQCRAlujiqONQNNgj0cPQI5396EZPnJXAJ7TiXJXtajrLnJAwaxq Dz/yxpR5x2TRgVvGxUXRwhTq1A41HriYGd9mAcZNMqSL2IO3Ry4D3s76qaM3dXY4 neNGAfC6nRjI5V3hkPtJOkY3a6NxQMxBMuo3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFN9JvGPWYLpIJgpUWW9KEfxtfKAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0ZOOUp2R1BXWUxwSUpn cFVXVzlLRWZ4dGZLQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QQwDQYJKoZIhvcNAQELBQADggEBAIJclLlJOdSFclJ5HCcfo7Ncv4pSUwfH q5b1sEHqShUVTkpy5f8Py4iDPehoopaRjGAXSOS0Sr7gvFXUlprHn9DFPiyDsRRw HB5nD3As7b2BPtDJHuk+UDo6Ct4GLj4S6Rfr2O1hpSMxLbE1xQh+B5osRJTR969Q Evz6TvzUKge3T7/hKxU93B9UFzhpgJBLvDqoOSyxYNJ7BWlcmSZp975ZZH29UHNi AQ1OthCTnNb7ZNtaELFrkF3eBFKS5bS7bAJt41YvgOrvu6KYy55MhcuKGbynsbzK 7LN7Si6uyvmIrTLhOEJtYdlhSU4ys9SjK5Y7rAQy52jjKJ97U8vE0GY= -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:07 2025 by rpki-client