$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/FPxlyO3apvvK6t5xN08o9zqxSKQ.roa File: FPxlyO3apvvK6t5xN08o9zqxSKQ.roa (raw, json) Hash identifier: uwrY917hyY12KgHQ5rkw+LaRXeL+fQCocD50iFJG+Bg= Subject key identifier: 14:FC:65:C8:ED:DA:A6:FB:CA:EA:DE:71:37:4F:28:F7:3A:B1:48:A4 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1844 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/FPxlyO3apvvK6t5xN08o9zqxSKQ.roa Signing time: Fri 17 Jan 2025 01:24:48 +0000 ROA not before: Fri 17 Jan 2025 01:24:48 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.220.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6212 (0x1844) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:48 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=14FC65C8EDDAA6FBCAEADE71374F28F73AB148A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:3f:aa:fe:16:2b:ba:ec:bc:5e:c5:e8:35:25: 5e:af:8d:96:9b:80:6b:8f:3f:35:f5:38:01:7d:52: 78:ac:35:73:f1:6f:2f:e3:21:de:99:a3:aa:71:39: 0f:57:0a:cd:db:37:2f:dc:94:30:e8:de:61:7b:23: db:07:cd:d6:14:bc:71:ef:a0:03:a0:68:16:bb:87: 7a:66:8a:99:71:84:78:42:fd:71:00:b0:11:d2:69: f1:66:4b:57:87:ab:8c:ac:8c:8e:4c:b0:84:3b:be: 54:91:0d:ac:5a:81:a7:00:db:47:d7:67:9b:5d:ba: 70:84:0c:bd:ad:9d:b3:6f:54:e8:3a:2a:c0:a3:d0: 75:01:33:87:79:71:85:6b:21:ca:71:41:f9:40:d1: ce:9a:14:da:84:26:e1:ad:39:09:8f:67:81:42:de: 7c:8c:5e:4f:11:d8:19:70:ec:2d:5a:f3:be:3c:9e: 16:da:06:dd:03:8f:17:ec:5b:d5:23:ce:df:66:43: 95:92:b2:bc:71:e0:73:11:0f:99:50:4e:89:df:8f: a0:04:c4:f0:08:8d:bd:48:08:8a:08:73:32:53:1e: b2:1f:b3:74:25:c2:ed:a4:94:9c:0b:0a:51:2b:9a: d3:0a:c8:8e:f8:58:f4:a2:ec:e6:8b:74:e8:31:9f: c3:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:FC:65:C8:ED:DA:A6:FB:CA:EA:DE:71:37:4F:28:F7:3A:B1:48:A4 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/FPxlyO3apvvK6t5xN08o9zqxSKQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.252.0/24 Signature Algorithm: sha256WithRSAEncryption 58:53:cf:d0:1d:e1:d0:5e:01:57:92:a6:7a:b1:ba:a9:4a:23: 70:1a:99:d5:8b:96:81:1e:e3:d3:47:a5:2b:6a:33:ef:16:df: 9c:a5:37:8d:0b:37:9b:07:55:d3:4b:76:2e:1a:bf:07:64:5d: 24:0f:fa:a5:2d:c3:6c:e4:d8:7a:13:8d:8b:bd:bf:5c:fe:b4: fc:b4:17:fc:da:ed:97:a7:bc:8a:cf:18:5a:14:06:09:35:2a: 26:7b:35:7d:73:6b:d5:9c:f4:af:5b:62:bf:67:a2:49:c5:33: 13:5c:9b:0b:ec:0b:01:5d:4c:d4:75:3b:bb:fb:bd:79:ec:46: cc:81:a7:f9:9f:d3:d0:37:9d:69:6d:f3:ea:2a:2b:c4:82:af: 99:c0:aa:17:97:b1:fa:22:cf:ca:54:a9:b8:a7:3d:69:0a:81: 1d:67:4c:31:f6:d3:51:ea:ec:b6:41:6f:30:dd:3a:40:b7:44: 19:9b:ce:40:a3:02:5f:45:96:44:7d:23:81:5d:3a:2a:77:62: ed:1c:0a:95:05:14:be:8a:13:1c:b4:9d:92:26:f8:28:06:f5: 73:f7:cf:e1:1c:7f:4d:bb:a6:ee:05:76:01:63:0a:0d:2c:bd: 14:e3:39:b5:1f:9d:1e:53:f7:61:01:cd:7f:db:57:7d:94:42: c5:e9:41:6c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE0RkM2NUM4RUREQUE2 RkJDQUVBREU3MTM3NEYyOEY3M0FCMTQ4QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEP6r+Fiu67Lxexeg1JV6vjZabgGuPPzX1OAF9UnisNXPxby/j Id6Zo6pxOQ9XCs3bNy/clDDo3mF7I9sHzdYUvHHvoAOgaBa7h3pmiplxhHhC/XEA sBHSafFmS1eHq4ysjI5MsIQ7vlSRDaxagacA20fXZ5tdunCEDL2tnbNvVOg6KsCj 0HUBM4d5cYVrIcpxQflA0c6aFNqEJuGtOQmPZ4FC3nyMXk8R2Blw7C1a8748nhba Bt0DjxfsW9Ujzt9mQ5WSsrxx4HMRD5lQTonfj6AExPAIjb1ICIoIczJTHrIfs3Ql wu2klJwLClErmtMKyI74WPSi7OaLdOgxn8MFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFPxlyO3apvvK6t5xN08o9zqxSKQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0ZQeGx5TzNhcHZ2SzZ0 NXhOMDhvOXpxeFNLUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3PwwDQYJKoZIhvcNAQELBQADggEBAFhTz9Ad4dBeAVeSpnqxuqlKI3AamdWL loEe49NHpStqM+8W35ylN40LN5sHVdNLdi4avwdkXSQP+qUtw2zk2HoTjYu9v1z+ tPy0F/za7ZenvIrPGFoUBgk1KiZ7NX1za9Wc9K9bYr9noknFMxNcmwvsCwFdTNR1 O7v7vXnsRsyBp/mf09A3nWlt8+oqK8SCr5nAqheXsfoiz8pUqbinPWkKgR1nTDH2 01Hq7LZBbzDdOkC3RBmbzkCjAl9FlkR9I4FdOip3Yu0cCpUFFL6KExy0nZIm+CgG 9XP3z+Ecf027pu4FdgFjCg0svRTjObUfnR5T92EBzX/bV32UQsXpQWw= -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:02 2025 by rpki-client