$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GFW43VGuNFZVNEKklKo-ulKdqxk.roa File: GFW43VGuNFZVNEKklKo-ulKdqxk.roa (raw, json) Hash identifier: 6kIjBYny6V5UMP10cBiy+AakcqKj2IjjLWToITyPNIc= Subject key identifier: 18:55:B8:DD:51:AE:34:56:55:34:42:A4:94:AA:3E:BA:52:9D:AB:19 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1878 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GFW43VGuNFZVNEKklKo-ulKdqxk.roa Signing time: Fri 17 Jan 2025 01:25:06 +0000 ROA not before: Fri 17 Jan 2025 01:25:06 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6264 (0x1878) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:06 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1855B8DD51AE3456553442A494AA3EBA529DAB19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:29:fc:04:e0:ca:06:f3:1a:dd:80:de:41:ff: d5:db:ce:da:b9:20:f1:0f:29:0e:a3:74:6c:32:d1: fd:42:0e:84:be:56:37:5e:0c:ba:8f:f3:c7:77:15: 08:ef:5f:98:f7:46:49:c1:22:d8:47:42:2b:d4:3a: dd:0c:1d:6b:b8:52:2a:5a:fc:88:50:63:b4:19:7e: ac:a4:a6:78:2d:3c:13:46:6e:ec:a5:ea:6b:3f:16: b5:53:2a:66:ed:d5:11:99:8f:bf:41:d7:fe:6a:97: f2:ad:c9:3f:26:a3:f3:be:49:5a:fd:23:d1:6a:e3: 7b:72:a3:bd:0f:50:a4:e9:42:ff:45:f9:2c:e0:54: 3d:e8:2e:0e:fc:6d:51:7d:69:74:7f:81:63:0b:7a: e7:9a:69:f3:3e:26:c9:0d:f9:e2:34:fb:28:a3:8e: d6:c4:f9:ee:5a:c2:a8:84:a5:1c:d7:ce:b9:f5:c8: 2e:06:e8:92:a0:97:8e:14:d4:d2:4d:fc:40:eb:cf: fb:27:3a:9b:a4:a9:74:0e:16:0a:47:4a:a2:ae:e9: 3e:e9:22:05:4f:4e:72:bd:f5:26:43:6e:17:4e:18: 42:3b:0c:14:f7:ec:22:73:4f:bc:1d:6b:f1:ee:c6: c4:35:1f:3a:91:ed:f6:e6:16:3e:52:0e:98:d7:28: a7:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:55:B8:DD:51:AE:34:56:55:34:42:A4:94:AA:3E:BA:52:9D:AB:19 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GFW43VGuNFZVNEKklKo-ulKdqxk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.22.0/24 Signature Algorithm: sha256WithRSAEncryption 58:1b:2f:a4:d7:0d:49:c4:22:9d:a8:49:6e:67:4d:36:b4:86: e0:d8:5f:e6:25:a0:c6:99:a7:67:f0:b8:a8:3b:df:ef:73:f0: cb:e5:b4:80:b5:c7:ff:ec:da:99:df:4e:9e:f6:29:5d:00:9f: 6b:b9:6c:44:f2:0f:2a:0e:91:e1:53:b1:93:8c:74:65:13:a3: fc:0d:be:67:e0:8b:95:ba:54:51:17:70:9b:bf:c7:aa:51:1c: ca:f2:1c:d6:69:c1:58:8b:f8:2b:74:dc:25:0e:af:30:24:3b: b3:51:d0:81:8c:ea:8f:01:4c:dd:d3:c0:b4:d3:7a:65:9d:70: c6:72:2f:72:d9:ae:56:15:a1:da:38:b2:3b:03:bb:c5:6a:81: 3a:e2:66:2b:e1:02:98:75:bd:9a:1f:8c:d1:10:ef:d3:09:5d: e0:b2:18:6f:da:1b:5c:e8:a8:3b:31:63:d6:43:35:5d:e2:68: ce:52:db:a3:62:3a:5a:5e:c2:27:9c:2f:30:b7:7b:dc:2d:c8: 10:b7:9a:39:36:95:6d:8f:0c:c4:1d:3d:33:8b:66:3b:f1:59: 5c:10:3a:fa:c2:65:ca:98:ce:12:bf:90:00:92:80:fd:4a:6a: 35:a6:97:58:26:04:11:76:15:84:4c:4f:1b:13:72:4c:cd:1b: 35:1a:1c:33 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGHgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDE4NTVCOERENTFBRTM0 NTY1NTM0NDJBNDk0QUEzRUJBNTI5REFCMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8KfwE4MoG8xrdgN5B/9Xbztq5IPEPKQ6jdGwy0f1CDoS+Vjde DLqP88d3FQjvX5j3RknBIthHQivUOt0MHWu4Uipa/IhQY7QZfqykpngtPBNGbuyl 6ms/FrVTKmbt1RGZj79B1/5ql/KtyT8mo/O+SVr9I9Fq43tyo70PUKTpQv9F+Szg VD3oLg78bVF9aXR/gWMLeueaafM+JskN+eI0+yijjtbE+e5awqiEpRzXzrn1yC4G 6JKgl44U1NJN/EDrz/snOpukqXQOFgpHSqKu6T7pIgVPTnK99SZDbhdOGEI7DBT3 7CJzT7wda/HuxsQ1HzqR7fbmFj5SDpjXKKcfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUGFW43VGuNFZVNEKklKo+ulKdqxkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0dGVzQzVkd1TkZaVk5F S2tsS28tdWxLZHF4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RYwDQYJKoZIhvcNAQELBQADggEBAFgbL6TXDUnEIp2oSW5nTTa0huDYX+Yl oMaZp2fwuKg73+9z8MvltIC1x//s2pnfTp72KV0An2u5bETyDyoOkeFTsZOMdGUT o/wNvmfgi5W6VFEXcJu/x6pRHMryHNZpwViL+Ct03CUOrzAkO7NR0IGM6o8BTN3T wLTTemWdcMZyL3LZrlYVodo4sjsDu8VqgTriZivhAph1vZofjNEQ79MJXeCyGG/a G1zoqDsxY9ZDNV3iaM5S26NiOlpewiecLzC3e9wtyBC3mjk2lW2PDMQdPTOLZjvx WVwQOvrCZcqYzhK/kACSgP1KajWml1gmBBF2FYRMTxsTckzNGzUaHDM= -----END CERTIFICATE-----Generated at Fri Apr 4 18:38:51 2025 by rpki-client