$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/H4b395ui10A_5p53IBUlfGJYei8.roa File: H4b395ui10A_5p53IBUlfGJYei8.roa (raw, json) Hash identifier: Cj6iy2cQ/DZK+OduX1yeox9EJ0IGvdLQvikfNGf/554= Subject key identifier: 1F:86:F7:F7:9B:A2:D7:40:3F:E6:9E:77:20:15:25:7C:62:58:7A:2F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1887 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/H4b395ui10A_5p53IBUlfGJYei8.roa Signing time: Fri 17 Jan 2025 01:25:11 +0000 ROA not before: Fri 17 Jan 2025 01:25:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6279 (0x1887) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:11 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1F86F7F79BA2D7403FE69E772015257C62587A2F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:43:66:65:8f:4e:b7:2f:f8:44:a7:e6:08:22: bb:6b:26:8a:39:18:a3:24:08:5e:69:32:23:1b:e9: 8c:5e:2b:b1:2a:49:9d:60:ce:0c:c5:5f:25:85:3c: 82:e4:3e:8b:85:1e:76:34:7e:95:a6:f4:37:3e:54: bd:b4:14:ec:45:af:f9:37:44:ef:67:bc:30:1e:c3: 68:93:7c:3f:c5:29:03:47:9b:af:82:0c:bf:a7:1f: 6d:fa:97:42:60:cb:ef:1b:34:a9:81:1b:0d:e5:95: 56:bb:0d:44:33:54:67:f5:d9:ba:df:12:29:bb:fb: b9:5f:2b:ac:7a:dd:d2:e6:18:72:19:ab:62:bf:fa: 40:d4:3b:b3:03:90:6f:bb:eb:f3:b4:95:33:2a:a4: c6:75:39:d7:26:67:87:f4:12:9f:ac:f9:65:7e:86: d3:76:b8:80:ed:0c:5e:10:7c:40:77:2d:85:ae:d5: 8e:4d:b0:15:b5:f9:33:99:9e:0a:bf:bb:cd:38:5a: 22:34:bc:eb:65:78:ca:b6:1d:ab:d8:26:96:2b:a7: a3:f6:16:88:e6:72:ee:c6:2c:d2:69:8f:a9:32:24: bc:43:d6:62:d2:2f:08:57:06:07:dd:28:b3:e8:c6: c0:22:7f:82:aa:42:36:80:b0:ab:5f:e0:b2:d9:ab: 9b:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:86:F7:F7:9B:A2:D7:40:3F:E6:9E:77:20:15:25:7C:62:58:7A:2F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/H4b395ui10A_5p53IBUlfGJYei8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.42.0/24 Signature Algorithm: sha256WithRSAEncryption 58:f2:ee:11:b0:3b:9a:f4:49:33:ba:b5:3d:36:35:18:f3:35: ee:73:4e:1f:95:e8:af:9a:47:ef:b8:97:dd:92:01:04:a0:0a: f9:ed:c1:0c:4d:03:21:74:b4:9f:18:c0:cb:09:0d:13:46:72: d4:b0:b4:87:d6:d6:0a:99:09:fd:a0:6a:a4:98:1e:a0:89:3b: b9:50:91:13:7b:9e:96:20:05:f8:44:6e:e6:3b:1e:59:e5:f9: 93:15:9a:0c:b9:8a:ad:61:5f:ea:3b:af:70:5a:af:4f:fb:70: 36:b8:28:7f:d4:0f:b8:b8:fe:18:3a:4f:ca:11:aa:e2:3d:40: 05:16:49:cf:7f:9d:2c:fd:d4:a3:7c:48:07:7c:aa:8d:6c:00: c0:b2:de:bd:0d:f0:c6:4f:a2:b1:da:25:f7:d6:d0:b8:ea:df: ad:b2:ff:62:7a:0b:56:20:a0:16:d4:62:e3:f6:53:a6:54:cf: 16:aa:61:0a:28:0b:5b:15:93:46:74:d5:56:fc:e0:0f:fb:83: fe:c8:28:ce:5c:69:f7:28:8f:86:0f:9f:11:22:d8:ad:f2:ab: 1e:45:b8:55:50:18:26:2f:a8:55:a6:0f:ab:92:99:0e:6c:00: fc:0f:51:e1:af:90:f5:e3:8e:b8:96:91:a4:00:1e:e5:2f:1a: a2:3d:d3:fb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFGODZGN0Y3OUJBMkQ3 NDAzRkU2OUU3NzIwMTUyNTdDNjI1ODdBMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiQ2Zlj063L/hEp+YIIrtrJoo5GKMkCF5pMiMb6YxeK7EqSZ1g zgzFXyWFPILkPouFHnY0fpWm9Dc+VL20FOxFr/k3RO9nvDAew2iTfD/FKQNHm6+C DL+nH236l0Jgy+8bNKmBGw3llVa7DUQzVGf12brfEim7+7lfK6x63dLmGHIZq2K/ +kDUO7MDkG+76/O0lTMqpMZ1OdcmZ4f0Ep+s+WV+htN2uIDtDF4QfEB3LYWu1Y5N sBW1+TOZngq/u804WiI0vOtleMq2HavYJpYrp6P2Fojmcu7GLNJpj6kyJLxD1mLS LwhXBgfdKLPoxsAif4KqQjaAsKtf4LLZq5sXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUH4b395ui10A/5p53IBUlfGJYei8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0g0YjM5NXVpMTBBXzVw NTNJQlVsZkdKWWVpOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SowDQYJKoZIhvcNAQELBQADggEBAFjy7hGwO5r0STO6tT02NRjzNe5zTh+V 6K+aR++4l92SAQSgCvntwQxNAyF0tJ8YwMsJDRNGctSwtIfW1gqZCf2gaqSYHqCJ O7lQkRN7npYgBfhEbuY7Hlnl+ZMVmgy5iq1hX+o7r3Bar0/7cDa4KH/UD7i4/hg6 T8oRquI9QAUWSc9/nSz91KN8SAd8qo1sAMCy3r0N8MZPorHaJffW0Ljq362y/2J6 C1YgoBbUYuP2U6ZUzxaqYQooC1sVk0Z01Vb84A/7g/7IKM5cafcoj4YPnxEi2K3y qx5FuFVQGCYvqFWmD6uSmQ5sAPwPUeGvkPXjjriWkaQAHuUvGqI90/s= -----END CERTIFICATE-----Generated at Fri Apr 4 18:42:09 2025 by rpki-client