$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/HxVDoefzwvCfFozHip5eHMD7rD0.roa File: HxVDoefzwvCfFozHip5eHMD7rD0.roa (raw, json) Hash identifier: LyzUt2EpuIq/sot7lKLrojdEOVS9qBt4kZKJ41E+HtQ= Subject key identifier: 1F:15:43:A1:E7:F3:C2:F0:9F:16:8C:C7:8A:9E:5E:1C:C0:FB:AC:3D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 18DB Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HxVDoefzwvCfFozHip5eHMD7rD0.roa Signing time: Fri 17 Jan 2025 01:25:41 +0000 ROA not before: Fri 17 Jan 2025 01:25:41 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 24373 IP address blocks: 103.221.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6363 (0x18db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:41 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1F1543A1E7F3C2F09F168CC78A9E5E1CC0FBAC3D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4d:61:17:24:0b:f8:83:77:44:8e:cf:7a:7c: bd:90:3d:7a:31:55:0f:78:2e:7c:c9:6b:fa:f2:37: 93:11:19:f6:57:59:0c:02:c8:de:2d:19:91:f5:25: 28:06:9e:2f:94:cb:ec:8e:ed:4a:67:57:70:56:5f: 4a:92:5d:b8:6c:33:fa:d8:15:7c:88:ee:3e:00:37: f6:a6:24:73:96:4a:46:9a:fe:a3:b5:04:d8:99:58: 27:ab:09:1a:21:da:be:3a:ff:2f:a8:84:88:6a:51: 7f:77:23:db:db:4a:f3:cc:59:0a:d6:e9:73:bf:23: 3f:c6:8e:1d:dc:2a:dd:d3:11:e3:f1:f6:2e:a4:19: d7:f6:38:62:3a:4a:ee:20:6c:00:0f:e2:4d:da:e7: 2d:23:5c:98:b6:a0:60:2f:d0:a1:69:23:0b:c2:83: 70:df:a7:36:92:39:8b:b6:df:35:cb:6e:4a:19:47: 2d:33:bb:10:21:75:5d:0a:36:5a:10:2a:c3:1f:68: dd:67:91:a7:ec:28:72:02:f7:fe:e9:a7:85:aa:ba: 61:1e:d6:7c:50:6d:6f:07:d9:42:04:c2:18:5c:fd: 4d:a5:27:90:c1:f2:b5:fe:95:35:17:45:89:21:a4: 75:dd:10:b4:8e:8e:02:cc:6a:e2:ee:0a:21:a1:33: 15:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:15:43:A1:E7:F3:C2:F0:9F:16:8C:C7:8A:9E:5E:1C:C0:FB:AC:3D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/HxVDoefzwvCfFozHip5eHMD7rD0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.28.0/22 Signature Algorithm: sha256WithRSAEncryption bd:7f:e8:d7:5c:aa:80:e4:79:72:ab:c7:73:6c:db:5d:0c:b9: 43:2b:79:9c:3b:15:59:a8:cd:ca:fe:57:7c:89:cd:cb:5b:b1: 73:fd:58:da:b2:be:73:96:57:de:ea:16:a7:8b:90:ab:a9:35: 03:79:a8:d8:d4:f6:39:c1:bd:df:63:b3:88:1b:c4:f3:b6:e8: e5:a0:b9:21:47:4c:11:e4:6c:27:7c:0e:7d:eb:39:81:12:1c: 1d:37:84:d6:7d:46:8f:1d:11:84:9f:c5:1f:eb:8b:c7:30:0c: d5:a9:1d:c8:b5:84:cd:ef:85:1d:ad:ac:d0:a8:64:ac:2e:64: f4:f9:4e:5b:c7:54:88:cd:88:47:b4:05:b6:ec:52:0c:26:12: b8:4b:6f:9b:76:59:90:2d:44:3a:df:b5:4e:a8:e1:ce:69:d6: bc:34:da:7d:53:00:fa:3e:08:84:a8:b1:6f:93:77:76:c6:26: 7e:52:7f:d5:53:e4:3f:bc:1b:51:c2:d3:94:f6:62:0e:6e:1d: fa:95:39:b6:a1:89:2d:d6:94:98:f0:bd:ab:9f:50:ec:01:0d: d2:d8:39:ff:1d:e5:7e:83:9c:38:b9:9a:7d:99:69:c3:79:88: dd:d1:ba:18:5a:b6:93:62:79:e1:32:c2:13:56:2f:6e:5e:2f: 43:c5:3e:4d -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1NDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFGMTU0M0ExRTdGM0My RjA5RjE2OENDNzhBOUU1RTFDQzBGQkFDM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPTWEXJAv4g3dEjs96fL2QPXoxVQ94LnzJa/ryN5MRGfZXWQwC yN4tGZH1JSgGni+Uy+yO7UpnV3BWX0qSXbhsM/rYFXyI7j4AN/amJHOWSkaa/qO1 BNiZWCerCRoh2r46/y+ohIhqUX93I9vbSvPMWQrW6XO/Iz/Gjh3cKt3TEePx9i6k Gdf2OGI6Su4gbAAP4k3a5y0jXJi2oGAv0KFpIwvCg3DfpzaSOYu23zXLbkoZRy0z uxAhdV0KNloQKsMfaN1nkafsKHIC9/7pp4WqumEe1nxQbW8H2UIEwhhc/U2lJ5DB 8rX+lTUXRYkhpHXdELSOjgLMauLuCiGhMxXRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUHxVDoefzwvCfFozHip5eHMD7rD0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0h4VkRvZWZ6d3ZDZkZv ekhpcDVlSE1EN3JEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RwwDQYJKoZIhvcNAQELBQADggEBAL1/6NdcqoDkeXKrx3Ns210MuUMreZw7 FVmozcr+V3yJzctbsXP9WNqyvnOWV97qFqeLkKupNQN5qNjU9jnBvd9js4gbxPO2 6OWguSFHTBHkbCd8Dn3rOYESHB03hNZ9Ro8dEYSfxR/ri8cwDNWpHci1hM3vhR2t rNCoZKwuZPT5TlvHVIjNiEe0BbbsUgwmErhLb5t2WZAtRDrftU6o4c5p1rw02n1T APo+CISosW+Td3bGJn5Sf9VT5D+8G1HC05T2Yg5uHfqVObahiS3WlJjwvaufUOwB DdLYOf8d5X6DnDi5mn2ZacN5iN3RuhhatpNieeEywhNWL25eL0PFPk0= -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:20 2025 by rpki-client