$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/J0wqDBS1W1M27rcU6tXXEBRqRZI.roa File: J0wqDBS1W1M27rcU6tXXEBRqRZI.roa (raw, json) Hash identifier: 3+X33/0QDF6MsC6Wgy7yG+xBp/E+C2E4sbRcI+jGMSw= Subject key identifier: 27:4C:2A:0C:14:B5:5B:53:36:EE:B7:14:EA:D5:D7:10:14:6A:45:92 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1869 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/J0wqDBS1W1M27rcU6tXXEBRqRZI.roa Signing time: Fri 17 Jan 2025 01:25:02 +0000 ROA not before: Fri 17 Jan 2025 01:25:02 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.6.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6249 (0x1869) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:02 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=274C2A0C14B55B5336EEB714EAD5D710146A4592 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:2c:54:d3:9a:1a:45:7d:98:c8:10:9b:c5:0a: 39:96:88:b4:33:29:6e:3c:b2:1b:00:0f:ce:51:e8: 89:d9:a3:4e:99:05:80:d1:23:1e:9a:ab:aa:cf:2d: c2:72:7d:26:46:f0:71:e0:6f:cc:be:83:c7:40:5d: 2d:5d:e4:a7:0e:5e:fb:a1:e7:39:9f:0f:ba:ae:5a: d4:18:f1:08:d8:c9:83:01:48:68:5b:40:bd:32:09: b3:34:cc:db:73:0b:e5:23:f6:ae:30:d9:4d:30:93: fb:b6:3f:1b:0f:d7:5d:c8:3b:77:5a:9a:03:a3:a1: b1:d4:06:52:16:bd:5a:b0:5e:b1:00:cc:44:d2:10: 93:9a:19:d3:fb:2b:b0:e2:57:58:0e:a7:e8:61:51: e2:40:4c:c5:0b:fc:2f:9a:53:a1:d8:20:bb:2c:87: 1f:38:6a:80:83:d5:0c:32:b3:66:9a:cd:c2:ea:8e: 40:05:9a:b2:f8:38:4a:50:bd:42:7c:44:57:3b:3d: 63:f9:3e:bc:86:c6:ee:6f:bd:61:5e:af:72:84:33: ba:85:ac:bd:6b:f5:99:88:df:ff:c1:93:35:09:f6: e0:ba:11:4b:0a:6e:62:d5:28:f0:60:9f:7b:66:6c: 92:4c:2d:71:71:1a:05:bb:fa:12:68:14:8c:ec:46: 1e:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:4C:2A:0C:14:B5:5B:53:36:EE:B7:14:EA:D5:D7:10:14:6A:45:92 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/J0wqDBS1W1M27rcU6tXXEBRqRZI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.6.109.0/24 Signature Algorithm: sha256WithRSAEncryption 90:3b:cd:a2:de:0f:fc:95:4c:14:bd:db:a8:6f:9b:0c:cc:30: 7d:b9:c3:08:c1:4a:44:06:a6:3c:17:07:bb:41:8b:31:01:c3: 48:e4:1b:7f:93:03:4e:fe:3e:a9:74:9d:fc:06:f0:d4:12:ac: 44:04:30:54:6b:d8:01:0a:a5:b7:c9:06:4b:3a:cc:68:ed:ca: a1:27:e0:5e:0f:b4:34:ff:f8:5f:8e:8c:c0:72:53:02:34:3f: 61:40:f9:b1:ce:ea:3c:d7:fc:aa:2a:5c:48:79:fb:28:b9:8b: ea:6f:cc:95:1c:83:c2:28:d4:1a:45:13:2b:bc:b6:1e:cd:50: 47:f0:f1:40:9a:4f:cd:62:cb:75:15:8a:1e:d2:3a:32:7b:ee: 38:ac:6b:07:6c:f9:9e:34:a0:05:c7:f7:08:41:1e:4c:19:72: c4:74:98:5f:88:d2:30:c8:2f:67:88:36:53:f8:12:2d:20:85: 9f:94:c9:be:09:21:b1:f0:7d:ca:29:4e:64:d0:81:f7:68:27: 60:05:b8:95:9a:e3:22:e4:da:01:23:5b:55:45:42:a1:64:81: 84:f0:e0:c0:0e:05:68:ef:87:f0:d3:8c:81:f8:73:96:fc:88: 05:0d:df:2d:18:3f:89:3f:a2:40:4a:b6:7d:46:2e:e1:da:44: dd:50:d8:54 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI3NEMyQTBDMTRCNTVC NTMzNkVFQjcxNEVBRDVENzEwMTQ2QTQ1OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTLFTTmhpFfZjIEJvFCjmWiLQzKW48shsAD85R6InZo06ZBYDR Ix6aq6rPLcJyfSZG8HHgb8y+g8dAXS1d5KcOXvuh5zmfD7quWtQY8QjYyYMBSGhb QL0yCbM0zNtzC+Uj9q4w2U0wk/u2PxsP113IO3damgOjobHUBlIWvVqwXrEAzETS EJOaGdP7K7DiV1gOp+hhUeJATMUL/C+aU6HYILsshx84aoCD1Qwys2aazcLqjkAF mrL4OEpQvUJ8RFc7PWP5PryGxu5vvWFer3KEM7qFrL1r9ZmI3//BkzUJ9uC6EUsK bmLVKPBgn3tmbJJMLXFxGgW7+hJoFIzsRh4tAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUJ0wqDBS1W1M27rcU6tXXEBRqRZIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0owd3FEQlMxVzFNMjdy Y1U2dFhYRUJScVJaSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnBm0wDQYJKoZIhvcNAQELBQADggEBAJA7zaLeD/yVTBS926hvmwzMMH25wwjB SkQGpjwXB7tBizEBw0jkG3+TA07+Pql0nfwG8NQSrEQEMFRr2AEKpbfJBks6zGjt yqEn4F4PtDT/+F+OjMByUwI0P2FA+bHO6jzX/KoqXEh5+yi5i+pvzJUcg8Io1BpF Eyu8th7NUEfw8UCaT81iy3UVih7SOjJ77jisawds+Z40oAXH9whBHkwZcsR0mF+I 0jDIL2eINlP4Ei0ghZ+Uyb4JIbHwfcopTmTQgfdoJ2AFuJWa4yLk2gEjW1VFQqFk gYTw4MAOBWjvh/DTjIH4c5b8iAUN3y0YP4k/okBKtn1GLuHaRN1Q2FQ= -----END CERTIFICATE-----Generated at Fri Apr 4 18:43:23 2025 by rpki-client