$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/JSkfxVYCCFB0G9-zCT3ZmoiQRQY.roa File: JSkfxVYCCFB0G9-zCT3ZmoiQRQY.roa (raw, json) Hash identifier: EukjkPnELKwWOx9vgwN2oD1PBFJqCZoiAo2Dv12feOU= Subject key identifier: 25:29:1F:C5:56:02:08:50:74:1B:DF:B3:09:3D:D9:9A:88:90:45:06 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 18DF Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/JSkfxVYCCFB0G9-zCT3ZmoiQRQY.roa Signing time: Fri 17 Jan 2025 01:25:43 +0000 ROA not before: Fri 17 Jan 2025 01:25:43 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.37.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6367 (0x18df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:43 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=25291FC556020850741BDFB3093DD99A88904506 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:b1:2c:fc:f2:da:da:94:fe:2b:9a:fa:4d:68: ce:8b:f7:0e:c1:f0:37:fd:f9:a2:b7:9b:26:d2:f4: 4c:91:5a:d7:31:27:a2:8f:6f:6b:b6:0f:da:11:d3: 0d:f6:12:09:18:7a:27:d4:84:e0:6b:44:65:33:58: aa:8f:a6:ed:e6:a0:2a:0d:61:a8:81:63:ab:6b:56: 01:ac:43:a0:cb:e8:74:09:ac:ae:53:48:15:f1:0d: 98:c9:79:a5:18:6d:29:30:0f:a7:b5:2d:43:c4:75: 89:4c:bd:2e:b7:b1:b9:c1:c2:bb:7b:f4:77:de:13: 24:73:d2:93:83:af:39:84:2a:c5:54:f8:4b:a3:c7: a6:0a:71:b8:2e:8c:7c:76:91:9d:a9:00:18:08:86: 62:7b:67:e1:c5:0d:9f:08:df:63:07:f3:1d:f2:f7: e8:04:43:03:94:b7:42:14:de:60:3e:fb:32:55:22: 46:c7:d8:17:a5:87:e7:a6:4d:c2:f0:8d:3f:27:f1: b7:cc:fa:0d:8d:9c:5a:3a:37:3b:f2:85:76:ca:3d: ca:55:12:e0:02:e4:e5:ef:8c:38:2e:a7:cc:7c:16: a0:40:9c:90:d5:6a:8a:6c:9d:fc:7a:41:1f:65:e3: 96:aa:35:08:8e:f0:05:45:15:81:ad:9a:bb:21:29: 49:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:29:1F:C5:56:02:08:50:74:1B:DF:B3:09:3D:D9:9A:88:90:45:06 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/JSkfxVYCCFB0G9-zCT3ZmoiQRQY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.37.0/24 Signature Algorithm: sha256WithRSAEncryption 40:e4:38:6a:36:14:3d:7c:ef:f6:f9:60:1f:cb:bb:3f:c6:e2: 60:40:f8:db:77:e5:ee:4e:ec:00:2a:6b:1c:fe:53:80:f5:fc: f5:f2:eb:5e:e6:93:88:83:26:74:78:e9:ac:61:32:d7:35:ce: eb:33:c2:e4:7f:2d:67:a7:61:eb:03:98:b2:0e:44:b9:9d:12: 01:82:d8:d1:b9:27:ec:32:ad:c4:09:cf:02:8f:7d:aa:31:5d: 8d:b9:eb:0c:f0:51:8d:0d:cd:02:5b:8e:4b:78:7c:82:47:8e: 29:e0:bd:b9:98:08:5b:f5:bb:75:c3:eb:5d:2a:05:32:95:5e: e3:01:ff:2c:cc:80:cc:fb:f4:d3:f9:dd:4f:9f:8f:41:33:eb: 75:24:d6:e5:80:d2:8a:80:4e:b8:6a:8b:ec:bd:e0:87:d6:bc: 6f:79:ae:97:37:4e:7d:98:ec:22:db:aa:64:d0:50:70:89:5d: 63:93:e2:3d:72:7d:58:eb:c1:ee:9b:34:62:04:98:21:37:e0: a2:82:35:2c:b5:8d:15:b9:b5:09:ec:bf:6e:95:0a:3e:75:41: 3e:5a:56:a8:56:52:26:3c:9c:ea:32:27:24:b3:f0:fb:05:cd: 07:0c:f7:9e:ed:20:72:d4:30:35:d8:8b:51:be:d7:95:54:7f: 98:34:e0:46 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDI1MjkxRkM1NTYwMjA4 NTA3NDFCREZCMzA5M0REOTlBODg5MDQ1MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDvsSz88tralP4rmvpNaM6L9w7B8Df9+aK3mybS9EyRWtcxJ6KP b2u2D9oR0w32EgkYeifUhOBrRGUzWKqPpu3moCoNYaiBY6trVgGsQ6DL6HQJrK5T SBXxDZjJeaUYbSkwD6e1LUPEdYlMvS63sbnBwrt79HfeEyRz0pODrzmEKsVU+Euj x6YKcbgujHx2kZ2pABgIhmJ7Z+HFDZ8I32MH8x3y9+gEQwOUt0IU3mA++zJVIkbH 2Belh+emTcLwjT8n8bfM+g2NnFo6NzvyhXbKPcpVEuAC5OXvjDgup8x8FqBAnJDV aopsnfx6QR9l45aqNQiO8AVFFYGtmrshKUlTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUJSkfxVYCCFB0G9+zCT3ZmoiQRQYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0pTa2Z4VllDQ0ZCMEc5 LXpDVDNabW9pUVJRWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SUwDQYJKoZIhvcNAQELBQADggEBAEDkOGo2FD187/b5YB/Luz/G4mBA+Nt3 5e5O7AAqaxz+U4D1/PXy617mk4iDJnR46axhMtc1zuszwuR/LWenYesDmLIORLmd EgGC2NG5J+wyrcQJzwKPfaoxXY256wzwUY0NzQJbjkt4fIJHjingvbmYCFv1u3XD 610qBTKVXuMB/yzMgMz79NP53U+fj0Ez63Uk1uWA0oqATrhqi+y94IfWvG95rpc3 Tn2Y7CLbqmTQUHCJXWOT4j1yfVjrwe6bNGIEmCE34KKCNSy1jRW5tQnsv26VCj51 QT5aVqhWUiY8nOoyJySz8PsFzQcM957tIHLUMDXYi1G+15VUf5g04EY= -----END CERTIFICATE-----Generated at Fri Apr 4 18:34:44 2025 by rpki-client