$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/LkAtOeC7A5n7pggzbI0ja28VN_c.roa File: LkAtOeC7A5n7pggzbI0ja28VN_c.roa (raw, json) Hash identifier: AHFrKojfNInO1V+SOo4FO3/53jsoQ/LXfKEW55Rx7IY= Subject key identifier: 2E:40:2D:39:E0:BB:03:99:FB:A6:08:33:6C:8D:23:6B:6F:15:37:F7 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 190A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/LkAtOeC7A5n7pggzbI0ja28VN_c.roa Signing time: Fri 17 Jan 2025 01:25:59 +0000 ROA not before: Fri 17 Jan 2025 01:25:59 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.36.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6410 (0x190a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:59 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2E402D39E0BB0399FBA608336C8D236B6F1537F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:72:74:d9:ff:c3:6d:a8:b3:1d:ad:d7:39:ae: d3:28:be:90:65:c6:2d:d6:c0:fa:1a:71:49:59:d2: 52:24:6a:4e:7c:12:07:83:e0:c8:e5:e4:e0:7c:b6: 3b:c0:8e:51:50:5d:3d:36:bb:e8:db:14:0f:e8:17: 28:75:e5:27:79:9b:dc:42:bf:5b:7d:3c:8e:5b:37: cc:0b:5c:97:31:15:bf:67:97:cc:81:11:0a:00:5f: e7:fd:f3:a6:94:69:47:f3:eb:90:c0:8f:9e:55:71: 1d:e1:6a:2b:ef:94:9f:2f:ca:8d:8b:f1:3e:20:4e: 5b:74:aa:41:f1:ad:ac:6b:e1:ce:60:4c:9e:52:ba: c6:08:7b:d8:59:22:d1:3e:c7:0c:d5:01:5e:b4:8e: e0:62:76:63:66:05:3c:08:be:1d:0f:42:d3:ad:ea: d2:8e:a6:ab:47:fc:08:56:97:aa:74:1f:24:20:26: d3:21:97:67:bd:5d:d7:c7:2a:14:17:b9:6f:eb:6a: 89:e4:80:a3:b6:de:a8:84:0b:67:d1:94:23:2c:65: dc:93:53:90:f0:88:97:0c:07:4f:1c:c0:cd:19:68: 1a:39:60:6d:7c:9a:af:f5:05:30:36:08:6b:61:ac: e0:2e:91:e4:62:3c:54:38:2a:2e:77:28:bc:72:7a: 92:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:40:2D:39:E0:BB:03:99:FB:A6:08:33:6C:8D:23:6B:6F:15:37:F7 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/LkAtOeC7A5n7pggzbI0ja28VN_c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.36.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:80:4c:1e:b3:94:07:de:ca:27:67:4b:78:d5:c4:a9:cd:48: d8:09:1b:57:f1:a9:44:b5:5f:a9:cf:44:f6:cb:f9:31:7c:9d: b0:fa:a7:e7:92:f7:89:3b:8d:56:44:4f:39:92:06:0e:d6:08: c5:96:f9:52:9d:3e:15:46:fb:81:55:58:c6:e0:7d:fc:2b:bb: 85:6e:1c:c7:08:6a:a8:c1:6f:2d:f9:79:f4:3d:eb:d1:aa:36: e7:67:7a:dc:f4:ef:df:6c:f9:d2:0b:c1:0f:ee:21:53:e4:ab: 75:90:a0:c2:6a:cc:e7:2f:15:4f:18:6b:d8:56:d4:58:12:6d: 06:4e:f1:92:40:0f:f1:ba:16:5b:26:69:0d:27:87:06:e7:30: f1:20:a9:21:fc:1f:71:46:81:d3:11:e6:5c:10:71:ec:d4:a5: c0:8f:15:12:d3:7a:e1:2c:5a:8c:dd:cb:11:75:04:f3:93:2d: 53:bd:7f:b0:c2:a4:c0:68:28:1f:ab:a5:3f:4e:01:d7:c9:5b: e7:9c:f3:71:54:9a:78:4e:a7:a2:c6:1e:55:16:54:48:d0:2c: 65:a5:4b:eb:36:39:61:14:2d:52:83:a4:03:4f:f7:eb:86:54: 20:2f:62:56:6f:5e:b5:e8:d0:bc:cd:1e:e6:5e:38:d2:be:9b: 71:59:c3:dc -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1NTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJFNDAyRDM5RTBCQjAz OTlGQkE2MDgzMzZDOEQyMzZCNkYxNTM3RjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDwcnTZ/8NtqLMdrdc5rtMovpBlxi3WwPoacUlZ0lIkak58EgeD 4Mjl5OB8tjvAjlFQXT02u+jbFA/oFyh15Sd5m9xCv1t9PI5bN8wLXJcxFb9nl8yB EQoAX+f986aUaUfz65DAj55VcR3haivvlJ8vyo2L8T4gTlt0qkHxraxr4c5gTJ5S usYIe9hZItE+xwzVAV60juBidmNmBTwIvh0PQtOt6tKOpqtH/AhWl6p0HyQgJtMh l2e9XdfHKhQXuW/raonkgKO23qiEC2fRlCMsZdyTU5DwiJcMB08cwM0ZaBo5YG18 mq/1BTA2CGthrOAukeRiPFQ4Ki53KLxyepIjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQULkAtOeC7A5n7pggzbI0ja28VN/cwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0xrQXRPZUM3QTVuN3Bn Z3piSTBqYTI4Vk5fYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SQwDQYJKoZIhvcNAQELBQADggEBADuATB6zlAfeyidnS3jVxKnNSNgJG1fx qUS1X6nPRPbL+TF8nbD6p+eS94k7jVZETzmSBg7WCMWW+VKdPhVG+4FVWMbgffwr u4VuHMcIaqjBby35efQ969GqNudnetz0799s+dILwQ/uIVPkq3WQoMJqzOcvFU8Y a9hW1FgSbQZO8ZJAD/G6FlsmaQ0nhwbnMPEgqSH8H3FGgdMR5lwQcezUpcCPFRLT euEsWozdyxF1BPOTLVO9f7DCpMBoKB+rpT9OAdfJW+ec83FUmnhOp6LGHlUWVEjQ LGWlS+s2OWEULVKDpANP9+uGVCAvYlZvXrXo0LzNHuZeONK+m3FZw9w= -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:41 2025 by rpki-client