$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/PFM9Hp-HHQZBCCC6yLnpa0Du8Ew.roa File: PFM9Hp-HHQZBCCC6yLnpa0Du8Ew.roa (raw, json) Hash identifier: 6LzgJRYsm1KGRc+yIo0jn29YJ0zEgQSn82HycDjvGSo= Subject key identifier: 3C:53:3D:1E:9F:87:1D:06:41:08:20:BA:C8:B9:E9:6B:40:EE:F0:4C Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1883 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PFM9Hp-HHQZBCCC6yLnpa0Du8Ew.roa Signing time: Fri 17 Jan 2025 01:25:10 +0000 ROA not before: Fri 17 Jan 2025 01:25:10 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 24373 IP address blocks: 103.221.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6275 (0x1883) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:10 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3C533D1E9F871D06410820BAC8B9E96B40EEF04C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:cd:4e:0f:21:a7:13:d7:d5:81:05:88:d9:21: 69:8a:c6:bd:b7:fd:e6:0b:e6:95:c0:76:8d:b9:01: 08:85:72:74:b2:9f:b4:31:19:8b:37:6c:a6:32:2e: c0:89:a6:42:f9:0f:6d:a5:0e:d2:e3:88:16:ab:3e: 3c:bb:9c:7f:4b:05:42:48:ab:a9:81:ca:29:3c:3a: 63:83:3c:d8:df:c8:38:f6:b4:5e:2f:98:1e:a3:b6: 69:ff:75:d9:e9:d7:99:5b:3c:65:9a:01:10:4f:8d: 7f:01:15:4c:ac:9b:5a:a2:6b:5c:07:b3:de:ce:70: 14:19:bf:20:39:d0:76:f1:40:03:61:48:ba:7f:58: c7:da:9a:a7:8f:df:04:4d:4d:b8:4f:27:9e:8f:2b: 75:5b:45:21:0f:f9:e9:e2:45:75:2e:19:fa:3d:5d: 57:6f:d3:0c:42:57:8c:f6:61:a1:f5:e6:c0:b3:af: f7:10:02:20:6c:6e:fd:a9:39:0f:db:66:e7:43:f5: d6:98:6e:5c:cd:b9:ef:38:f1:7e:05:50:18:78:05: 74:d8:d1:63:44:ad:3b:84:0f:3d:0d:65:ff:1e:d8: fb:a5:47:76:1c:f2:f8:7c:cf:4c:4e:09:72:1b:49: d1:6e:1c:b6:b2:0d:f0:0c:bb:6e:be:34:73:b5:f2: f5:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:53:3D:1E:9F:87:1D:06:41:08:20:BA:C8:B9:E9:6B:40:EE:F0:4C X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PFM9Hp-HHQZBCCC6yLnpa0Du8Ew.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.0.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:98:f9:16:c3:7d:3c:ff:9e:2d:7c:e3:85:dd:8b:9f:8e:bc: c3:83:c5:cb:76:fe:c5:7c:81:a0:a2:c4:c8:93:5b:f4:4d:41: b3:02:8f:c4:f0:21:99:a8:c9:bf:d8:26:ce:53:ef:35:72:68: fc:c3:00:7d:3e:ee:ce:bb:29:54:4c:66:62:fb:87:76:4a:1c: cb:3a:bc:ea:c6:8f:b6:30:1c:29:fd:e3:29:58:81:c6:d1:ac: 79:2f:a8:01:81:25:67:21:e6:11:e9:49:3a:25:e9:17:23:24: 50:cb:f4:51:9f:52:11:46:c5:50:20:9d:04:32:59:41:25:8d: 1c:f0:90:9f:55:84:ff:ea:14:17:04:62:73:5a:a3:cc:c2:dd: 57:e5:b1:53:7b:c3:c0:af:ca:3f:f5:5f:7e:10:56:69:95:82: 4d:08:6d:96:86:41:3c:9b:1c:78:66:c4:11:6a:c8:de:f7:37: 37:21:70:f7:6e:f1:30:7d:fc:72:96:98:1a:10:bc:7f:7c:63: 53:df:6d:fc:e3:47:99:c2:e7:0a:a9:18:b3:0e:88:17:28:ec: be:ba:22:b5:46:f8:92:e9:e1:04:c3:7a:ca:c0:2d:97:ad:bd: 35:25:9a:ff:39:ce:96:67:86:87:30:ae:de:8f:78:27:3f:1b: 09:ab:86:40 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNDNTMzRDFFOUY4NzFE MDY0MTA4MjBCQUM4QjlFOTZCNDBFRUYwNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+zU4PIacT19WBBYjZIWmKxr23/eYL5pXAdo25AQiFcnSyn7Qx GYs3bKYyLsCJpkL5D22lDtLjiBarPjy7nH9LBUJIq6mByik8OmODPNjfyDj2tF4v mB6jtmn/ddnp15lbPGWaARBPjX8BFUysm1qia1wHs97OcBQZvyA50HbxQANhSLp/ WMfamqeP3wRNTbhPJ56PK3VbRSEP+eniRXUuGfo9XVdv0wxCV4z2YaH15sCzr/cQ AiBsbv2pOQ/bZudD9daYblzNue848X4FUBh4BXTY0WNErTuEDz0NZf8e2PulR3Yc 8vh8z0xOCXIbSdFuHLayDfAMu26+NHO18vVxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUPFM9Hp+HHQZBCCC6yLnpa0Du8EwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1BGTTlIcC1ISFFaQkND QzZ5TG5wYTBEdThFdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QAwDQYJKoZIhvcNAQELBQADggEBAA6Y+RbDfTz/ni1844Xdi5+OvMODxct2 /sV8gaCixMiTW/RNQbMCj8TwIZmoyb/YJs5T7zVyaPzDAH0+7s67KVRMZmL7h3ZK HMs6vOrGj7YwHCn94ylYgcbRrHkvqAGBJWch5hHpSTol6RcjJFDL9FGfUhFGxVAg nQQyWUEljRzwkJ9VhP/qFBcEYnNao8zC3VflsVN7w8Cvyj/1X34QVmmVgk0IbZaG QTybHHhmxBFqyN73NzchcPdu8TB9/HKWmBoQvH98Y1PfbfzjR5nC5wqpGLMOiBco 7L66IrVG+JLp4QTDesrALZetvTUlmv85zpZnhocwrt6PeCc/GwmrhkA= -----END CERTIFICATE-----Generated at Fri Apr 4 18:36:49 2025 by rpki-client