$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Sty8qxnqL5jxSejtHCNxfg2Gwdw.roa File: Sty8qxnqL5jxSejtHCNxfg2Gwdw.roa (raw, json) Hash identifier: SqFoUNcByDedJW7lMIDRsscBejtGgGFvYLcwtKI2IiI= Subject key identifier: 4A:DC:BC:AB:19:EA:2F:98:F1:49:E8:ED:1C:23:71:7E:0D:86:C1:DC Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1831 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Sty8qxnqL5jxSejtHCNxfg2Gwdw.roa Signing time: Fri 17 Jan 2025 01:24:43 +0000 ROA not before: Fri 17 Jan 2025 01:24:43 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.221.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6193 (0x1831) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:43 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4ADCBCAB19EA2F98F149E8ED1C23717E0D86C1DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:5c:0f:09:12:2c:c4:ac:6f:9a:29:d5:d6:a5: 1a:cd:4f:c5:25:70:cd:ad:87:59:03:3e:0d:cc:81: b7:7a:bb:a5:c6:28:5d:3d:53:7a:76:cf:4d:45:87: ec:b1:f3:3f:9a:4a:19:ce:e4:59:70:7b:03:08:df: 2e:27:69:28:52:22:30:54:5d:ff:d1:9a:d8:06:7f: b3:59:df:c8:f2:d0:c3:30:a6:7f:43:52:0d:0d:31: 2e:ec:fa:f3:46:f0:09:d9:68:2f:9b:3a:55:09:0c: 8f:4f:1d:d9:5b:5a:aa:8a:c6:a4:d6:c3:d4:49:c1: d6:9f:6b:ca:ac:2e:a2:c4:36:e0:e9:e3:0e:46:e7: 96:a0:b4:1b:f2:ce:cc:a1:12:d5:34:53:00:2f:02: e6:83:c7:19:ea:20:ae:8a:31:98:94:b1:5a:dc:d2: f1:78:0f:dc:0d:03:07:72:98:73:b9:e5:12:5f:79: fc:8f:27:68:e1:11:6a:a9:d2:e4:87:ea:9d:dd:e5: 5e:05:bf:42:85:0b:6e:76:93:c7:8c:89:bf:bd:ae: ef:7a:b2:8d:99:a9:e8:ce:b8:20:fc:8d:11:4f:44: e6:88:5c:6b:d1:6c:85:31:67:f1:ce:bd:0f:67:d7: a1:bd:13:55:54:26:30:df:fe:22:c9:e7:84:b6:04: 78:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:DC:BC:AB:19:EA:2F:98:F1:49:E8:ED:1C:23:71:7E:0D:86:C1:DC X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Sty8qxnqL5jxSejtHCNxfg2Gwdw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.0.0/24 Signature Algorithm: sha256WithRSAEncryption c0:7f:3b:32:f8:f2:ff:7a:c3:17:58:e1:67:cf:60:88:74:a6: 52:85:4c:27:c5:97:ec:ec:08:28:0d:06:05:6d:1f:e4:3b:d5: f9:e6:7b:be:3b:5b:54:fa:88:f8:16:78:05:d3:2f:fb:29:da: 72:1f:db:f3:c6:eb:72:53:84:d4:b4:97:47:41:0b:a3:e5:15: 8e:d9:db:99:95:07:07:8b:05:4c:85:1b:bc:50:7b:a6:8c:e3: 36:62:a0:71:38:fc:44:82:41:05:a7:d4:16:89:eb:cc:6f:14: d7:5f:ac:d9:ef:ce:6a:db:73:73:a3:7a:35:9f:b2:fa:4d:19: 80:39:b4:e1:31:fe:e5:3d:e0:a4:64:80:39:4d:db:fa:74:0a: 07:ca:77:9d:e1:0b:3d:65:6a:d5:62:e4:fc:2a:c2:58:da:c2: 33:3c:d4:66:7a:d0:55:db:30:4e:3b:d3:dc:8d:e1:de:29:80: ab:48:1a:e6:28:02:aa:2f:af:18:70:31:7d:5b:87:7a:27:05: 56:0b:d3:d7:a9:06:65:ec:55:28:96:7c:7c:2b:2c:93:b5:a8: c4:8f:79:a7:22:2d:62:6a:93:2c:fa:70:b3:19:72:e7:d8:16: 47:56:78:69:ca:a9:7b:23:22:40:b5:18:67:d8:e2:b2:82:2a: ec:40:85:5c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGDEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRBRENCQ0FCMTlFQTJG OThGMTQ5RThFRDFDMjM3MTdFMEQ4NkMxREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCkXA8JEizErG+aKdXWpRrNT8UlcM2th1kDPg3Mgbd6u6XGKF09 U3p2z01Fh+yx8z+aShnO5FlwewMI3y4naShSIjBUXf/RmtgGf7NZ38jy0MMwpn9D Ug0NMS7s+vNG8AnZaC+bOlUJDI9PHdlbWqqKxqTWw9RJwdafa8qsLqLENuDp4w5G 55agtBvyzsyhEtU0UwAvAuaDxxnqIK6KMZiUsVrc0vF4D9wNAwdymHO55RJfefyP J2jhEWqp0uSH6p3d5V4Fv0KFC252k8eMib+9ru96so2ZqejOuCD8jRFPROaIXGvR bIUxZ/HOvQ9n16G9E1VUJjDf/iLJ54S2BHjHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUSty8qxnqL5jxSejtHCNxfg2GwdwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1N0eThxeG5xTDVqeFNl anRIQ054ZmcyR3dkdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QAwDQYJKoZIhvcNAQELBQADggEBAMB/OzL48v96wxdY4WfPYIh0plKFTCfF l+zsCCgNBgVtH+Q71fnme747W1T6iPgWeAXTL/sp2nIf2/PG63JThNS0l0dBC6Pl FY7Z25mVBweLBUyFG7xQe6aM4zZioHE4/ESCQQWn1BaJ68xvFNdfrNnvzmrbc3Oj ejWfsvpNGYA5tOEx/uU94KRkgDlN2/p0CgfKd53hCz1latVi5PwqwljawjM81GZ6 0FXbME4709yN4d4pgKtIGuYoAqovrxhwMX1bh3onBVYL09epBmXsVSiWfHwrLJO1 qMSPeaciLWJqkyz6cLMZcufYFkdWeGnKqXsjIkC1GGfY4rKCKuxAhVw= -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:45 2025 by rpki-client