$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/UDmS5rNBwjxlHeIrknoErmrrejA.roa File: UDmS5rNBwjxlHeIrknoErmrrejA.roa (raw, json) Hash identifier: UNMv2MdDtL3NMrHWrbPVFgMuCpCobD8iitWhnCRIRsI= Subject key identifier: 50:39:92:E6:B3:41:C2:3C:65:1D:E2:2B:92:7A:04:AE:6A:EB:7A:30 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1896 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/UDmS5rNBwjxlHeIrknoErmrrejA.roa Signing time: Fri 17 Jan 2025 01:25:17 +0000 ROA not before: Fri 17 Jan 2025 01:25:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6294 (0x1896) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:17 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=503992E6B341C23C651DE22B927A04AE6AEB7A30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b9:80:c5:1a:55:18:26:2f:39:c5:17:08:6c: d3:ff:49:0a:04:26:52:bf:05:27:07:fc:46:62:f4: 59:57:e1:a1:a1:02:93:41:ba:51:0c:33:cc:aa:7c: c7:88:75:ba:8c:18:0c:2c:83:0e:e9:29:56:fb:47: 9c:77:35:32:85:7a:75:d9:12:66:ab:6f:e9:74:81: e5:0b:c3:53:4c:50:57:1f:2f:8d:28:84:d1:de:2e: 8a:ea:3b:da:03:3d:14:cd:b9:6e:eb:8f:db:d6:64: e9:52:d5:95:6f:5b:f5:ea:dc:e1:1c:86:81:82:d4: 39:f2:f9:9c:28:8c:3e:75:7d:97:eb:78:a8:2b:b1: 9d:7c:20:86:40:8b:5c:9e:12:25:13:3b:91:1f:5d: d8:c4:8f:b1:eb:f0:b1:71:b8:13:55:d6:35:15:06: ea:30:3c:74:2f:f2:4e:b6:9f:47:18:63:43:11:1b: ee:b2:de:c8:db:1e:7e:75:29:d4:40:52:0c:7d:e7: 60:b8:b3:55:3a:0e:88:b8:f1:7b:89:1b:ff:f5:83: 6f:7b:5c:c4:99:ab:58:57:78:8d:c1:e9:05:8d:b9: c0:5b:d5:a9:7a:a8:08:81:64:51:50:96:97:06:d9: cc:fd:7e:25:8c:e3:71:9c:e3:a6:32:e1:7b:73:82: 71:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:39:92:E6:B3:41:C2:3C:65:1D:E2:2B:92:7A:04:AE:6A:EB:7A:30 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/UDmS5rNBwjxlHeIrknoErmrrejA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.12.0/22 Signature Algorithm: sha256WithRSAEncryption 37:a2:07:2b:8e:cf:64:db:4e:c8:96:74:a1:6c:66:b3:3a:5f: 0d:28:72:1b:cb:7d:34:db:44:b9:9c:08:9d:d9:a4:8a:c7:02: 15:2f:d5:4a:67:90:fd:bb:a1:a5:86:94:15:af:15:32:99:98: d3:74:76:b7:33:11:01:86:6c:47:e8:bd:25:c5:d8:00:53:e9: a5:7a:ad:f9:e5:52:a6:da:38:2f:9a:32:a7:30:10:c3:03:16: 8b:c6:d5:73:8c:06:48:f9:e5:e2:6c:54:62:84:17:f1:14:12: d2:59:db:54:19:70:d9:36:7c:bb:94:4b:d4:ec:06:16:ed:18: 5a:19:b1:61:dc:b2:3a:3a:d1:81:34:33:c4:2b:e1:7c:cc:45: d3:e7:3e:b1:5e:2f:4e:f3:9b:ce:10:ea:e9:3e:33:c9:8e:ba: 02:85:f8:86:39:c4:32:89:e0:d2:b2:7c:5e:05:46:fa:85:1d: 9a:ee:3a:64:bc:fd:50:ba:aa:05:7f:57:61:4e:c9:68:f6:08: f8:e4:9a:57:8e:db:7c:c7:dc:98:da:81:6d:1f:5e:3a:2a:12: da:e6:28:be:48:63:a8:8b:0b:b1:4c:77:40:dd:8e:2f:3b:ab: fc:a7:af:f6:56:23:ee:36:c4:68:48:f6:d4:74:a2:3a:5d:52: 06:aa:80:46 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUwMzk5MkU2QjM0MUMy M0M2NTFERTIyQjkyN0EwNEFFNkFFQjdBMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6uYDFGlUYJi85xRcIbNP/SQoEJlK/BScH/EZi9FlX4aGhApNB ulEMM8yqfMeIdbqMGAwsgw7pKVb7R5x3NTKFenXZEmarb+l0geULw1NMUFcfL40o hNHeLorqO9oDPRTNuW7rj9vWZOlS1ZVvW/Xq3OEchoGC1Dny+ZwojD51fZfreKgr sZ18IIZAi1yeEiUTO5EfXdjEj7Hr8LFxuBNV1jUVBuowPHQv8k62n0cYY0MRG+6y 3sjbHn51KdRAUgx952C4s1U6Doi48XuJG//1g297XMSZq1hXeI3B6QWNucBb1al6 qAiBZFFQlpcG2cz9fiWM43Gc46Yy4XtzgnHjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUUDmS5rNBwjxlHeIrknoErmrrejAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1VEbVM1ck5Cd2p4bEhl SXJrbm9Fcm1ycmVqQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QwwDQYJKoZIhvcNAQELBQADggEBADeiByuOz2TbTsiWdKFsZrM6Xw0ochvL fTTbRLmcCJ3ZpIrHAhUv1UpnkP27oaWGlBWvFTKZmNN0drczEQGGbEfovSXF2ABT 6aV6rfnlUqbaOC+aMqcwEMMDFovG1XOMBkj55eJsVGKEF/EUEtJZ21QZcNk2fLuU S9TsBhbtGFoZsWHcsjo60YE0M8Qr4XzMRdPnPrFeL07zm84Q6uk+M8mOugKF+IY5 xDKJ4NKyfF4FRvqFHZruOmS8/VC6qgV/V2FOyWj2CPjkmleO23zH3JjagW0fXjoq EtrmKL5IY6iLC7FMd0Ddji87q/ynr/ZWI+42xGhI9tR0ojpdUgaqgEY= -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:40 2025 by rpki-client