$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/aNn2DgQdo1ZgMd2FmTzj-n3WHwA.roa File: aNn2DgQdo1ZgMd2FmTzj-n3WHwA.roa (raw, json) Hash identifier: Al/QNR9M0q44E9BZnDcJZUb6OOp4YVH9hSx7Rzt97A4= Subject key identifier: 68:D9:F6:0E:04:1D:A3:56:60:31:DD:85:99:3C:E3:FA:7D:D6:1F:00 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 182D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/aNn2DgQdo1ZgMd2FmTzj-n3WHwA.roa Signing time: Fri 17 Jan 2025 01:24:42 +0000 ROA not before: Fri 17 Jan 2025 01:24:42 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.221.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6189 (0x182d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:42 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=68D9F60E041DA3566031DD85993CE3FA7DD61F00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:9b:6a:33:c8:52:30:78:3c:f2:34:a2:5f:b1: d8:11:29:6c:09:03:29:de:e2:85:a1:b3:08:9d:37: 06:a5:3d:0b:7f:88:c3:55:9f:ce:dc:f4:03:89:ba: df:c4:9d:89:94:24:75:92:31:4e:55:34:94:43:53: 1e:ce:f4:38:62:78:52:ab:24:9c:fc:e8:06:e7:22: fb:25:37:13:f2:2e:dd:16:e0:de:a4:27:5d:f1:78: ff:4f:66:ad:7e:a7:3f:ca:72:a5:2c:b2:56:9e:cf: ad:2a:07:07:b0:fd:22:ee:ad:cf:bc:3e:08:fb:ab: eb:5c:79:99:56:e1:89:9b:b8:f4:91:fc:0a:06:92: ac:d5:a1:6b:65:d7:79:9c:18:ac:ce:a7:5f:08:c0: 17:52:af:e4:2a:76:a5:0e:49:0b:48:5c:ea:e9:cd: ca:2c:5b:70:64:55:fb:7f:67:a8:e6:9e:92:e4:a1: 10:df:44:ad:2c:b5:9a:13:e2:b4:ad:fa:b8:65:c6: 52:4b:6d:65:de:9d:31:43:bb:9a:47:50:ec:f2:9e: 71:39:be:cd:ed:c5:ec:e3:90:c0:26:32:21:aa:f8: eb:62:61:d6:3c:3b:a8:27:57:b4:a6:14:80:5b:af: f0:78:82:83:2e:1f:37:a0:04:c0:59:d0:fc:7f:4f: bf:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:D9:F6:0E:04:1D:A3:56:60:31:DD:85:99:3C:E3:FA:7D:D6:1F:00 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/aNn2DgQdo1ZgMd2FmTzj-n3WHwA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.1.0/24 Signature Algorithm: sha256WithRSAEncryption af:72:28:56:ed:9e:e9:0e:9a:44:d0:bf:71:fe:2d:e5:4a:2f: 6f:a6:b0:bc:bc:2d:ff:61:20:91:af:1d:81:32:f6:ce:cf:80: 22:0e:e0:25:38:c3:48:10:d1:86:0e:4e:b1:9f:6c:eb:09:8d: 7b:f3:5a:a1:c1:1d:c7:68:4e:df:48:1a:f9:e4:3a:0a:3d:62: be:0e:2b:69:13:64:43:6d:03:31:01:76:4b:5b:47:96:79:94: f2:fb:ad:7e:2e:30:6f:83:1b:96:cf:b8:a6:3a:99:17:fd:78: 8f:57:94:cb:21:5c:f1:a9:3f:43:68:f7:29:a0:58:7f:d8:58: 73:14:a4:e9:f9:f8:ca:7d:fb:29:4f:58:b0:59:7b:3d:39:bb: 1f:c6:0d:08:53:d3:5d:41:7f:bf:56:40:29:ad:de:8f:00:62: 81:6d:68:e4:63:44:46:ed:f0:50:1e:97:d0:21:41:83:36:d7: 43:3c:18:8c:ac:f4:26:4d:3d:7a:4b:8e:3a:ab:74:08:03:b5: 3d:23:3e:53:74:27:44:6a:0d:ce:f8:f2:6d:20:7e:1d:db:fe: 6c:6c:f9:55:e3:9d:d8:32:9b:80:33:87:47:e2:62:47:08:d5: 25:c4:d7:81:6b:36:ef:82:a8:46:2c:c2:3a:3f:3b:81:af:97: 63:a1:ea:83 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY4RDlGNjBFMDQxREEz NTY2MDMxREQ4NTk5M0NFM0ZBN0RENjFGMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDRm2ozyFIweDzyNKJfsdgRKWwJAyne4oWhswidNwalPQt/iMNV n87c9AOJut/EnYmUJHWSMU5VNJRDUx7O9DhieFKrJJz86AbnIvslNxPyLt0W4N6k J13xeP9PZq1+pz/KcqUsslaez60qBwew/SLurc+8Pgj7q+tceZlW4YmbuPSR/AoG kqzVoWtl13mcGKzOp18IwBdSr+QqdqUOSQtIXOrpzcosW3BkVft/Z6jmnpLkoRDf RK0stZoT4rSt+rhlxlJLbWXenTFDu5pHUOzynnE5vs3txezjkMAmMiGq+OtiYdY8 O6gnV7SmFIBbr/B4goMuHzegBMBZ0Px/T78BAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUaNn2DgQdo1ZgMd2FmTzj+n3WHwAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2FObjJEZ1FkbzFaZ01k MkZtVHpqLW4zV0h3QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QEwDQYJKoZIhvcNAQELBQADggEBAK9yKFbtnukOmkTQv3H+LeVKL2+msLy8 Lf9hIJGvHYEy9s7PgCIO4CU4w0gQ0YYOTrGfbOsJjXvzWqHBHcdoTt9IGvnkOgo9 Yr4OK2kTZENtAzEBdktbR5Z5lPL7rX4uMG+DG5bPuKY6mRf9eI9XlMshXPGpP0No 9ymgWH/YWHMUpOn5+Mp9+ylPWLBZez05ux/GDQhT011Bf79WQCmt3o8AYoFtaORj REbt8FAel9AhQYM210M8GIys9CZNPXpLjjqrdAgDtT0jPlN0J0RqDc748m0gfh3b /mxs+VXjndgym4Azh0fiYkcI1SXE14FrNu+CqEYswjo/O4Gvl2Oh6oM= -----END CERTIFICATE-----Generated at Fri Apr 4 18:42:18 2025 by rpki-client