$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/fkMv1iLeEfJ1F8QF6kRQnuK99wY.roa File: fkMv1iLeEfJ1F8QF6kRQnuK99wY.roa (raw, json) Hash identifier: ptG+BhvtNFGXfMdUnK8m+/W5ixOuSeZoC5KIAJThEWk= Subject key identifier: 7E:43:2F:D6:22:DE:11:F2:75:17:C4:05:EA:44:50:9E:E2:BD:F7:06 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 18FC Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/fkMv1iLeEfJ1F8QF6kRQnuK99wY.roa Signing time: Fri 17 Jan 2025 01:25:54 +0000 ROA not before: Fri 17 Jan 2025 01:25:54 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 24373 IP address blocks: 103.221.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6396 (0x18fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:54 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=7E432FD622DE11F27517C405EA44509EE2BDF706 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:42:5b:a8:c7:d2:9c:f2:17:56:88:53:0f:b8: 18:9e:57:46:f8:2f:2a:24:15:53:32:93:95:e0:80: 47:7c:27:3b:c3:62:b6:bc:87:b7:e5:41:dc:10:b6: fd:01:47:38:76:3f:15:cc:2d:f5:cd:6f:38:d1:50: ee:d9:d6:36:3a:dd:ee:29:c2:6f:15:d2:fc:02:0d: 41:31:4c:9a:f2:1e:15:5b:34:42:92:af:d5:c9:ed: 91:e1:55:d4:20:53:1a:ab:67:8a:0e:0e:64:68:67: 46:af:dd:84:ae:7f:80:81:80:37:9a:4f:5f:47:4c: 8c:30:c5:77:9f:0e:b8:63:bb:8b:06:8e:72:bc:22: 6c:ca:84:33:42:bb:bc:e4:87:03:ee:43:72:c2:58: d0:98:27:5a:73:da:e9:03:39:4e:dc:6a:f2:3c:7b: f9:af:af:f7:2c:ae:bc:9a:ad:4f:87:6b:3b:bf:f0: da:aa:6b:dc:33:bf:00:73:91:74:d9:fd:6d:c1:f4: 66:54:d7:e7:75:8c:a3:1d:9b:75:e9:10:d7:86:02: 32:4f:d4:65:7f:7a:fd:e1:4c:84:d9:16:0f:ac:8d: a5:08:b7:cc:0e:f7:97:c9:0f:18:dc:59:45:fe:e7: cb:f6:88:43:d9:13:58:8e:1e:7f:76:9c:0a:08:bc: 5b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:43:2F:D6:22:DE:11:F2:75:17:C4:05:EA:44:50:9E:E2:BD:F7:06 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/fkMv1iLeEfJ1F8QF6kRQnuK99wY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.8.0/22 Signature Algorithm: sha256WithRSAEncryption c2:44:a4:ec:d9:79:56:df:36:2f:1c:8d:4d:ca:2c:7b:1f:12: e9:78:6d:84:c5:c8:37:4a:a6:c7:b8:74:c2:3e:43:5b:6d:cf: 6c:e9:15:16:56:12:3e:26:e3:dd:22:04:91:d5:2d:0f:b8:c7: 1b:48:c1:2e:5b:f7:10:c9:c0:70:d3:e1:4a:46:d0:b0:e2:f0: 8b:52:d4:6b:91:d4:58:18:8b:cd:9f:dc:19:6f:b7:47:06:0b: ef:98:28:c4:b1:ab:ad:21:82:31:3b:70:8a:be:a0:6f:9a:09: 21:d1:c7:ce:b9:28:b3:82:5c:77:ea:23:d9:84:42:f1:07:e4: f5:91:4e:70:fa:7a:a7:d2:b2:c7:94:8e:9f:87:29:18:d3:e5: f8:dd:92:0f:20:d5:42:fc:9b:a8:2e:22:c6:69:86:a8:3b:da: 55:c7:de:24:02:5c:13:dc:b8:8b:d9:64:1c:94:bd:13:bc:0d: d5:9a:d3:59:d6:85:cc:60:f2:68:e8:c3:f7:99:4f:fe:af:84: ec:f5:b2:cc:e2:99:a6:a0:04:de:ab:f6:11:3a:e1:7f:54:d3: a8:5f:a9:e3:f7:4d:96:be:84:cc:0b:9f:3b:46:d9:d5:f9:da: 67:58:d1:ff:78:b9:36:37:7b:f2:bb:9c:12:16:f8:01:08:65: d2:43:c9:bb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1NTRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdFNDMyRkQ2MjJERTEx RjI3NTE3QzQwNUVBNDQ1MDlFRTJCREY3MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDiQluox9Kc8hdWiFMPuBieV0b4LyokFVMyk5XggEd8JzvDYra8 h7flQdwQtv0BRzh2PxXMLfXNbzjRUO7Z1jY63e4pwm8V0vwCDUExTJryHhVbNEKS r9XJ7ZHhVdQgUxqrZ4oODmRoZ0av3YSuf4CBgDeaT19HTIwwxXefDrhju4sGjnK8 ImzKhDNCu7zkhwPuQ3LCWNCYJ1pz2ukDOU7cavI8e/mvr/csrryarU+Hazu/8Nqq a9wzvwBzkXTZ/W3B9GZU1+d1jKMdm3XpENeGAjJP1GV/ev3hTITZFg+sjaUIt8wO 95fJDxjcWUX+58v2iEPZE1iOHn92nAoIvFuPAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUfkMv1iLeEfJ1F8QF6kRQnuK99wYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2ZrTXYxaUxlRWZKMUY4 UUY2a1JRbnVLOTl3WS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QgwDQYJKoZIhvcNAQELBQADggEBAMJEpOzZeVbfNi8cjU3KLHsfEul4bYTF yDdKpse4dMI+Q1ttz2zpFRZWEj4m490iBJHVLQ+4xxtIwS5b9xDJwHDT4UpG0LDi 8ItS1GuR1FgYi82f3Blvt0cGC++YKMSxq60hgjE7cIq+oG+aCSHRx865KLOCXHfq I9mEQvEH5PWRTnD6eqfSsseUjp+HKRjT5fjdkg8g1UL8m6guIsZphqg72lXH3iQC XBPcuIvZZByUvRO8DdWa01nWhcxg8mjow/eZT/6vhOz1sszimaagBN6r9hE64X9U 06hfqeP3TZa+hMwLnztG2dX52mdY0f94uTY3e/K7nBIW+AEIZdJDybs= -----END CERTIFICATE-----Generated at Fri Apr 4 18:48:45 2025 by rpki-client