$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hs1PJi0lxP74IVRvyIx2rJkI__Q.roa File: hs1PJi0lxP74IVRvyIx2rJkI__Q.roa (raw, json) Hash identifier: y0kO03ChYrnhL9qwNKp06Va3ZoC2rIH/+49K6lhT2+s= Subject key identifier: 86:CD:4F:26:2D:25:C4:FE:F8:21:54:6F:C8:8C:76:AC:99:08:FF:F4 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1854 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hs1PJi0lxP74IVRvyIx2rJkI__Q.roa Signing time: Fri 17 Jan 2025 01:24:55 +0000 ROA not before: Fri 17 Jan 2025 01:24:55 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.221.27.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6228 (0x1854) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:55 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=86CD4F262D25C4FEF821546FC88C76AC9908FFF4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ce:3c:6b:a7:3e:ba:06:81:56:63:e7:22:ff: c2:13:df:eb:dd:c9:8e:02:22:3f:8e:ae:d2:16:0f: 91:45:6d:ed:7a:1e:1a:d0:a0:4b:1b:ba:33:98:f5: 88:b8:f3:a5:e8:40:86:e2:4e:18:c8:57:4f:8f:d9: b4:a6:54:9d:2e:ef:24:4f:82:4a:53:bd:ee:6c:d8: 21:76:02:35:09:2c:4f:01:f4:10:00:2f:c7:9c:95: 98:f6:8e:fd:fb:b1:17:bc:4b:73:77:4d:e8:67:50: aa:b4:0d:44:96:fa:25:1c:c5:29:79:00:11:41:7c: fd:c3:7f:40:56:91:a5:66:3b:87:ff:44:68:3f:f4: 73:21:a1:4d:4c:22:69:fd:a9:35:cf:67:07:4c:00: 6e:0f:91:46:84:9b:0f:18:77:29:a5:73:c5:ad:b5: 8e:63:57:55:cb:1e:0d:91:7c:fb:80:fa:d2:59:61: 47:8e:af:76:98:11:76:4c:2d:53:ab:bf:5b:05:6f: e0:0d:93:e7:76:59:ab:b2:c9:6a:21:a8:89:c5:73: ed:56:66:9b:03:cd:2f:5e:23:c6:69:dd:4d:7c:ec: 50:ae:45:e7:38:08:81:02:e5:fd:48:29:99:d1:e7: b3:10:0f:0a:5d:c1:7e:ca:f3:4a:2f:fb:51:9e:64: 30:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:CD:4F:26:2D:25:C4:FE:F8:21:54:6F:C8:8C:76:AC:99:08:FF:F4 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hs1PJi0lxP74IVRvyIx2rJkI__Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.27.0/24 Signature Algorithm: sha256WithRSAEncryption 9f:01:43:57:75:10:82:27:d3:2b:ea:6a:6d:46:83:4d:92:3a: 8e:64:f4:7a:33:02:a7:b8:d0:9d:84:3b:9d:d9:ae:8e:0a:08: fc:14:df:08:22:0a:ef:0b:fb:83:14:cf:eb:bd:73:cf:e7:7f: 64:d5:56:be:6a:a9:06:ba:4d:6a:13:0b:57:8f:cf:ea:f9:c8: 22:ea:ed:83:e0:bc:0e:e0:0c:cb:26:cf:73:2f:eb:12:5e:e0: 5d:e8:6e:79:ca:66:82:55:cf:07:03:50:39:ee:fa:bf:00:36: 6e:38:27:4c:17:04:73:4d:30:bc:95:5f:e1:b1:af:c2:1d:c6: 30:ab:4c:d3:6d:a0:2c:f6:c2:39:78:04:70:77:61:5c:98:93: 0d:26:46:5c:64:7c:d4:5d:d6:54:ea:e9:d2:09:cd:00:cb:1e: d8:b3:58:c4:9c:de:2d:da:93:5c:57:91:78:2a:f8:0f:5b:18: c8:71:e1:d1:dc:a4:3a:1d:57:cb:b2:b8:d5:1e:b1:cd:19:d4: e1:2d:c3:8a:6a:3a:68:08:86:30:91:43:df:fd:c0:e1:b7:56: 83:31:89:d2:64:b4:f0:b6:64:90:e6:33:4b:6d:2b:82:8c:f8: 20:5d:39:44:c8:9d:bc:50:89:8c:cb:b1:29:e7:30:d6:9c:54: 1d:b8:4f:6c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGFQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg2Q0Q0RjI2MkQyNUM0 RkVGODIxNTQ2RkM4OEM3NkFDOTkwOEZGRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDJzjxrpz66BoFWY+ci/8IT3+vdyY4CIj+OrtIWD5FFbe16HhrQ oEsbujOY9Yi486XoQIbiThjIV0+P2bSmVJ0u7yRPgkpTve5s2CF2AjUJLE8B9BAA L8eclZj2jv37sRe8S3N3TehnUKq0DUSW+iUcxSl5ABFBfP3Df0BWkaVmO4f/RGg/ 9HMhoU1MImn9qTXPZwdMAG4PkUaEmw8Ydymlc8WttY5jV1XLHg2RfPuA+tJZYUeO r3aYEXZMLVOrv1sFb+ANk+d2WauyyWohqInFc+1WZpsDzS9eI8Zp3U187FCuRec4 CIEC5f1IKZnR57MQDwpdwX7K80ov+1GeZDCLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUhs1PJi0lxP74IVRvyIx2rJkI//QwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hzMVBKaTBseFA3NElW UnZ5SXgyckprSV9fUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RswDQYJKoZIhvcNAQELBQADggEBAJ8BQ1d1EIIn0yvqam1Gg02SOo5k9Hoz Aqe40J2EO53Zro4KCPwU3wgiCu8L+4MUz+u9c8/nf2TVVr5qqQa6TWoTC1ePz+r5 yCLq7YPgvA7gDMsmz3Mv6xJe4F3obnnKZoJVzwcDUDnu+r8ANm44J0wXBHNNMLyV X+Gxr8IdxjCrTNNtoCz2wjl4BHB3YVyYkw0mRlxkfNRd1lTq6dIJzQDLHtizWMSc 3i3ak1xXkXgq+A9bGMhx4dHcpDodV8uyuNUesc0Z1OEtw4pqOmgIhjCRQ9/9wOG3 VoMxidJktPC2ZJDmM0ttK4KM+CBdOUTInbxQiYzLsSnnMNacVB24T2w= -----END CERTIFICATE-----Generated at Fri Apr 4 18:41:31 2025 by rpki-client