$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/iRZTRsZhLTwOe9pEMSS5QP_sG2Y.roa File: iRZTRsZhLTwOe9pEMSS5QP_sG2Y.roa (raw, json) Hash identifier: L5l79JxZYm1uAG5c5S1psiD4kosMdyr5u5lApGHvN8s= Subject key identifier: 89:16:53:46:C6:61:2D:3C:0E:7B:DA:44:31:24:B9:40:FF:EC:1B:66 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 184F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/iRZTRsZhLTwOe9pEMSS5QP_sG2Y.roa Signing time: Fri 17 Jan 2025 01:24:53 +0000 ROA not before: Fri 17 Jan 2025 01:24:53 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 59083 IP address blocks: 202.136.250.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6223 (0x184f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:53 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=89165346C6612D3C0E7BDA443124B940FFEC1B66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:2c:6d:7b:42:37:63:26:f7:16:34:cf:0c:54: 18:84:52:8c:82:b6:ce:d7:84:d9:ed:65:9f:9a:7f: 7d:a9:c7:8f:bd:18:b2:d4:5f:18:42:76:25:00:b9: 53:e2:82:7b:0f:64:9d:18:b7:52:ab:8f:41:00:3e: bd:bc:7a:b3:2e:3d:5b:c0:78:81:62:6d:45:85:38: 07:e2:b3:92:3d:b7:1d:b2:fc:79:20:fc:cb:2c:1f: 78:29:94:24:a7:66:fd:e1:33:7a:fa:ae:c2:de:5a: e9:c9:19:33:29:bd:50:39:d4:c5:3d:b1:a5:48:a5: ff:b4:c7:72:f8:0a:9a:e0:c8:16:22:19:94:41:41: b4:6f:53:eb:57:55:93:ad:37:3c:ce:cb:7e:96:3a: 55:a7:bb:2b:50:89:a8:65:6a:5b:7d:6a:e6:6d:23: 89:82:50:ef:bf:c9:fe:91:30:51:ad:b4:44:bf:d2: 53:bc:2c:1a:73:78:94:b3:4a:70:f8:5b:fa:c4:61: ba:dd:7f:ee:15:f4:b7:e4:6d:7d:9c:22:ef:19:3b: 2e:78:ad:26:11:3c:81:0c:ce:4b:dc:e3:ab:ea:9a: eb:e7:62:79:d9:9a:f5:22:bb:d7:34:0e:14:f8:a4: fa:c4:a2:3b:cd:60:c1:73:95:69:ee:78:13:6c:1d: a1:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:16:53:46:C6:61:2D:3C:0E:7B:DA:44:31:24:B9:40:FF:EC:1B:66 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/iRZTRsZhLTwOe9pEMSS5QP_sG2Y.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.136.250.0/24 Signature Algorithm: sha256WithRSAEncryption 30:25:58:34:53:f0:81:b8:b4:0e:08:99:bc:a0:85:d0:07:ec: 88:30:d4:54:a3:c1:34:15:1b:d9:17:84:b2:bf:90:c6:40:df: 35:16:18:d1:ef:cb:f4:04:9b:9e:1c:d7:3c:57:ca:4f:ce:2c: bd:2d:11:c0:2d:88:c2:69:f1:ca:74:09:a5:7b:6c:a1:f4:70: 04:02:31:30:3b:39:8a:fd:91:3e:84:06:f5:5c:cf:d9:2e:5b: c0:1d:12:a2:52:88:b8:de:81:c4:6b:6d:55:20:a6:27:d5:47: f2:92:54:20:6c:be:c4:13:a0:4e:e0:b9:83:b4:44:e6:30:45: c9:b6:23:51:89:7a:9a:5f:63:a1:ea:47:e4:10:bb:e5:5f:84: bc:14:ae:2b:78:bf:0a:22:13:00:0d:8e:60:43:eb:40:93:d7: 5c:37:dc:de:ab:b3:2d:70:d0:09:79:e7:94:ec:de:c8:2f:62: 16:22:e9:5f:37:88:d7:e6:8d:28:20:99:ca:2f:67:a4:6d:b8: eb:7b:07:d4:a1:c6:02:84:0f:95:70:5f:9d:89:63:68:53:d5: 1f:cb:b3:45:e4:e9:ef:6b:e1:61:84:b3:77:cb:d3:50:a8:bc: 04:9d:ea:00:5c:93:3e:b6:e5:4f:fe:77:9e:42:b2:c6:96:c3: 98:34:b9:b3 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGE8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg5MTY1MzQ2QzY2MTJE M0MwRTdCREE0NDMxMjRCOTQwRkZFQzFCNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDULG17QjdjJvcWNM8MVBiEUoyCts7XhNntZZ+af32px4+9GLLU XxhCdiUAuVPignsPZJ0Yt1Krj0EAPr28erMuPVvAeIFibUWFOAfis5I9tx2y/Hkg /MssH3gplCSnZv3hM3r6rsLeWunJGTMpvVA51MU9saVIpf+0x3L4CprgyBYiGZRB QbRvU+tXVZOtNzzOy36WOlWnuytQiahlalt9auZtI4mCUO+/yf6RMFGttES/0lO8 LBpzeJSzSnD4W/rEYbrdf+4V9LfkbX2cIu8ZOy54rSYRPIEMzkvc46vqmuvnYnnZ mvUiu9c0DhT4pPrEojvNYMFzlWnueBNsHaG3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUiRZTRsZhLTwOe9pEMSS5QP/sG2YwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2lSWlRSc1poTFR3T2U5 cEVNU1M1UVBfc0cyWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADKiPowDQYJKoZIhvcNAQELBQADggEBADAlWDRT8IG4tA4ImbyghdAH7Igw1FSj wTQVG9kXhLK/kMZA3zUWGNHvy/QEm54c1zxXyk/OLL0tEcAtiMJp8cp0CaV7bKH0 cAQCMTA7OYr9kT6EBvVcz9kuW8AdEqJSiLjegcRrbVUgpifVR/KSVCBsvsQToE7g uYO0ROYwRcm2I1GJeppfY6HqR+QQu+VfhLwUrit4vwoiEwANjmBD60CT11w33N6r sy1w0Al555Ts3sgvYhYi6V83iNfmjSggmcovZ6RtuOt7B9ShxgKED5VwX52JY2hT 1R/Ls0Xk6e9r4WGEs3fL01CovASd6gBckz625U/+d55CssaWw5g0ubM= -----END CERTIFICATE-----Generated at Fri Apr 4 18:33:16 2025 by rpki-client