$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/lGjYgdhxC2DsOBoQKo10XubetCc.roa File: lGjYgdhxC2DsOBoQKo10XubetCc.roa (raw, json) Hash identifier: rtfEgN5MBRGSzqM7GqgEex5ikyxnKPTun5X8AghadwM= Subject key identifier: 94:68:D8:81:D8:71:0B:60:EC:38:1A:10:2A:8D:74:5E:E6:DE:B4:27 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 188B Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lGjYgdhxC2DsOBoQKo10XubetCc.roa Signing time: Fri 17 Jan 2025 01:25:12 +0000 ROA not before: Fri 17 Jan 2025 01:25:12 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 59083 IP address blocks: 103.24.116.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6283 (0x188b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:12 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9468D881D8710B60EC381A102A8D745EE6DEB427 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6a:6f:c2:75:87:0e:af:6d:38:21:e3:eb:53: c6:f7:7b:a9:6d:84:db:39:b4:01:24:b2:c0:e4:1c: b7:dc:b5:9d:8f:83:ed:f6:c4:52:a6:7c:c2:4a:21: a2:92:7b:d9:8d:fb:13:62:80:6f:86:19:c4:d8:f4: 05:0f:7a:96:54:7f:69:71:d1:7b:14:77:9e:ba:a4: 94:12:02:bd:48:84:2a:a3:64:bd:b5:2a:7b:9a:dc: 37:48:77:8e:3d:e8:50:8f:cc:b5:19:14:91:0d:ed: 04:0b:b3:3d:3d:76:69:4d:b2:42:92:70:f0:b1:d1: 88:4d:3b:94:ad:95:51:17:ed:5d:5d:40:20:cf:c8: d8:b1:2c:82:bc:73:1d:4e:af:21:bf:a6:d3:62:5d: 9e:b6:df:db:64:b8:92:01:92:c9:57:71:6f:af:71: 16:6a:34:7c:16:33:96:e6:c7:38:cc:2f:07:6f:a3: 65:e5:b5:99:2d:99:5d:c7:1a:92:c4:f0:8e:85:dc: ce:cb:36:41:74:f0:db:23:7d:5d:58:cc:04:ef:08: bd:ca:c8:b3:7a:42:1e:60:09:c4:bd:49:3d:9f:47: 9a:64:16:68:f3:7e:a7:62:c4:4c:90:58:dc:50:32: 19:e7:9f:83:18:be:98:99:14:fe:55:d7:06:95:9a: ce:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:68:D8:81:D8:71:0B:60:EC:38:1A:10:2A:8D:74:5E:E6:DE:B4:27 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/lGjYgdhxC2DsOBoQKo10XubetCc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.24.116.0/22 Signature Algorithm: sha256WithRSAEncryption c9:f3:41:e6:4d:4e:d2:84:99:1c:f3:54:8e:50:47:66:a8:a0: 05:a0:0e:4a:a6:5d:6b:e2:b1:08:40:7e:cf:b4:2f:0a:93:0c: be:44:83:31:90:74:73:5e:66:51:ce:89:49:e7:b2:86:8d:92: 03:e8:1b:fb:32:99:be:e2:97:e1:0e:66:8f:e2:58:ed:db:93: e2:e2:67:2b:ef:cc:99:4a:32:60:5c:a1:4a:88:63:29:36:0a: 5b:fb:e9:0f:2c:0e:b5:70:71:dc:b2:1e:be:99:5d:64:f6:37: bb:c3:6a:7d:c3:60:6a:19:f9:4b:da:a6:b1:d0:02:fb:e9:2a: 8f:3b:96:5d:36:46:26:cf:2a:47:e4:9c:05:f8:93:da:49:87: 21:23:5e:af:21:63:c8:03:8b:5f:7b:3b:de:ff:18:d1:44:05: ad:6e:0f:40:13:d5:ba:93:57:04:eb:4f:47:2a:05:c2:35:0f: 81:7f:9a:72:68:76:33:07:80:f8:35:dc:d9:d2:56:bb:2f:22: 26:d7:93:28:6f:b2:0e:6f:fb:a4:03:a5:69:6a:e2:84:77:7c: 8c:00:1d:c0:0d:85:5c:f0:9d:5c:af:db:6c:67:76:26:57:87: d9:e8:57:1b:16:a0:4b:93:87:99:c9:84:b9:af:bb:26:23:cc: 12:e9:c7:18 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDk0NjhEODgxRDg3MTBC NjBFQzM4MUExMDJBOEQ3NDVFRTZERUI0MjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCoam/CdYcOr204IePrU8b3e6lthNs5tAEkssDkHLfctZ2Pg+32 xFKmfMJKIaKSe9mN+xNigG+GGcTY9AUPepZUf2lx0XsUd566pJQSAr1IhCqjZL21 Knua3DdId4496FCPzLUZFJEN7QQLsz09dmlNskKScPCx0YhNO5StlVEX7V1dQCDP yNixLIK8cx1OryG/ptNiXZ6239tkuJIBkslXcW+vcRZqNHwWM5bmxzjMLwdvo2Xl tZktmV3HGpLE8I6F3M7LNkF08NsjfV1YzATvCL3KyLN6Qh5gCcS9ST2fR5pkFmjz fqdixEyQWNxQMhnnn4MYvpiZFP5V1waVms5HAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUlGjYgdhxC2DsOBoQKo10XubetCcwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2xHallnZGh4QzJEc09C b1FLbzEwWHViZXRDYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnGHQwDQYJKoZIhvcNAQELBQADggEBAMnzQeZNTtKEmRzzVI5QR2aooAWgDkqm XWvisQhAfs+0LwqTDL5EgzGQdHNeZlHOiUnnsoaNkgPoG/symb7il+EOZo/iWO3b k+LiZyvvzJlKMmBcoUqIYyk2Clv76Q8sDrVwcdyyHr6ZXWT2N7vDan3DYGoZ+Uva prHQAvvpKo87ll02RibPKkfknAX4k9pJhyEjXq8hY8gDi197O97/GNFEBa1uD0AT 1bqTVwTrT0cqBcI1D4F/mnJodjMHgPg13NnSVrsvIibXkyhvsg5v+6QDpWlq4oR3 fIwAHcANhVzwnVyv22xndiZXh9noVxsWoEuTh5nJhLmvuyYjzBLpxxg= -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:38 2025 by rpki-client