$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/mlbcXn66RhvHUy5UKkyVEWCorto.roa File: mlbcXn66RhvHUy5UKkyVEWCorto.roa (raw, json) Hash identifier: w9w2fZ2wVI3V5kYCjkXe73e1qqnewTcrMzGXA7KSMx8= Subject key identifier: 9A:56:DC:5E:7E:BA:46:1B:C7:53:2E:54:2A:4C:95:11:60:A8:AE:DA Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1813 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mlbcXn66RhvHUy5UKkyVEWCorto.roa Signing time: Fri 17 Jan 2025 01:24:32 +0000 ROA not before: Fri 17 Jan 2025 01:24:32 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 138527 IP address blocks: 45.252.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6163 (0x1813) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:32 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9A56DC5E7EBA461BC7532E542A4C951160A8AEDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:43:45:3e:91:de:7b:da:e9:ab:5d:95:bf:77: 5f:6d:31:0f:c9:fe:6a:35:af:a6:03:a9:ca:1b:f1: 0d:5b:2b:a6:ed:59:10:4b:96:15:ee:59:e2:81:2e: 77:dc:6c:64:14:27:17:26:62:92:55:08:73:fe:3a: c8:82:fb:96:bd:f7:6f:47:23:f4:b9:74:96:a0:97: a4:85:e2:79:b7:21:f9:15:85:ec:6f:a6:7e:eb:33: e6:1d:55:ed:0e:99:87:73:63:b3:ba:a7:51:00:e8: 7e:b9:62:43:94:56:56:4b:88:b7:df:fb:b7:3c:13: 84:65:47:2d:63:45:2b:eb:87:3b:f0:16:d7:04:10: e1:95:b1:e7:c0:df:8f:66:d3:40:79:e4:57:cc:59: eb:2f:88:dd:68:55:c5:e8:04:db:88:71:d4:ed:22: 69:e3:61:a8:a5:7d:5b:6d:93:bf:1f:28:0a:34:e3: c0:7a:e0:45:a1:1f:ba:ce:33:92:bd:e3:78:38:5a: 64:f4:6e:ba:49:1e:83:00:9e:b6:73:f2:82:7e:dd: 0e:32:c0:b9:dc:23:85:0e:59:e1:d1:15:1b:ca:e5: b0:88:89:b5:7c:05:b2:44:8d:83:fb:23:d6:98:1a: 66:57:43:24:7e:30:23:e9:46:f1:98:2b:a2:8c:a7: 31:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:56:DC:5E:7E:BA:46:1B:C7:53:2E:54:2A:4C:95:11:60:A8:AE:DA X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mlbcXn66RhvHUy5UKkyVEWCorto.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.144.0/22 Signature Algorithm: sha256WithRSAEncryption 88:3b:b1:33:9d:f5:6f:96:bc:84:16:8f:f1:f5:68:7f:7c:f1: bd:a5:63:9c:a9:0f:49:54:3c:58:0b:e7:71:40:ae:6e:31:63: f8:0f:12:70:f8:e3:74:5d:4f:62:1d:5c:ac:fc:5b:5a:a1:3b: 3f:6b:c0:5e:4d:50:00:f9:49:1b:26:5e:ce:38:73:e6:e8:62: 69:e7:ae:f1:60:ca:17:ff:1b:7d:4e:e8:4f:57:ba:57:9d:1d: 29:e4:9c:2d:b6:ab:24:55:67:74:b1:22:2c:b9:22:5b:2a:65: 3f:6e:ad:6d:99:46:c8:e7:8d:99:af:66:51:b7:04:a8:5f:00: bc:8b:25:a6:98:60:55:42:84:59:38:f5:58:88:7f:80:2d:bc: 4a:12:1f:8e:4f:b5:67:68:8c:9a:53:4e:6a:dd:a7:5f:3c:af: 67:42:49:6b:9c:7f:b0:70:1b:ba:66:ca:56:91:c4:62:17:fd: ef:1f:69:e5:87:ec:e0:8a:d1:5a:4f:f2:16:5b:5d:af:fd:7d: 0c:d3:3e:df:a6:42:e0:d5:a4:9a:f4:63:04:5a:f1:d3:16:65: b5:d1:52:b5:7e:47:eb:68:8f:39:0a:6d:c9:51:70:01:c5:4b: 15:f5:5c:39:26:4e:8c:8d:e3:61:03:21:29:19:be:c2:d5:95: 8f:0a:97:b2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGBMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0MzJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlBNTZEQzVFN0VCQTQ2 MUJDNzUzMkU1NDJBNEM5NTExNjBBOEFFREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmQ0U+kd572umrXZW/d19tMQ/J/mo1r6YDqcob8Q1bK6btWRBL lhXuWeKBLnfcbGQUJxcmYpJVCHP+OsiC+5a9929HI/S5dJagl6SF4nm3IfkVhexv pn7rM+YdVe0OmYdzY7O6p1EA6H65YkOUVlZLiLff+7c8E4RlRy1jRSvrhzvwFtcE EOGVsefA349m00B55FfMWesviN1oVcXoBNuIcdTtImnjYailfVttk78fKAo048B6 4EWhH7rOM5K943g4WmT0brpJHoMAnrZz8oJ+3Q4ywLncI4UOWeHRFRvK5bCIibV8 BbJEjYP7I9aYGmZXQyR+MCPpRvGYK6KMpzHpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUmlbcXn66RhvHUy5UKkyVEWCortowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L21sYmNYbjY2Umh2SFV5 NVVLa3lWRVdDb3J0by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/JAwDQYJKoZIhvcNAQELBQADggEBAIg7sTOd9W+WvIQWj/H1aH988b2lY5yp D0lUPFgL53FArm4xY/gPEnD443RdT2IdXKz8W1qhOz9rwF5NUAD5SRsmXs44c+bo YmnnrvFgyhf/G31O6E9XuledHSnknC22qyRVZ3SxIiy5IlsqZT9urW2ZRsjnjZmv ZlG3BKhfALyLJaaYYFVChFk49ViIf4AtvEoSH45PtWdojJpTTmrdp188r2dCSWuc f7BwG7pmylaRxGIX/e8faeWH7OCK0VpP8hZbXa/9fQzTPt+mQuDVpJr0YwRa8dMW ZbXRUrV+R+tojzkKbclRcAHFSxX1XDkmToyN42EDISkZvsLVlY8Kl7I= -----END CERTIFICATE-----Generated at Fri Apr 4 18:40:46 2025 by rpki-client