$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/muwH0jLtIP9XKONYa1J2QfUkXcA.roa File: muwH0jLtIP9XKONYa1J2QfUkXcA.roa (raw, json) Hash identifier: iLCpCA94RYmEv2nrn3pSPbmMLLpehzIdfqLTdXxqh74= Subject key identifier: 9A:EC:07:D2:32:ED:20:FF:57:28:E3:58:6B:52:76:41:F5:24:5D:C0 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 189E Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/muwH0jLtIP9XKONYa1J2QfUkXcA.roa Signing time: Fri 17 Jan 2025 01:25:19 +0000 ROA not before: Fri 17 Jan 2025 01:25:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 136897 IP address blocks: 103.198.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6302 (0x189e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:19 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9AEC07D232ED20FF5728E3586B527641F5245DC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:84:38:35:84:05:b7:5c:dd:14:b1:25:56:e5: 10:9a:51:a8:6e:5a:12:60:c7:79:59:d1:f2:f5:70: b9:de:18:6f:5c:ab:55:f0:ef:01:c1:1c:7b:4a:a1: 6e:d5:8f:f8:b5:87:df:a1:c1:46:2b:df:80:39:bf: 3d:d3:14:ad:6a:3c:c8:e3:3b:e9:fa:03:d2:9f:18: f8:65:aa:6f:e1:4e:a7:0d:7a:f8:8b:97:21:66:4f: fd:d0:90:6a:42:6d:7b:8b:76:f6:6a:e5:9f:83:4f: 1c:e9:38:58:a4:e9:af:1c:4d:6b:02:db:e6:d7:c1: df:b4:a4:a0:d1:bc:b6:4b:ea:92:33:02:8d:eb:60: c6:dd:7b:99:d2:3f:7e:2b:f0:d1:b3:19:81:a9:09: 69:7f:f0:1d:39:ca:6b:08:a9:c6:3b:32:5e:0d:a4: 6f:13:76:df:9e:33:90:6a:7e:90:be:1d:49:31:d8: 22:fd:cc:3a:43:71:06:b3:7a:c7:c7:17:e1:e8:87: 01:58:03:56:6a:54:88:3d:2d:00:3e:0d:4a:ec:c2: ee:ec:bc:44:82:55:74:5d:97:d3:7f:94:a8:c8:7d: 2b:7e:53:b8:ea:48:29:7e:e7:fe:f8:52:06:bf:b2: b6:03:da:fc:99:f1:8c:8d:8d:c1:b8:b2:b9:f7:d7: 59:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:EC:07:D2:32:ED:20:FF:57:28:E3:58:6B:52:76:41:F5:24:5D:C0 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/muwH0jLtIP9XKONYa1J2QfUkXcA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.198.240.0/22 Signature Algorithm: sha256WithRSAEncryption 9e:be:af:69:d2:65:10:68:02:47:1f:bc:0f:80:4e:e7:c2:da: 67:a4:0a:b8:5b:0e:ea:25:c3:db:5a:66:4e:b9:89:c0:bc:8c: cd:57:6e:cf:d2:51:a3:fa:bd:77:78:05:3e:3a:0f:b7:19:86: b1:a4:33:78:06:5e:28:ba:8e:2a:5b:b6:04:07:81:f0:2a:89: 01:2b:5e:4e:15:0c:26:7a:aa:74:58:97:5c:4e:e0:6a:fa:33: e2:68:ad:ef:90:40:c8:f9:9f:60:2f:d3:ec:b8:e5:9f:3d:33: f1:0f:ae:de:51:70:fb:d9:48:a6:b5:46:fd:05:cb:7f:60:40: 7f:ac:ba:b5:54:16:ab:de:a5:bb:6b:df:03:4d:92:f5:a4:b0: 13:db:f1:77:43:bb:2f:bb:b8:47:dc:bd:52:1f:3b:4a:33:fb: 03:8b:2b:36:16:14:14:9e:e0:d0:d3:f6:de:c2:8d:c7:f6:9d: c8:12:19:c8:54:cb:e4:12:87:f8:14:a5:f9:fa:74:7b:ef:ca: 17:38:5a:0f:6a:3d:72:87:c8:b5:a0:d8:f4:1e:2e:3f:79:85: 4e:f1:18:26:a9:5c:7a:27:0e:de:c4:80:8f:17:00:5f:9e:6b: 69:4a:86:94:cb:40:bb:15:b6:c5:82:e6:00:64:1b:8a:cb:75: a3:9d:35:15 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlBRUMwN0QyMzJFRDIw RkY1NzI4RTM1ODZCNTI3NjQxRjUyNDVEQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDahDg1hAW3XN0UsSVW5RCaUahuWhJgx3lZ0fL1cLneGG9cq1Xw 7wHBHHtKoW7Vj/i1h9+hwUYr34A5vz3TFK1qPMjjO+n6A9KfGPhlqm/hTqcNeviL lyFmT/3QkGpCbXuLdvZq5Z+DTxzpOFik6a8cTWsC2+bXwd+0pKDRvLZL6pIzAo3r YMbde5nSP34r8NGzGYGpCWl/8B05ymsIqcY7Ml4NpG8Tdt+eM5BqfpC+HUkx2CL9 zDpDcQazesfHF+HohwFYA1ZqVIg9LQA+DUrswu7svESCVXRdl9N/lKjIfSt+U7jq SCl+5/74Uga/srYD2vyZ8YyNjcG4srn311lVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUmuwH0jLtIP9XKONYa1J2QfUkXcAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L211d0gwakx0SVA5WEtP TllhMUoyUWZVa1hjQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnxvAwDQYJKoZIhvcNAQELBQADggEBAJ6+r2nSZRBoAkcfvA+ATufC2mekCrhb Duolw9taZk65icC8jM1Xbs/SUaP6vXd4BT46D7cZhrGkM3gGXii6jipbtgQHgfAq iQErXk4VDCZ6qnRYl1xO4Gr6M+Jore+QQMj5n2Av0+y45Z89M/EPrt5RcPvZSKa1 Rv0Fy39gQH+surVUFqvepbtr3wNNkvWksBPb8XdDuy+7uEfcvVIfO0oz+wOLKzYW FBSe4NDT9t7Cjcf2ncgSGchUy+QSh/gUpfn6dHvvyhc4Wg9qPXKHyLWg2PQeLj95 hU7xGCapXHonDt7EgI8XAF+ea2lKhpTLQLsVtsWC5gBkG4rLdaOdNRU= -----END CERTIFICATE-----Generated at Fri Apr 4 18:43:38 2025 by rpki-client