$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/mxs5AbQcUiTuxcH7xb7nXuBNTZs.roa File: mxs5AbQcUiTuxcH7xb7nXuBNTZs.roa (raw, json) Hash identifier: Bw4tbEDFQFxhzTa+xkF9Qsqt+hXk/LJ7g1lp3jYsQYI= Subject key identifier: 9B:1B:39:01:B4:1C:52:24:EE:C5:C1:FB:C5:BE:E7:5E:E0:4D:4D:9B Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 18E7 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mxs5AbQcUiTuxcH7xb7nXuBNTZs.roa Signing time: Fri 17 Jan 2025 01:25:46 +0000 ROA not before: Fri 17 Jan 2025 01:25:46 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6375 (0x18e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:46 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9B1B3901B41C5224EEC5C1FBC5BEE75EE04D4D9B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:06:fb:9a:9c:e3:1f:94:7b:fd:31:18:96:ca: af:96:e9:c5:28:16:d0:fb:9f:5c:2b:c5:9f:a9:3d: bf:f5:3b:f3:74:b9:97:15:c0:7e:f9:3b:6e:79:b4: 5a:e2:33:ca:36:c9:e2:3f:aa:47:db:10:6e:ac:ec: a5:9f:09:2f:4b:88:d3:f3:27:48:dd:8a:9f:1a:84: 99:39:eb:5f:49:9a:51:e9:d2:8a:1b:cc:ae:d6:da: 5d:22:2c:2e:1d:30:85:c7:1f:b1:c6:c1:73:da:f4: 89:22:38:82:5b:12:a3:ad:ec:ec:74:e7:69:19:5b: e0:3d:b1:f6:ec:9e:e7:66:b6:b1:cd:b9:37:eb:05: 1f:ec:18:bc:7b:78:b9:9a:c9:82:fd:09:0b:a4:7f: 1d:b9:a6:19:e0:de:48:d3:bb:3a:37:b8:b0:17:fa: a7:f8:06:04:40:73:57:06:8c:fe:32:b2:49:6b:60: 4e:bc:b5:8e:2d:e2:e8:23:a9:fb:56:ed:d0:a0:57: 6f:68:69:64:07:12:cb:c6:66:8f:fa:2a:e7:76:88: 68:cf:cf:7a:ee:89:e6:c1:90:43:e7:45:14:33:40: ac:f3:b8:99:9c:3d:d2:28:5a:15:f7:28:80:f6:0a: 84:47:b4:76:ed:ce:c4:24:ef:16:90:2a:0b:f7:dc: 8d:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:1B:39:01:B4:1C:52:24:EE:C5:C1:FB:C5:BE:E7:5E:E0:4D:4D:9B X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mxs5AbQcUiTuxcH7xb7nXuBNTZs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.10.0/24 Signature Algorithm: sha256WithRSAEncryption 79:03:41:df:68:2f:78:25:c2:ae:26:dc:74:a4:76:2c:e4:45: 21:b9:b3:9a:06:1e:31:8f:e6:7b:36:c5:94:94:84:64:39:75: 09:c5:80:66:7a:bb:44:85:be:3f:58:b5:79:41:7c:5c:39:63: a6:f0:30:28:90:3a:31:95:e8:e7:99:3e:9f:2e:d3:9b:81:f8: 00:9e:37:f2:e0:0c:d4:4b:42:f7:a8:17:ce:b7:b6:0a:ab:1b: 74:61:76:01:53:ad:fb:4f:45:c4:29:0a:aa:fb:e2:b4:b1:cb: 0c:5b:46:2f:db:d9:39:9a:34:75:ea:2c:80:c6:e0:bb:3e:4d: e0:33:ac:1c:4b:56:4b:ba:58:39:9d:dd:b3:85:94:1b:e7:65: 27:f4:43:c6:92:2e:a9:e1:02:b6:a9:14:a2:4e:b2:31:ec:83: f8:22:98:3d:9b:0a:1e:18:a7:b9:22:94:03:bb:dc:ee:bc:c9: 2c:24:9b:ab:7a:b9:5e:85:52:0e:06:44:5d:61:37:bd:fd:51: 0f:8d:32:f4:f4:51:ab:89:27:88:87:9c:db:e6:08:ea:a8:7d: 04:8a:74:21:6f:f3:38:d1:55:90:2f:a4:0b:de:49:94:43:41: 87:92:87:67:9e:df:44:69:e5:ed:57:3f:22:80:d2:55:28:88: d7:21:7a:4e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGOcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1NDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlCMUIzOTAxQjQxQzUy MjRFRUM1QzFGQkM1QkVFNzVFRTA0RDREOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVBvuanOMflHv9MRiWyq+W6cUoFtD7n1wrxZ+pPb/1O/N0uZcV wH75O255tFriM8o2yeI/qkfbEG6s7KWfCS9LiNPzJ0jdip8ahJk5619JmlHp0oob zK7W2l0iLC4dMIXHH7HGwXPa9IkiOIJbEqOt7Ox052kZW+A9sfbsnudmtrHNuTfr BR/sGLx7eLmayYL9CQukfx25phng3kjTuzo3uLAX+qf4BgRAc1cGjP4ysklrYE68 tY4t4ugjqftW7dCgV29oaWQHEsvGZo/6Kud2iGjPz3ruiebBkEPnRRQzQKzzuJmc PdIoWhX3KID2CoRHtHbtzsQk7xaQKgv33I3HAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUmxs5AbQcUiTuxcH7xb7nXuBNTZswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L214czVBYlFjVWlUdXhj SDd4YjduWHVCTlRacy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QowDQYJKoZIhvcNAQELBQADggEBAHkDQd9oL3glwq4m3HSkdizkRSG5s5oG HjGP5ns2xZSUhGQ5dQnFgGZ6u0SFvj9YtXlBfFw5Y6bwMCiQOjGV6OeZPp8u05uB +ACeN/LgDNRLQveoF863tgqrG3RhdgFTrftPRcQpCqr74rSxywxbRi/b2TmaNHXq LIDG4Ls+TeAzrBxLVku6WDmd3bOFlBvnZSf0Q8aSLqnhArapFKJOsjHsg/gimD2b Ch4Yp7kilAO73O68ySwkm6t6uV6FUg4GRF1hN739UQ+NMvT0UauJJ4iHnNvmCOqo fQSKdCFv8zjRVZAvpAveSZRDQYeSh2ee30Rp5e1XPyKA0lUoiNchek4= -----END CERTIFICATE-----Generated at Fri Apr 4 18:42:50 2025 by rpki-client