$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/nAIPLWxRfsKJtcbsX7mBBL41aXI.roa File: nAIPLWxRfsKJtcbsX7mBBL41aXI.roa (raw, json) Hash identifier: trqDSnM3yliN+EIRIOK4ORLVfnOm5qXDpCcArjoIx2U= Subject key identifier: 9C:02:0F:2D:6C:51:7E:C2:89:B5:C6:EC:5F:B9:81:04:BE:35:69:72 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 187D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nAIPLWxRfsKJtcbsX7mBBL41aXI.roa Signing time: Fri 17 Jan 2025 01:25:07 +0000 ROA not before: Fri 17 Jan 2025 01:25:07 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.220.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 14 Apr 2025 06:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6269 (0x187d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:07 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9C020F2D6C517EC289B5C6EC5FB98104BE356972 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:fe:b3:c9:57:3e:6b:1c:dd:26:5c:56:c7:0c: b9:bf:76:a1:c5:f1:26:85:a2:e2:d2:d4:1b:0b:2a: b4:c6:3d:fd:26:db:66:cf:e7:83:b2:52:3e:dd:a3: 2c:a0:f0:22:20:ef:b8:2b:c1:ab:8e:f1:25:fe:36: 27:54:83:bb:f0:71:1d:75:a1:e0:dd:c9:4c:17:58: a1:33:6c:47:f6:7a:73:6e:0a:79:2c:fe:a8:3d:58: 8e:b1:a4:bc:1a:22:41:e5:ea:2e:01:ea:9e:c5:2d: cd:1b:6e:9e:83:df:cc:c3:7f:5c:b7:a2:41:61:37: 86:64:8e:24:1e:3b:78:74:44:3c:0c:5a:1a:d3:61: eb:56:be:b5:09:57:8b:88:14:e8:2e:12:21:ee:a6: e6:13:7d:3f:8e:8f:c9:be:f1:a2:e1:1e:ee:21:44: f0:fe:01:b6:7c:f1:0f:71:b4:9e:72:0c:3a:0a:80: 70:c1:04:fb:1c:c0:46:7d:26:b9:d6:4b:a8:1f:d3: 05:38:f9:55:8b:fc:54:43:83:de:87:60:d4:fa:d2: 9f:39:25:67:7f:53:f1:de:81:3c:cc:21:1f:a0:c1: ed:95:50:62:4b:ab:06:76:27:c4:5a:0d:28:40:60: 3b:1a:8e:4c:fa:e8:08:c6:b4:87:47:e9:48:af:b5: 81:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:02:0F:2D:6C:51:7E:C2:89:B5:C6:EC:5F:B9:81:04:BE:35:69:72 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/nAIPLWxRfsKJtcbsX7mBBL41aXI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.253.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:9b:e3:cb:6e:cd:12:f7:b9:df:a7:47:7f:cf:54:87:fa:7e: 8b:44:97:c6:e7:ca:b0:c3:db:79:dc:da:f4:16:ef:54:af:ed: 78:0f:51:85:66:7c:3f:e5:a2:29:52:e9:8b:b4:cc:30:93:14: 3e:c9:a5:d5:39:59:76:b3:5b:a3:07:39:e6:2f:54:b1:0f:8b: b1:77:78:d9:69:80:22:db:83:1e:b3:b0:69:ee:f5:ed:b9:2f: 63:da:f3:65:6a:2e:02:3b:97:84:18:a6:80:6b:34:3e:44:57: bf:45:58:92:b0:e1:da:d4:db:a0:c3:52:5a:cf:91:20:1e:8f: a1:f8:10:4e:d5:28:96:82:69:e5:d7:72:2c:61:1a:f0:51:c2: 5e:05:ff:11:11:ba:85:77:e3:53:43:58:1c:ef:4c:9f:d9:58: 25:9b:af:06:eb:be:19:87:43:68:48:ea:25:68:7f:64:5c:af: f0:4f:e2:62:bc:68:d8:08:c8:85:94:85:e2:ec:0d:2c:dc:42: 36:b9:16:06:a8:a8:bf:f7:8e:cb:fb:79:58:69:7b:16:8b:60: 5e:cc:0d:57:df:2f:4f:09:1b:29:4a:21:df:c2:a3:75:93:3f: 84:1d:b4:31:4f:ac:2a:a4:f3:91:85:22:c2:96:fb:f9:6f:7d: 55:79:7c:6e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGH0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlDMDIwRjJENkM1MTdF QzI4OUI1QzZFQzVGQjk4MTA0QkUzNTY5NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6/rPJVz5rHN0mXFbHDLm/dqHF8SaFouLS1BsLKrTGPf0m22bP 54OyUj7doyyg8CIg77grwauO8SX+NidUg7vwcR11oeDdyUwXWKEzbEf2enNuCnks /qg9WI6xpLwaIkHl6i4B6p7FLc0bbp6D38zDf1y3okFhN4ZkjiQeO3h0RDwMWhrT YetWvrUJV4uIFOguEiHupuYTfT+Oj8m+8aLhHu4hRPD+AbZ88Q9xtJ5yDDoKgHDB BPscwEZ9JrnWS6gf0wU4+VWL/FRDg96HYNT60p85JWd/U/HegTzMIR+gwe2VUGJL qwZ2J8RaDShAYDsajkz66AjGtIdH6UivtYG3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUnAIPLWxRfsKJtcbsX7mBBL41aXIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L25BSVBMV3hSZnNLSnRj YnNYN21CQkw0MWFYSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3P0wDQYJKoZIhvcNAQELBQADggEBAByb48tuzRL3ud+nR3/PVIf6fotEl8bn yrDD23nc2vQW71Sv7XgPUYVmfD/loilS6Yu0zDCTFD7JpdU5WXazW6MHOeYvVLEP i7F3eNlpgCLbgx6zsGnu9e25L2Pa82VqLgI7l4QYpoBrND5EV79FWJKw4drU26DD UlrPkSAej6H4EE7VKJaCaeXXcixhGvBRwl4F/xERuoV341NDWBzvTJ/ZWCWbrwbr vhmHQ2hI6iVof2Rcr/BP4mK8aNgIyIWUheLsDSzcQja5FgaoqL/3jsv7eVhpexaL YF7MDVffL08JGylKId/Co3WTP4QdtDFPrCqk85GFIsKW+/lvfVV5fG4= -----END CERTIFICATE-----Generated at Mon Apr 14 05:21:38 2025 by rpki-client