$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/rirnqP7rJQHdHktk4Cxkl3axVGE.roa File: rirnqP7rJQHdHktk4Cxkl3axVGE.roa (raw, json) Hash identifier: dg8H+I+WGus+zJYvypaw3sqSAI/iV8GQ3tWbo4gruKc= Subject key identifier: AE:2A:E7:A8:FE:EB:25:01:DD:1E:4B:64:E0:2C:64:97:76:B1:54:61 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 188C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rirnqP7rJQHdHktk4Cxkl3axVGE.roa Signing time: Fri 17 Jan 2025 01:25:13 +0000 ROA not before: Fri 17 Jan 2025 01:25:13 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 45.252.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6284 (0x188c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:13 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=AE2AE7A8FEEB2501DD1E4B64E02C649776B15461 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:2a:f6:56:86:b4:6c:81:96:9b:0b:45:b5:5b: 96:b9:a8:3f:1d:1d:2a:8b:25:8a:fa:f3:12:40:72: 1e:1f:61:67:2a:88:cb:0f:e0:f6:1c:78:78:7b:d9: 28:ab:e6:87:19:59:17:d7:a5:88:d7:98:2a:ad:8a: f8:38:b0:4d:a4:ea:31:fb:a7:06:1b:6e:e9:a2:10: 2b:a3:95:23:1d:04:e6:d7:d7:8c:0e:18:c5:ed:eb: 20:73:a5:12:14:e2:7e:77:8d:7b:bf:a8:ec:57:10: 74:b5:bf:54:97:05:3e:98:ce:07:83:93:a8:95:06: 39:11:9c:92:2d:f1:a7:b9:9d:bb:4e:07:3c:99:3e: eb:89:be:37:b8:f7:8f:a1:08:70:27:d0:24:3a:13: 54:36:24:f8:65:7b:2a:3b:2b:a0:d2:f9:6b:58:37: 52:cc:ee:82:48:f9:9d:c2:94:70:fb:8d:bb:bc:c9: bd:37:16:9e:f2:01:ad:90:3b:86:f7:d6:43:f5:c2: 4b:4b:ff:69:8b:a2:a9:06:ac:70:6e:d7:74:ac:4d: c7:fb:19:7d:3b:78:85:6d:18:8b:6c:a9:3b:aa:75: f0:88:3e:e9:5b:7f:85:62:f1:00:45:b3:a1:da:22: a1:53:12:2d:ec:ce:f4:52:97:e3:12:c8:f1:b3:37: 90:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:2A:E7:A8:FE:EB:25:01:DD:1E:4B:64:E0:2C:64:97:76:B1:54:61 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/rirnqP7rJQHdHktk4Cxkl3axVGE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.100.0/24 Signature Algorithm: sha256WithRSAEncryption 36:e7:e0:a2:01:5e:3f:b5:6a:48:73:e8:16:4f:af:a3:6d:fb: f9:12:1e:3f:9c:e2:33:64:04:61:a2:9d:39:f0:36:b5:d0:6b: 6b:59:f9:c9:6f:20:6a:46:d4:38:37:c8:4e:5a:72:63:8d:88: 41:63:2f:2b:45:66:93:b7:cc:2a:b6:8a:de:9f:7b:f6:91:14: 2e:71:12:61:be:5b:63:eb:dc:c8:c8:66:7e:a9:3c:a7:ee:44: 1c:99:78:26:30:b8:86:27:69:b0:4c:a5:99:fa:f5:de:8d:01: 92:d4:8c:58:5b:57:a3:e8:92:0f:e4:a3:11:55:a2:27:96:39: d5:89:09:20:5a:ad:19:0f:99:35:60:9a:b9:aa:3f:67:25:15: 04:e4:01:fe:0f:2b:f9:fe:76:e3:b0:d5:5a:86:12:28:cf:f2: 9f:37:57:c1:4c:a4:65:ed:51:e4:50:53:88:09:d7:bd:2d:dc: d8:fe:90:91:31:f7:1f:16:45:ee:95:fd:96:b3:8d:b3:26:d7: d6:64:22:d1:a7:3e:0f:73:bf:d2:0f:9d:5f:f2:fa:a9:42:9e: 06:9f:c6:d2:dd:4a:d4:94:1d:7d:b0:53:07:a5:da:93:fb:eb: f0:fb:32:93:2b:b4:1d:1e:93:6f:46:53:a0:ed:6a:46:fd:8c: 4d:13:c0:b1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGIwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEFFMkFFN0E4RkVFQjI1 MDFERDFFNEI2NEUwMkM2NDk3NzZCMTU0NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMKvZWhrRsgZabC0W1W5a5qD8dHSqLJYr68xJAch4fYWcqiMsP 4PYceHh72Sir5ocZWRfXpYjXmCqtivg4sE2k6jH7pwYbbumiECujlSMdBObX14wO GMXt6yBzpRIU4n53jXu/qOxXEHS1v1SXBT6YzgeDk6iVBjkRnJIt8ae5nbtOBzyZ PuuJvje494+hCHAn0CQ6E1Q2JPhleyo7K6DS+WtYN1LM7oJI+Z3ClHD7jbu8yb03 Fp7yAa2QO4b31kP1wktL/2mLoqkGrHBu13SsTcf7GX07eIVtGItsqTuqdfCIPulb f4Vi8QBFs6HaIqFTEi3szvRSl+MSyPGzN5CDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUrirnqP7rJQHdHktk4Cxkl3axVGEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3Jpcm5xUDdySlFIZEhr dGs0Q3hrbDNheFZHRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAt/GQwDQYJKoZIhvcNAQELBQADggEBADbn4KIBXj+1akhz6BZPr6Nt+/kSHj+c 4jNkBGGinTnwNrXQa2tZ+clvIGpG1Dg3yE5acmONiEFjLytFZpO3zCq2it6fe/aR FC5xEmG+W2Pr3MjIZn6pPKfuRByZeCYwuIYnabBMpZn69d6NAZLUjFhbV6Pokg/k oxFVoieWOdWJCSBarRkPmTVgmrmqP2clFQTkAf4PK/n+duOw1VqGEijP8p83V8FM pGXtUeRQU4gJ170t3Nj+kJEx9x8WRe6V/ZazjbMm19ZkItGnPg9zv9IPnV/y+qlC ngafxtLdStSUHX2wUwel2pP76/D7MpMrtB0ek29GU6Dtakb9jE0TwLE= -----END CERTIFICATE-----Generated at Fri Apr 4 18:38:34 2025 by rpki-client