$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sC0fOOpzJcGeQkHn5D1dXlpdtZU.roa File: sC0fOOpzJcGeQkHn5D1dXlpdtZU.roa (raw, json) Hash identifier: zrIfszVUq/ZNtZ/RQLW5ZGmxrmj1T9avOXbNk76Z2W8= Subject key identifier: B0:2D:1F:38:EA:73:25:C1:9E:42:41:E7:E4:3D:5D:5E:5A:5D:B5:95 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 188E Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sC0fOOpzJcGeQkHn5D1dXlpdtZU.roa Signing time: Fri 17 Jan 2025 01:25:13 +0000 ROA not before: Fri 17 Jan 2025 01:25:13 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 138527 IP address blocks: 45.252.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:37:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6286 (0x188e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:13 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B02D1F38EA7325C19E4241E7E43D5D5E5A5DB595 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:10:b4:1b:15:c6:41:a4:42:82:f8:43:0c:39: ae:2e:66:30:a5:0f:69:d4:e2:5a:72:66:67:a3:80: 45:39:11:08:c8:f2:42:d5:77:40:6f:19:c0:b4:19: c3:ad:8b:03:7c:15:ff:7f:1c:0b:2c:7d:43:75:5f: 77:2a:c2:28:e7:3d:2f:aa:65:21:28:46:8d:59:b4: 15:74:d0:5f:fb:7b:10:7a:01:31:54:12:89:b6:59: 71:9f:b2:07:e7:34:e6:ba:1a:dd:48:a2:41:9f:0b: 6f:eb:2d:58:e2:d8:b8:9f:9b:38:c6:d2:8a:e6:f8: 53:41:6f:64:5a:73:4d:18:a0:71:19:f9:56:a3:d8: 96:c0:e4:44:79:71:e6:38:ad:53:f3:e5:8d:29:00: b8:e6:72:95:a8:2d:93:de:90:23:0f:55:d1:c8:61: d7:2e:f0:2b:14:c1:42:32:2d:5a:67:e8:1f:56:4c: b8:83:a4:21:ae:f6:4f:f2:e9:c9:1c:38:91:55:9b: 94:94:67:48:e6:5d:5d:d4:56:f0:fa:59:21:9e:64: ac:05:2f:63:68:75:e0:10:99:71:ac:df:9c:49:6c: 57:83:8d:bc:90:cf:c0:4a:41:e9:87:1c:ad:8a:61: 03:84:f7:51:be:b4:7e:db:15:a8:3a:d1:fb:b9:fa: 0b:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:2D:1F:38:EA:73:25:C1:9E:42:41:E7:E4:3D:5D:5E:5A:5D:B5:95 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sC0fOOpzJcGeQkHn5D1dXlpdtZU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.100.0/22 Signature Algorithm: sha256WithRSAEncryption 91:9d:e7:2f:54:ca:36:64:c4:54:1a:9e:7d:27:6d:b8:b3:29: 8b:4f:a6:73:83:80:f3:e0:5b:6f:5d:89:a7:b4:0c:0c:41:0e: 44:eb:ad:fb:81:07:3d:b8:f7:96:e6:75:a0:8a:a1:bb:09:c2: 48:ce:58:7f:27:26:aa:22:84:10:81:73:1b:c3:81:19:0f:0a: 9c:8a:aa:0a:cd:67:b6:8e:c1:9d:e5:19:5e:a2:0f:c2:25:7b: 41:b7:d9:68:63:8a:e4:6e:d1:23:94:2e:05:41:c7:bd:56:b0: 38:7d:09:a3:7f:0d:c9:d6:8d:e5:33:89:96:1d:c0:6d:2e:5a: 86:d7:9b:91:2b:06:a8:51:aa:c1:c3:d9:e6:c0:16:09:9a:e1: 7f:b8:6c:9f:7f:bc:cb:85:58:a2:62:8d:8b:c8:9e:8a:6b:2b: 32:34:55:c5:0b:e3:55:4e:b1:29:7d:14:fc:e9:97:15:28:b6: 37:15:27:3e:cf:af:b2:f9:17:8b:65:e7:d9:e5:73:66:af:01: f4:ef:8c:73:1b:d5:72:71:8c:eb:ca:e4:63:26:26:30:54:6a: 62:92:47:dd:33:b0:b6:ad:c3:56:b3:73:58:50:f0:8b:63:bd: da:6f:b0:89:eb:57:cd:8e:53:c3:46:b5:ea:f2:1f:e7:11:51: 51:d1:3e:46 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGI4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIwMkQxRjM4RUE3MzI1 QzE5RTQyNDFFN0U0M0Q1RDVFNUE1REI1OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDcELQbFcZBpEKC+EMMOa4uZjClD2nU4lpyZmejgEU5EQjI8kLV d0BvGcC0GcOtiwN8Ff9/HAssfUN1X3cqwijnPS+qZSEoRo1ZtBV00F/7exB6ATFU Eom2WXGfsgfnNOa6Gt1IokGfC2/rLVji2LifmzjG0orm+FNBb2Rac00YoHEZ+Vaj 2JbA5ER5ceY4rVPz5Y0pALjmcpWoLZPekCMPVdHIYdcu8CsUwUIyLVpn6B9WTLiD pCGu9k/y6ckcOJFVm5SUZ0jmXV3UVvD6WSGeZKwFL2NodeAQmXGs35xJbFeDjbyQ z8BKQemHHK2KYQOE91G+tH7bFag60fu5+gt9AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUsC0fOOpzJcGeQkHn5D1dXlpdtZUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NDMGZPT3B6SmNHZVFr SG41RDFkWGxwZHRaVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/GQwDQYJKoZIhvcNAQELBQADggEBAJGd5y9UyjZkxFQann0nbbizKYtPpnOD gPPgW29diae0DAxBDkTrrfuBBz2495bmdaCKobsJwkjOWH8nJqoihBCBcxvDgRkP CpyKqgrNZ7aOwZ3lGV6iD8Ile0G32WhjiuRu0SOULgVBx71WsDh9CaN/DcnWjeUz iZYdwG0uWobXm5ErBqhRqsHD2ebAFgma4X+4bJ9/vMuFWKJijYvInoprKzI0VcUL 41VOsSl9FPzplxUotjcVJz7Pr7L5F4tl59nlc2avAfTvjHMb1XJxjOvK5GMmJjBU amKSR90zsLatw1azc1hQ8ItjvdpvsInrV82OU8NGteryH+cRUVHRPkY= -----END CERTIFICATE-----Generated at Fri Apr 11 16:36:28 2025 by rpki-client