$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sJjpXzU5EhYvQq2ZkiLQnYg-_rI.roa File: sJjpXzU5EhYvQq2ZkiLQnYg-_rI.roa (raw, json) Hash identifier: w4zmOlL3yfg3MWToK6eP1VQqMnQ4lv5g7UyyvRc5bM8= Subject key identifier: B0:98:E9:5F:35:39:12:16:2F:42:AD:99:92:22:D0:9D:88:3E:FE:B2 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 17FE Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sJjpXzU5EhYvQq2ZkiLQnYg-_rI.roa Signing time: Fri 17 Jan 2025 01:24:24 +0000 ROA not before: Fri 17 Jan 2025 01:24:24 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 24373 IP address blocks: 103.221.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6142 (0x17fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:24 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B098E95F353912162F42AD999222D09D883EFEB2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:2f:bf:3f:c5:fc:fb:f7:7d:1d:fd:64:e3:1b: 1b:c5:b8:ed:41:ad:d0:c7:2f:39:cc:bb:1d:57:39: 0f:31:3e:98:2d:67:fd:5e:2f:8a:47:a4:d5:69:86: 47:6c:60:65:b7:c7:15:1d:2c:5a:32:34:83:f2:60: 38:57:d8:49:be:0a:70:fa:ed:67:d1:b7:b5:54:e4: e9:eb:c1:d6:a7:ff:84:67:5b:de:4b:b7:0f:67:4b: f2:ae:8d:ff:73:86:40:39:fb:0a:6c:a0:9f:12:b6: b1:91:4b:fa:89:20:5f:7f:50:3d:a3:8c:14:fc:11: 0a:45:c5:2e:4e:63:5f:1a:1f:d1:ef:a3:97:b0:21: 4a:a9:f6:7d:b8:2b:9f:79:ce:c6:41:05:5e:3b:fa: 69:b5:07:ab:1c:c5:94:be:18:97:e2:a4:1a:83:a8: 52:96:58:91:05:c8:b6:f7:ee:9f:48:12:d6:10:29: a1:40:c6:9f:93:89:5a:57:53:91:65:7e:74:d8:6d: 91:53:97:a6:77:03:45:7c:48:a9:6d:16:53:95:a8: d8:17:cd:2a:99:65:8b:7a:22:40:e2:d7:46:43:79: cf:8b:8d:46:2a:24:ed:ba:3d:ca:03:15:9b:13:91: 82:96:2e:80:f9:01:0b:f4:26:6f:01:d6:3f:bb:fa: d7:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:98:E9:5F:35:39:12:16:2F:42:AD:99:92:22:D0:9D:88:3E:FE:B2 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sJjpXzU5EhYvQq2ZkiLQnYg-_rI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.4.0/22 Signature Algorithm: sha256WithRSAEncryption cf:a2:89:af:d3:7b:d0:60:2a:82:ac:16:81:85:9a:a0:ee:d8: c6:25:fc:c6:1f:93:53:dd:79:ca:a8:3a:6d:3e:96:3f:14:23: 56:b4:76:83:77:76:5c:70:71:52:62:1c:9b:c8:14:ed:08:8f: 52:50:ce:25:ed:10:68:d0:91:ae:4d:d7:11:7f:23:7c:4b:46: d3:9c:57:00:24:1b:f3:90:57:3d:94:e8:68:15:4c:4e:9d:c7: 53:d4:61:24:43:6a:fb:85:9e:70:78:ee:26:a4:d4:13:32:8f: 3e:da:86:1c:d4:f2:b3:4c:1b:4e:b7:81:00:ff:68:28:bc:ad: e5:b1:d0:00:a2:85:f7:7c:29:63:73:c7:b9:c7:53:74:2b:7b: 06:2c:60:e4:e3:c5:1e:49:93:29:32:59:00:2e:72:f9:15:71: 26:16:48:52:1a:f7:00:e9:9f:aa:df:21:01:ef:56:d7:be:8f: 9d:0b:2b:c0:37:c5:73:c3:fe:6a:46:e8:ff:99:7e:4d:5f:d7: 93:1b:60:f3:e3:05:0d:81:ed:a9:aa:cb:d1:3f:36:db:8c:a6: b7:e1:14:2b:62:a6:45:2e:a7:10:64:7d:0d:06:57:b9:99:39: 16:25:d1:ad:75:e6:2d:02:7f:e4:28:e4:19:35:38:78:af:cc: 9c:58:ea:34 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICF/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0MjRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIwOThFOTVGMzUzOTEy MTYyRjQyQUQ5OTkyMjJEMDlEODgzRUZFQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4L78/xfz7930d/WTjGxvFuO1BrdDHLznMux1XOQ8xPpgtZ/1e L4pHpNVphkdsYGW3xxUdLFoyNIPyYDhX2Em+CnD67WfRt7VU5Onrwdan/4RnW95L tw9nS/Kujf9zhkA5+wpsoJ8StrGRS/qJIF9/UD2jjBT8EQpFxS5OY18aH9Hvo5ew IUqp9n24K595zsZBBV47+mm1B6scxZS+GJfipBqDqFKWWJEFyLb37p9IEtYQKaFA xp+TiVpXU5FlfnTYbZFTl6Z3A0V8SKltFlOVqNgXzSqZZYt6IkDi10ZDec+LjUYq JO26PcoDFZsTkYKWLoD5AQv0Jm8B1j+7+tcTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUsJjpXzU5EhYvQq2ZkiLQnYg+/rIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NKanBYelU1RWhZdlFx MlpraUxRbllnLV9ySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QQwDQYJKoZIhvcNAQELBQADggEBAM+iia/Te9BgKoKsFoGFmqDu2MYl/MYf k1PdecqoOm0+lj8UI1a0doN3dlxwcVJiHJvIFO0Ij1JQziXtEGjQka5N1xF/I3xL RtOcVwAkG/OQVz2U6GgVTE6dx1PUYSRDavuFnnB47iak1BMyjz7ahhzU8rNMG063 gQD/aCi8reWx0ACihfd8KWNzx7nHU3QrewYsYOTjxR5JkykyWQAucvkVcSYWSFIa 9wDpn6rfIQHvVte+j50LK8A3xXPD/mpG6P+Zfk1f15MbYPPjBQ2B7amqy9E/NtuM prfhFCtipkUupxBkfQ0GV7mZORYl0a115i0Cf+Qo5Bk1OHivzJxY6jQ= -----END CERTIFICATE-----Generated at Fri Apr 4 18:38:56 2025 by rpki-client