$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/xtoeF43YAiCZqXKQDvD53lzhJek.roa File: xtoeF43YAiCZqXKQDvD53lzhJek.roa (raw, json) Hash identifier: XFkZATa8mnvnnu8ivjk73xburPI3O0v0mspFQHqptTQ= Subject key identifier: C6:DA:1E:17:8D:D8:02:20:99:A9:72:90:0E:F0:F9:DE:5C:E1:25:E9 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1872 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/xtoeF43YAiCZqXKQDvD53lzhJek.roa Signing time: Fri 17 Jan 2025 01:25:04 +0000 ROA not before: Fri 17 Jan 2025 01:25:04 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.221.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 20:07:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6258 (0x1872) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:04 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C6DA1E178DD8022099A972900EF0F9DE5CE125E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:de:01:c0:07:eb:81:38:44:2f:e6:4f:b5:b2: a4:ad:8a:9e:64:95:be:d7:34:4f:2c:b8:b8:5c:04: 23:ad:7a:41:d2:83:35:6f:2e:d5:c8:68:ff:6d:88: ab:77:2b:aa:e7:fc:4c:36:64:38:1c:fe:b7:2e:e7: a2:c6:70:3e:24:22:fa:2e:8a:46:91:80:c7:a8:39: 53:2e:ca:5b:95:6f:14:91:42:4b:9d:32:ce:93:44: 98:07:63:09:ba:80:d1:b5:b8:cd:23:93:7c:e5:a2: 34:b0:e5:8f:5f:57:fa:2f:a2:32:55:68:c5:50:2a: 37:1e:b6:d8:54:2b:b2:c6:c1:4e:94:07:84:51:d9: ef:06:32:5d:ff:45:b9:40:17:de:73:1c:11:3d:db: ee:0b:25:cb:52:45:d3:86:73:74:ad:fb:f1:cb:8e: 98:86:f8:1b:06:2d:93:da:2a:c3:a6:e3:b4:a5:60: b1:c2:62:c7:e2:05:35:0c:5f:bb:b8:93:06:a0:ef: aa:0c:ee:68:9a:9d:81:f0:2b:db:6e:75:0b:9b:7b: 5f:2e:ac:cc:28:dd:19:9d:76:c4:95:ab:c7:94:db: 02:86:2a:8e:30:1f:bf:d2:26:de:e8:a8:a6:25:74: bb:f6:7e:99:ad:3d:30:1d:a6:64:fb:3d:12:9b:fb: 60:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:DA:1E:17:8D:D8:02:20:99:A9:72:90:0E:F0:F9:DE:5C:E1:25:E9 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/xtoeF43YAiCZqXKQDvD53lzhJek.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.19.0/24 Signature Algorithm: sha256WithRSAEncryption 07:b5:1e:d1:c4:18:af:5d:ce:4a:84:0f:15:7a:5f:51:3a:7d: 48:97:0f:8b:45:71:7f:8f:92:f1:ee:07:1a:8b:44:1a:bc:30: f4:9a:b2:01:6f:df:1f:2c:98:cd:7e:af:4b:9a:71:75:9b:4c: 62:d8:9e:d0:0f:c0:05:21:c1:17:f3:44:90:ef:60:42:8f:49: c9:70:2e:b6:53:45:ea:dc:30:69:e6:9b:dc:d8:06:c1:10:d3: 54:ed:7f:e1:b0:36:81:f7:70:80:ee:92:8b:d6:77:19:8f:68: 6f:20:16:3c:32:76:eb:ae:2c:4b:1d:1d:a2:4f:3d:68:44:c5: 0a:ea:98:91:bc:6a:8e:6f:92:bb:02:85:d2:cb:59:a0:f0:ea: 9c:4d:2e:f0:1b:46:0b:14:5b:fe:15:85:c4:bd:85:be:84:50: ad:fc:24:d2:5e:cb:af:82:ee:e1:be:9e:4d:ce:37:7b:38:1c: 93:16:f1:d5:c5:b9:0c:6a:e3:82:c7:22:8f:20:7b:28:e8:71: 49:ec:5f:7d:eb:c7:86:f1:ba:a7:e0:e0:f6:de:31:b1:34:9b: 1c:dd:cd:a4:09:75:b8:dd:37:64:85:44:4d:72:e5:58:5d:26: bf:7f:75:56:b6:37:15:3b:d2:a0:97:1a:c0:5d:e3:b4:b4:16: 93:86:11:5f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MDRaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM2REExRTE3OEREODAy MjA5OUE5NzI5MDBFRjBGOURFNUNFMTI1RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCv3gHAB+uBOEQv5k+1sqStip5klb7XNE8suLhcBCOtekHSgzVv LtXIaP9tiKt3K6rn/Ew2ZDgc/rcu56LGcD4kIvouikaRgMeoOVMuyluVbxSRQkud Ms6TRJgHYwm6gNG1uM0jk3zlojSw5Y9fV/ovojJVaMVQKjcetthUK7LGwU6UB4RR 2e8GMl3/RblAF95zHBE92+4LJctSRdOGc3St+/HLjpiG+BsGLZPaKsOm47SlYLHC YsfiBTUMX7u4kwag76oM7mianYHwK9tudQube18urMwo3RmddsSVq8eU2wKGKo4w H7/SJt7oqKYldLv2fpmtPTAdpmT7PRKb+2AZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUxtoeF43YAiCZqXKQDvD53lzhJekwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3h0b2VGNDNZQWlDWnFY S1FEdkQ1M2x6aEplay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RMwDQYJKoZIhvcNAQELBQADggEBAAe1HtHEGK9dzkqEDxV6X1E6fUiXD4tF cX+PkvHuBxqLRBq8MPSasgFv3x8smM1+r0uacXWbTGLYntAPwAUhwRfzRJDvYEKP SclwLrZTRercMGnmm9zYBsEQ01Ttf+GwNoH3cIDukovWdxmPaG8gFjwyduuuLEsd HaJPPWhExQrqmJG8ao5vkrsChdLLWaDw6pxNLvAbRgsUW/4VhcS9hb6EUK38JNJe y6+C7uG+nk3ON3s4HJMW8dXFuQxq44LHIo8geyjocUnsX33rx4bxuqfg4PbeMbE0 mxzdzaQJdbjdN2SFRE1y5VhdJr9/dVa2NxU70qCXGsBd47S0FpOGEV8= -----END CERTIFICATE-----Generated at Fri Apr 4 18:38:03 2025 by rpki-client