$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2075/MfqtZ3nWWXvGuHydwfjAPKninEk.roa File: MfqtZ3nWWXvGuHydwfjAPKninEk.roa (raw, json) Hash identifier: RceomI2xn8/ICTIqp+3Tx1zm70K9f3U1+HhNKeiqpcA= Subject key identifier: 31:FA:AD:67:79:D6:59:7B:C6:B8:7C:9D:C1:F8:C0:3C:A9:E2:9C:49 Certificate issuer: /CN=715B46D9F995777FA3143263D54A6E676A906EAB Certificate serial: 4EBD Authority key identifier: 71:5B:46:D9:F9:95:77:7F:A3:14:32:63:D5:4A:6E:67:6A:90:6E:AB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cVtG2fmVd3-jFDJj1UpuZ2qQbqs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/MfqtZ3nWWXvGuHydwfjAPKninEk.roa Signing time: Wed 09 Apr 2025 06:48:30 +0000 ROA not before: Wed 09 Apr 2025 06:48:30 +0000 ROA not after: Thu 09 Apr 2026 06:41:15 +0000 asID: 131530 IP address blocks: 103.72.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/cVtG2fmVd3-jFDJj1UpuZ2qQbqs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/cVtG2fmVd3-jFDJj1UpuZ2qQbqs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cVtG2fmVd3-jFDJj1UpuZ2qQbqs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 14:37:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20157 (0x4ebd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=715B46D9F995777FA3143263D54A6E676A906EAB Validity Not Before: Apr 9 06:48:30 2025 GMT Not After : Apr 9 06:41:15 2026 GMT Subject: CN=31FAAD6779D6597BC6B87C9DC1F8C03CA9E29C49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:32:db:f1:e3:6b:c5:b4:92:f4:a4:a4:e0:42: 6e:cf:c6:c8:07:49:3d:2a:eb:06:59:fa:cb:91:f0: c5:6a:bf:c5:79:90:0b:bd:32:40:4b:b4:f3:2d:6e: 3a:1b:9d:f9:23:6c:9b:d3:2a:40:6f:f6:69:b4:ff: 2e:6a:27:19:53:6b:ef:80:b0:2d:57:59:36:5a:53: 95:83:6c:c1:77:59:25:46:18:38:ab:c5:03:0c:37: fe:d5:58:ec:dc:84:8b:d4:bd:ec:53:eb:2e:ce:ac: 22:2f:33:88:ca:74:23:3f:bd:10:03:75:7e:d0:34: 7b:d5:3f:ab:88:6d:69:1f:44:43:84:1d:cc:e9:de: d8:0b:19:bc:5f:18:b2:bb:62:27:7b:f5:f6:95:04: cb:b8:fb:85:21:3b:be:8f:21:3a:c8:17:bd:24:9a: 80:13:4c:23:60:f7:4a:20:0a:80:91:32:cd:cd:5e: 80:58:0e:5f:cb:e9:80:e9:47:06:3f:8c:40:28:f8: 0e:36:50:c1:b9:84:90:f0:51:27:c5:e9:d9:c7:f4: 20:a0:5f:6e:78:72:21:ec:e1:80:e0:66:6f:f8:97: be:85:60:f2:f9:fd:f3:23:7d:48:de:4d:0c:d5:74: b3:bb:b5:b3:52:5c:2e:04:e3:68:a4:43:cd:9c:44: 44:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:FA:AD:67:79:D6:59:7B:C6:B8:7C:9D:C1:F8:C0:3C:A9:E2:9C:49 X509v3 Authority Key Identifier: keyid:71:5B:46:D9:F9:95:77:7F:A3:14:32:63:D5:4A:6E:67:6A:90:6E:AB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/cVtG2fmVd3-jFDJj1UpuZ2qQbqs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cVtG2fmVd3-jFDJj1UpuZ2qQbqs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/MfqtZ3nWWXvGuHydwfjAPKninEk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.72.120.0/22 Signature Algorithm: sha256WithRSAEncryption 8c:11:a3:31:49:a9:1a:2d:e6:b4:57:3c:0d:d8:a1:7b:8f:3a: 35:b3:c2:15:4e:11:62:d2:97:02:39:8a:22:59:c1:62:32:dd: 28:9c:41:c6:3f:2b:8e:8d:3f:c0:2b:da:e7:98:2f:98:12:39: d7:1f:89:2e:74:09:0a:55:90:1c:e1:a9:3a:28:af:a0:08:8e: 59:3d:54:02:c3:40:1d:7c:e3:c4:de:29:bf:e7:14:57:3c:a2: 81:93:f0:b8:a7:7a:4b:6d:20:51:8a:0f:67:72:30:b5:30:ab: 1c:f1:86:c8:f0:8f:ff:fa:b0:e4:3d:85:f6:0e:3e:0c:0d:00: a9:91:3f:4d:69:0e:4f:55:4b:33:f7:ca:c2:03:98:38:06:14: e1:87:0c:80:ba:22:32:07:16:55:9e:79:6c:5f:13:8b:a4:5e: f3:a7:92:5d:b9:78:97:6f:7d:68:22:d2:3e:0f:43:68:b9:f1: 4c:f2:5b:23:d6:7f:7e:68:37:f6:39:3d:fa:44:1f:78:c5:a5: 28:e1:e4:c5:bd:79:78:b8:05:46:a9:15:ec:9a:61:b8:13:5e: 4b:a3:2e:af:a0:ab:17:3b:45:fd:21:67:09:86:fd:06:25:1f: d6:41:4e:ab:b7:af:8d:16:3a:06:9d:d7:54:48:e0:d3:eb:ae: fa:92:14:ec -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICTr0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzE1 QjQ2RDlGOTk1Nzc3RkEzMTQzMjYzRDU0QTZFNjc2QTkwNkVBQjAeFw0yNTA0MDkw NjQ4MzBaFw0yNjA0MDkwNjQxMTVaMDMxMTAvBgNVBAMTKDMxRkFBRDY3NzlENjU5 N0JDNkI4N0M5REMxRjhDMDNDQTlFMjlDNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClMtvx42vFtJL0pKTgQm7PxsgHST0q6wZZ+suR8MVqv8V5kAu9 MkBLtPMtbjobnfkjbJvTKkBv9mm0/y5qJxlTa++AsC1XWTZaU5WDbMF3WSVGGDir xQMMN/7VWOzchIvUvexT6y7OrCIvM4jKdCM/vRADdX7QNHvVP6uIbWkfREOEHczp 3tgLGbxfGLK7Yid79faVBMu4+4UhO76PITrIF70kmoATTCNg90ogCoCRMs3NXoBY Dl/L6YDpRwY/jEAo+A42UMG5hJDwUSfF6dnH9CCgX254ciHs4YDgZm/4l76FYPL5 /fMjfUjeTQzVdLO7tbNSXC4E42ikQ82cRERtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMfqtZ3nWWXvGuHydwfjAPKninEkwHwYDVR0jBBgwFoAUcVtG2fmVd3+jFDJj 1UpuZ2qQbqswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3 NS9jVnRHMmZtVmQzLWpGREpqMVVwdVoycVFicXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2NWdEcyZm1WZDMtakZESmoxVXB1WjJxUWJxcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzUvTWZxdFozbldXWHZH dUh5ZHdmakFQS25pbkVrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdIeDANBgkqhkiG9w0BAQsFAAOCAQEAjBGjMUmpGi3mtFc8Ddihe486NbPC FU4RYtKXAjmKIlnBYjLdKJxBxj8rjo0/wCva55gvmBI51x+JLnQJClWQHOGpOiiv oAiOWT1UAsNAHXzjxN4pv+cUVzyigZPwuKd6S20gUYoPZ3IwtTCrHPGGyPCP//qw 5D2F9g4+DA0AqZE/TWkOT1VLM/fKwgOYOAYU4YcMgLoiMgcWVZ55bF8Ti6Re86eS Xbl4l299aCLSPg9DaLnxTPJbI9Z/fmg39jk9+kQfeMWlKOHkxb15eLgFRqkV7Jph uBNeS6Mur6CrFztF/SFnCYb9BiUf1kFOq7evjRY6Bp3XVEjg0+uu+pIU7A== -----END CERTIFICATE-----Generated at Sat Apr 26 14:37:19 2025 by rpki-client