$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/OYh5JEj0uWuUFwdKjB10pF76_pI.roa File: OYh5JEj0uWuUFwdKjB10pF76_pI.roa (raw, json) Hash identifier: An6u7oH3sagNhBru0T5ojCoKJVfFfrmJ66mlx7PcbhI= Subject key identifier: 39:88:79:24:48:F4:B9:6B:94:17:07:4A:8C:1D:74:A4:5E:FA:FE:92 Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Certificate serial: 15D2 Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/OYh5JEj0uWuUFwdKjB10pF76_pI.roa Signing time: Fri 25 Apr 2025 20:09:18 +0000 ROA not before: Fri 25 Apr 2025 20:09:18 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 41717 IP address blocks: 103.99.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5586 (0x15d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752 Validity Not Before: Apr 25 20:09:18 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=3988792448F4B96B9417074A8C1D74A45EFAFE92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:56:9b:cf:b6:aa:47:a0:27:82:79:cf:68:c5: 64:35:11:79:16:cf:5a:ac:17:df:7a:ff:9c:4b:94: 79:dc:55:c3:47:c8:58:ff:73:48:6d:e9:d4:b9:d6: ab:b8:18:28:dd:c0:45:23:5f:f5:99:d7:17:2e:cb: 2f:fa:82:7e:33:64:ed:2c:d6:5a:23:99:27:80:5d: 69:dc:ef:d2:9c:41:ae:9b:17:60:01:04:59:63:7e: aa:fb:ef:56:98:4e:62:82:5d:ed:fc:f1:f5:1a:49: 00:d0:02:57:2f:b3:86:1b:bd:2a:d1:e0:a9:08:1a: 7a:70:dd:e7:85:21:c7:b1:46:1b:82:0b:8a:15:f3: 62:0a:83:d2:c9:f0:4f:d3:0a:b1:de:bb:70:cf:51: d4:a2:b4:f5:12:66:d8:69:d3:ff:9a:51:73:45:40: bd:61:4c:5f:67:20:f6:e3:a3:82:d2:5f:f9:17:2b: 85:52:04:12:fd:95:28:fc:69:33:d9:d7:74:31:44: d8:69:86:66:64:62:e4:10:1f:ff:80:94:2d:d3:e9: f9:31:f8:89:f3:86:72:31:b9:50:91:4d:1b:eb:1c: 00:98:b2:33:cb:70:ab:fb:e6:f2:0f:27:0a:15:66: 3b:80:f4:a3:8d:04:ba:dd:a1:7e:94:86:94:0b:b1: 45:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:88:79:24:48:F4:B9:6B:94:17:07:4A:8C:1D:74:A4:5E:FA:FE:92 X509v3 Authority Key Identifier: keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/OYh5JEj0uWuUFwdKjB10pF76_pI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.99.76.0/22 Signature Algorithm: sha256WithRSAEncryption 9b:b9:e3:9c:51:74:fa:8a:2d:2e:8e:e7:1b:3b:1e:86:e1:49: cc:cf:ee:c5:c8:34:78:56:89:d4:e1:86:7b:8e:8d:72:c2:a1: 9c:c5:19:88:d4:b9:0d:ac:bd:d7:6f:94:7d:20:70:4d:d2:5e: 16:cd:39:88:08:f4:b8:7c:22:44:25:20:2a:3c:8d:b8:4c:0d: e6:a0:79:b2:3b:94:ec:df:a9:8c:38:31:cc:2b:87:94:fa:1e: 9d:d8:e6:ee:41:3c:83:b3:3b:ec:21:de:b3:73:53:ae:1f:8d: 9b:dc:f8:45:55:4e:46:09:04:8f:b4:64:63:40:5d:b0:ed:fa: f0:6e:e1:53:be:8b:3c:12:3e:6f:e8:a4:b4:dc:f4:d7:3c:2f: 6a:4e:c7:ec:bf:c6:44:d9:86:76:3d:b0:f9:bd:da:75:48:24: 24:a1:df:f8:68:0c:87:74:36:6d:1f:76:ac:52:87:2c:28:5b: ef:d9:d0:4b:17:c8:90:ce:6f:1e:a0:ef:5f:21:4a:11:6d:cc: 5a:5e:09:c9:11:58:b3:bc:a1:42:58:67:b0:b8:0c:7d:84:d7: 5f:7e:cb:c2:1c:0b:87:e8:a0:a7:df:6b:bd:ab:2a:61:f5:2f: dd:27:16:1c:60:9a:37:06:72:ed:73:6f:32:b0:40:5d:79:ff: 19:63:58:4b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNTA0MjUy MDA5MThaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM5ODg3OTI0NDhGNEI5 NkI5NDE3MDc0QThDMUQ3NEE0NUVGQUZFOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1VpvPtqpHoCeCec9oxWQ1EXkWz1qsF996/5xLlHncVcNHyFj/ c0ht6dS51qu4GCjdwEUjX/WZ1xcuyy/6gn4zZO0s1lojmSeAXWnc79KcQa6bF2AB BFljfqr771aYTmKCXe388fUaSQDQAlcvs4YbvSrR4KkIGnpw3eeFIcexRhuCC4oV 82IKg9LJ8E/TCrHeu3DPUdSitPUSZthp0/+aUXNFQL1hTF9nIPbjo4LSX/kXK4VS BBL9lSj8aTPZ13QxRNhphmZkYuQQH/+AlC3T6fkx+InzhnIxuVCRTRvrHACYsjPL cKv75vIPJwoVZjuA9KONBLrdoX6UhpQLsUWnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUOYh5JEj0uWuUFwdKjB10pF76/pIwHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3 OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvT1loNUpFajB1V3VV RndkS2pCMTBwRjc2X3BJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdjTDANBgkqhkiG9w0BAQsFAAOCAQEAm7njnFF0+ootLo7nGzsehuFJzM/u xcg0eFaJ1OGGe46NcsKhnMUZiNS5Day912+UfSBwTdJeFs05iAj0uHwiRCUgKjyN uEwN5qB5sjuU7N+pjDgxzCuHlPoendjm7kE8g7M77CHes3NTrh+Nm9z4RVVORgkE j7RkY0BdsO368G7hU76LPBI+b+iktNz01zwvak7H7L/GRNmGdj2w+b3adUgkJKHf +GgMh3Q2bR92rFKHLChb79nQSxfIkM5vHqDvXyFKEW3MWl4JyRFYs7yhQlhnsLgM fYTXX37LwhwLh+igp99rvasqYfUv3ScWHGCaNwZy7XNvMrBAXXn/GWNYSw== -----END CERTIFICATE-----Generated at Sat Apr 26 14:40:08 2025 by rpki-client