$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/DtbSAEp7ub5yz-641mfR-ngm210.roa File: DtbSAEp7ub5yz-641mfR-ngm210.roa (raw, json) Hash identifier: DNjcWsdfhH8cjJF7cutxS6sAaqnNT8Z4ca34ZmRG6DM= Subject key identifier: 0E:D6:D2:00:4A:7B:B9:BE:72:CF:EE:B8:D6:67:D1:FA:78:26:DB:5D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 184D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DtbSAEp7ub5yz-641mfR-ngm210.roa Signing time: Fri 17 Jan 2025 01:24:53 +0000 ROA not before: Fri 17 Jan 2025 01:24:53 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 138527 IP address blocks: 103.221.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6221 (0x184d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:53 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0ED6D2004A7BB9BE72CFEEB8D667D1FA7826DB5D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e2:58:9f:08:c5:4d:f0:2b:6f:c7:25:37:2c: 67:37:bb:dc:62:fe:57:c2:22:91:69:52:30:bc:32: f3:76:d5:68:80:04:2a:3a:20:a3:b2:31:e6:fa:50: 5a:83:aa:2a:7e:25:6f:6e:64:96:be:10:9d:c8:f2: 3f:71:c6:cf:9e:84:ce:8d:49:e1:6f:67:d3:bc:85: 83:50:9a:7b:f6:40:49:21:b6:f3:dd:a9:a9:6d:e3: a0:3b:14:a0:d3:8f:65:64:93:0d:3a:2b:65:cf:46: 6a:a8:cc:fc:79:bf:48:5c:6d:cc:6a:52:2f:d0:00: 20:97:e5:64:ab:07:7c:fc:1d:c6:25:f7:9c:4d:bc: da:ef:a7:fd:dd:2f:73:5a:64:07:3b:70:3a:ec:96: 61:d8:18:66:a9:83:48:a3:d1:08:20:a2:91:fc:db: c9:ff:96:46:19:7c:f4:14:34:20:b5:97:4c:42:ef: e3:5d:bf:22:71:3e:68:b3:36:76:f0:27:6f:f9:a4: 9b:08:88:5a:7e:18:92:d4:12:ff:60:c0:ed:8f:c7: 17:69:ef:63:63:33:53:d2:59:9c:cc:1f:4d:9c:79: 53:95:54:3f:f7:7b:fb:2f:c2:29:e0:2d:62:0b:39: 99:a8:d9:70:c5:4b:4a:08:6d:d3:b7:6f:27:15:99: 30:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:D6:D2:00:4A:7B:B9:BE:72:CF:EE:B8:D6:67:D1:FA:78:26:DB:5D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DtbSAEp7ub5yz-641mfR-ngm210.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.12.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:65:14:83:3a:78:64:04:79:52:12:f2:b5:15:2d:7a:2a:54: a2:cb:20:da:e4:40:ab:2d:73:ca:71:61:7d:9c:17:29:9d:7e: d6:77:9b:c4:64:04:d4:61:91:59:75:76:d5:e4:96:80:12:8e: 4d:7d:bd:16:f0:8f:f1:f1:a9:ac:bb:c4:6b:46:c6:79:31:fb: 71:0f:44:c6:fe:55:a3:1f:3a:d0:37:36:3a:a0:6f:3a:b3:34: ea:80:44:d5:f6:aa:74:c8:14:ab:28:96:db:d8:c8:4a:f2:3f: 8b:c8:dc:3a:c2:bd:40:dd:81:ac:d0:12:0c:40:1c:6b:01:03: 64:55:7e:55:05:d4:2d:67:cf:d6:e5:f7:cf:96:4f:e3:57:0a: 25:49:fa:a2:3c:cb:ee:19:fa:d0:5b:6e:e3:56:04:8b:ec:1a: 1d:e1:33:4c:4b:33:96:3a:28:73:46:4d:96:8e:4d:92:f4:96: 22:ce:aa:88:63:91:9f:c8:ad:51:f5:d1:3c:14:43:bd:22:03: e4:fe:38:5e:cd:d0:6c:2c:ce:9f:1d:6f:8b:0c:39:da:84:06: 4d:8b:9c:49:7c:7f:02:e5:9b:06:3d:d7:c4:70:2c:92:39:fa: 36:0b:cb:25:e0:0c:b3:bf:8c:e1:8f:5e:7b:c1:9a:f8:bd:34: b1:53:ec:bf -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGE0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBFRDZEMjAwNEE3QkI5 QkU3MkNGRUVCOEQ2NjdEMUZBNzgyNkRCNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCl4lifCMVN8CtvxyU3LGc3u9xi/lfCIpFpUjC8MvN21WiABCo6 IKOyMeb6UFqDqip+JW9uZJa+EJ3I8j9xxs+ehM6NSeFvZ9O8hYNQmnv2QEkhtvPd qalt46A7FKDTj2Vkkw06K2XPRmqozPx5v0hcbcxqUi/QACCX5WSrB3z8HcYl95xN vNrvp/3dL3NaZAc7cDrslmHYGGapg0ij0QggopH828n/lkYZfPQUNCC1l0xC7+Nd vyJxPmizNnbwJ2/5pJsIiFp+GJLUEv9gwO2Pxxdp72NjM1PSWZzMH02ceVOVVD/3 e/svwingLWILOZmo2XDFS0oIbdO3bycVmTCtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDtbSAEp7ub5yz+641mfR+ngm210wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0R0YlNBRXA3dWI1eXot NjQxbWZSLW5nbTIxMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QwwDQYJKoZIhvcNAQELBQADggEBAA9lFIM6eGQEeVIS8rUVLXoqVKLLINrk QKstc8pxYX2cFymdftZ3m8RkBNRhkVl1dtXkloASjk19vRbwj/Hxqay7xGtGxnkx +3EPRMb+VaMfOtA3NjqgbzqzNOqARNX2qnTIFKsoltvYyEryP4vI3DrCvUDdgazQ EgxAHGsBA2RVflUF1C1nz9bl98+WT+NXCiVJ+qI8y+4Z+tBbbuNWBIvsGh3hM0xL M5Y6KHNGTZaOTZL0liLOqohjkZ/IrVH10TwUQ70iA+T+OF7N0Gwszp8db4sMOdqE Bk2LnEl8fwLlmwY918RwLJI5+jYLyyXgDLO/jOGPXnvBmvi9NLFT7L8= -----END CERTIFICATE-----Generated at Sat Apr 26 14:39:42 2025 by rpki-client