$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EaWcfO8QFBXmZS4JJ-5Cm-vkPc4.roa File: EaWcfO8QFBXmZS4JJ-5Cm-vkPc4.roa (raw, json) Hash identifier: 1clshBiMbDuwXY5J8IT6On0Ztctvd6yjfeOXO5t0Zno= Subject key identifier: 11:A5:9C:7C:EF:10:14:15:E6:65:2E:09:27:EE:42:9B:EB:E4:3D:CE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 18AA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EaWcfO8QFBXmZS4JJ-5Cm-vkPc4.roa Signing time: Fri 17 Jan 2025 01:25:23 +0000 ROA not before: Fri 17 Jan 2025 01:25:23 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 138527 IP address blocks: 45.252.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6314 (0x18aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:23 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=11A59C7CEF101415E6652E0927EE429BEBE43DCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:32:b5:50:7f:02:2b:57:4e:fb:31:a8:ec:87: b7:96:24:10:ed:03:2a:00:fe:3d:b3:40:5d:29:e1: cf:14:d4:76:dd:7d:64:47:1a:7f:fc:ad:5f:0a:d7: b7:05:a4:d8:bb:3a:37:3b:c2:32:f8:c2:93:35:58: f2:dd:96:d7:f8:e9:8c:7e:db:f9:ac:cf:65:cb:56: aa:c5:99:0f:1d:7d:f9:73:cf:9e:36:36:ed:e8:08: b9:3d:5d:77:1c:04:00:7a:23:f6:b4:a9:ad:30:94: b9:99:35:e6:d6:0d:39:ed:85:5e:ad:c2:35:12:e2: e8:61:ac:27:87:c5:9f:77:e9:10:d1:61:ab:23:e8: e9:d0:64:36:83:03:59:81:d5:ed:05:57:b4:da:08: c5:c6:e5:2a:54:2a:91:54:2a:99:b5:06:08:93:b1: 1d:d1:80:d3:ad:50:13:b1:3f:ba:8e:b8:b0:4d:9f: f8:77:c5:98:a2:30:44:84:ea:4c:b8:ee:be:cd:02: c8:b1:97:6c:df:f1:4f:2c:3e:f3:ec:a8:20:60:a0: c6:34:0b:a8:6d:15:a9:04:f5:31:7c:51:8b:87:73: 27:68:d4:9d:cd:b9:ad:b1:0f:cb:28:ff:c8:34:51: 92:9b:a8:6e:f0:de:c6:d3:48:68:9b:ff:7f:de:52: a5:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:A5:9C:7C:EF:10:14:15:E6:65:2E:09:27:EE:42:9B:EB:E4:3D:CE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EaWcfO8QFBXmZS4JJ-5Cm-vkPc4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.252.28.0/22 Signature Algorithm: sha256WithRSAEncryption 68:9d:3c:ce:4c:96:c5:c3:aa:8b:a2:b2:40:68:d0:af:62:06: 95:68:04:e1:88:f3:ce:f5:be:16:03:88:e4:e9:dc:ea:d4:5b: 51:93:0a:cc:2d:bb:4a:18:d5:a3:a3:42:bd:82:a5:78:67:39: c1:d4:95:0e:ac:f2:2e:79:4d:0b:33:7f:34:77:9f:f7:a6:f2: bf:cd:c1:67:d5:29:5e:df:b1:31:41:11:b9:5c:9e:fe:58:fe: 9b:5e:55:4f:c3:a3:d1:08:b6:e1:f2:e2:e2:c1:7d:18:fa:6e: 37:7a:7d:e6:49:e6:62:97:93:32:99:e5:df:fa:ea:36:e7:3f: d3:67:7a:a8:a6:c9:6b:22:2d:8a:26:5a:f4:ce:a6:15:9f:37: 62:60:e6:7e:4f:d8:81:f9:89:16:d9:67:6c:e9:61:2a:d9:5b: b8:b1:22:db:aa:65:00:fc:ef:ae:31:7e:5d:12:4d:ad:b2:c7: 10:aa:39:9d:12:c2:48:7c:58:d3:aa:36:2e:e8:e7:e8:f7:00: 53:a3:29:e6:b5:b5:59:13:a3:93:53:e2:f4:8c:24:ee:99:9f: 47:b8:0c:00:d8:e4:f0:9d:e1:68:ee:7c:aa:90:3c:f9:65:0f: 40:52:78:74:fd:eb:69:d8:e1:50:2e:dd:db:4e:81:ff:cd:d5: e3:c4:3a:e2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1MjNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDExQTU5QzdDRUYxMDE0 MTVFNjY1MkUwOTI3RUU0MjlCRUJFNDNEQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNMrVQfwIrV077Majsh7eWJBDtAyoA/j2zQF0p4c8U1HbdfWRH Gn/8rV8K17cFpNi7Ojc7wjL4wpM1WPLdltf46Yx+2/msz2XLVqrFmQ8dfflzz542 Nu3oCLk9XXccBAB6I/a0qa0wlLmZNebWDTnthV6twjUS4uhhrCeHxZ936RDRYasj 6OnQZDaDA1mB1e0FV7TaCMXG5SpUKpFUKpm1BgiTsR3RgNOtUBOxP7qOuLBNn/h3 xZiiMESE6ky47r7NAsixl2zf8U8sPvPsqCBgoMY0C6htFakE9TF8UYuHcydo1J3N ua2xD8so/8g0UZKbqG7w3sbTSGib/3/eUqVjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEaWcfO8QFBXmZS4JJ+5Cm+vkPc4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0VhV2NmTzhRRkJYbVpT NEpKLTVDbS12a1BjNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIt/BwwDQYJKoZIhvcNAQELBQADggEBAGidPM5MlsXDqouiskBo0K9iBpVoBOGI 8871vhYDiOTp3OrUW1GTCswtu0oY1aOjQr2CpXhnOcHUlQ6s8i55TQszfzR3n/em 8r/NwWfVKV7fsTFBEblcnv5Y/pteVU/Do9EItuHy4uLBfRj6bjd6feZJ5mKXkzKZ 5d/66jbnP9NneqimyWsiLYomWvTOphWfN2Jg5n5P2IH5iRbZZ2zpYSrZW7ixItuq ZQD8764xfl0STa2yxxCqOZ0Swkh8WNOqNi7o5+j3AFOjKea1tVkTo5NT4vSMJO6Z n0e4DADY5PCd4WjufKqQPPllD0BSeHT962nY4VAu3dtOgf/N1ePEOuI= -----END CERTIFICATE-----Generated at Sat Apr 26 14:39:34 2025 by rpki-client