$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/cIFRnvNGbT6zBKm2m70viehTEOs.roa File: cIFRnvNGbT6zBKm2m70viehTEOs.roa (raw, json) Hash identifier: Bo9faJxf5wbeAZwaiBsC6BwE8dL0QM7SFQ+Ntkd9Epk= Subject key identifier: 70:81:51:9E:F3:46:6D:3E:B3:04:A9:B6:9B:BD:2F:89:E8:53:10:EB Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 184C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cIFRnvNGbT6zBKm2m70viehTEOs.roa Signing time: Fri 17 Jan 2025 01:24:53 +0000 ROA not before: Fri 17 Jan 2025 01:24:53 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 17621 IP address blocks: 43.254.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6220 (0x184c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:53 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=7081519EF3466D3EB304A9B69BBD2F89E85310EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:4b:db:31:a7:d4:b1:b0:62:fb:a0:ac:22:96: c3:3d:77:ff:3f:82:10:1f:07:b5:a7:30:22:ad:b4: fa:15:08:5b:12:e9:33:74:bb:bb:8f:4d:72:44:20: 0a:33:05:7f:c1:52:83:de:1e:02:2e:87:a3:f1:6f: 48:a7:61:22:34:e4:1d:47:c9:f7:e6:01:5e:23:9b: bb:56:d1:c8:8f:77:38:bc:08:ec:07:bf:66:d0:fd: a3:68:c8:33:de:92:d7:6e:21:fd:fd:e7:8e:57:68: a7:e8:b0:9a:de:a0:3b:8e:c1:b0:9c:5d:13:3b:5d: 29:4a:a2:e7:0f:ec:e9:25:ac:d6:a0:66:57:ec:d8: 59:55:a2:15:a1:68:4e:17:2e:5d:48:18:ec:28:ab: 33:88:eb:66:ce:d5:67:a0:d4:b5:20:2b:0f:7b:69: e0:1c:06:77:a7:1a:5a:ec:fc:10:92:87:a4:3f:aa: e8:e2:d3:55:9d:00:fa:af:42:a1:76:a1:6f:84:ba: fe:1d:46:bb:1a:db:cb:8e:34:91:f6:77:97:0a:be: 9f:83:93:ac:5d:d9:0b:6e:29:ff:73:08:cf:1b:0b: 8d:57:44:58:2f:51:ea:fd:ee:31:8e:5c:b8:ca:01: 06:e1:24:b6:79:7c:d5:9e:43:04:e9:21:85:0d:ee: 72:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:81:51:9E:F3:46:6D:3E:B3:04:A9:B6:9B:BD:2F:89:E8:53:10:EB X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cIFRnvNGbT6zBKm2m70viehTEOs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.152.0/24 Signature Algorithm: sha256WithRSAEncryption 67:97:96:57:1e:82:47:da:64:19:59:01:6f:19:ff:8e:cb:fd: 79:e1:f2:b7:d0:37:77:ea:23:5e:58:c9:03:f7:0f:c0:ff:07: 7c:8d:89:c9:7c:19:7d:01:a6:3e:68:62:57:2e:a0:51:48:77: cc:5b:e9:b3:b5:64:76:24:92:c9:47:9d:ce:64:b3:23:fe:d0: ee:81:52:8f:71:df:1f:8e:82:3e:42:43:3c:a8:c4:bc:40:08: e8:dc:ec:13:19:65:9d:f2:e4:93:b3:76:96:a7:b8:eb:70:fa: 57:14:7a:7b:f4:6d:c0:9d:01:b0:69:7a:20:07:b8:15:c5:f7: c8:eb:81:67:22:de:43:f2:b0:fe:30:b3:1f:8e:5a:75:27:c2: fc:e7:ac:6a:d1:43:0b:e6:3e:99:da:93:db:75:31:1b:cc:46: 47:67:15:fc:b0:86:90:b1:e5:25:20:73:4d:1f:83:f4:9d:ed: b6:00:72:48:ee:12:9f:bb:ff:b9:9c:2d:7c:88:66:0f:74:5e: 2c:26:e8:95:b3:b3:77:71:dc:1d:0b:a3:cd:17:8c:9b:d7:d0: a8:85:98:3e:c2:37:4d:1a:9a:cf:f4:f5:55:01:5d:01:0a:83: 1f:9d:38:2c:63:cb:ff:2d:b0:01:8a:d2:20:cf:31:be:bf:5b: 77:22:06:f4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDcwODE1MTlFRjM0NjZE M0VCMzA0QTlCNjlCQkQyRjg5RTg1MzEwRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmS9sxp9SxsGL7oKwilsM9d/8/ghAfB7WnMCKttPoVCFsS6TN0 u7uPTXJEIAozBX/BUoPeHgIuh6Pxb0inYSI05B1HyffmAV4jm7tW0ciPdzi8COwH v2bQ/aNoyDPektduIf39545XaKfosJreoDuOwbCcXRM7XSlKoucP7OklrNagZlfs 2FlVohWhaE4XLl1IGOwoqzOI62bO1Weg1LUgKw97aeAcBnenGlrs/BCSh6Q/quji 01WdAPqvQqF2oW+Euv4dRrsa28uONJH2d5cKvp+Dk6xd2QtuKf9zCM8bC41XRFgv Uer97jGOXLjKAQbhJLZ5fNWeQwTpIYUN7nJlAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUcIFRnvNGbT6zBKm2m70viehTEOswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2NJRlJudk5HYlQ2ekJL bTJtNzB2aWVoVEVPcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAr/pgwDQYJKoZIhvcNAQELBQADggEBAGeXllcegkfaZBlZAW8Z/47L/Xnh8rfQ N3fqI15YyQP3D8D/B3yNicl8GX0Bpj5oYlcuoFFId8xb6bO1ZHYkkslHnc5ksyP+ 0O6BUo9x3x+Ogj5CQzyoxLxACOjc7BMZZZ3y5JOzdpanuOtw+lcUenv0bcCdAbBp eiAHuBXF98jrgWci3kPysP4wsx+OWnUnwvznrGrRQwvmPpnak9t1MRvMRkdnFfyw hpCx5SUgc00fg/Sd7bYAckjuEp+7/7mcLXyIZg90Xiwm6JWzs3dx3B0Lo80XjJvX 0KiFmD7CN00ams/09VUBXQEKgx+dOCxjy/8tsAGK0iDPMb6/W3ciBvQ= -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:40 2025 by rpki-client