$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/fwjuoTSANu5qT23hnn4d0JhMnrg.roa File: fwjuoTSANu5qT23hnn4d0JhMnrg.roa (raw, json) Hash identifier: kXrhtATYc2XTXnipHrD8tGcBpZNW1VPWYV+QoRZyzdU= Subject key identifier: 7F:08:EE:A1:34:80:36:EE:6A:4F:6D:E1:9E:7E:1D:D0:98:4C:9E:B8 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 182E Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/fwjuoTSANu5qT23hnn4d0JhMnrg.roa Signing time: Fri 17 Jan 2025 01:24:42 +0000 ROA not before: Fri 17 Jan 2025 01:24:42 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 139259 IP address blocks: 103.221.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6190 (0x182e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:24:42 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=7F08EEA1348036EE6A4F6DE19E7E1DD0984C9EB8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:30:53:d6:4b:20:8e:9d:58:67:cc:29:c1:43: 96:81:74:fc:57:59:de:d8:83:22:85:d4:fd:3b:b3: 70:86:99:78:64:87:d6:f4:e0:37:2e:ea:36:26:96: f7:13:74:d3:ee:6e:aa:cc:bf:62:b8:6f:db:21:e8: 7a:f8:59:02:c3:3e:fe:7c:65:5d:c1:7c:e8:01:7d: c8:d1:35:f5:6e:96:ff:1e:87:24:28:d8:e5:56:eb: ac:a4:c4:a2:92:6c:f6:f2:34:b3:cc:0c:c9:67:3f: 24:0b:89:d8:41:a3:25:48:01:63:b6:96:77:e9:5b: 06:ec:73:a0:1c:05:31:b4:29:6f:93:dd:02:db:f8: d0:32:ff:ed:4e:c6:d4:f3:a8:f3:a6:d7:db:09:d8: 3d:8f:e1:42:25:41:70:51:c6:74:61:02:0b:73:e3: d9:08:34:f8:1f:77:0d:bb:b3:c9:c5:04:7b:71:2c: 68:0e:79:b6:3c:b0:56:b5:e2:3d:39:12:d9:90:ed: 9f:20:eb:a2:72:e7:be:36:0f:11:c7:9b:ac:52:00: 03:5b:15:fe:07:24:bb:f5:67:61:4d:0a:60:c4:9a: 11:f8:6a:92:d2:f8:87:46:8d:7f:fa:31:7b:6e:c8: 95:77:c4:b9:32:de:c2:da:6a:92:13:ba:98:41:4d: f5:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:08:EE:A1:34:80:36:EE:6A:4F:6D:E1:9E:7E:1D:D0:98:4C:9E:B8 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/fwjuoTSANu5qT23hnn4d0JhMnrg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.14.0/24 Signature Algorithm: sha256WithRSAEncryption de:81:91:a5:d0:72:ba:fb:4a:a7:93:19:b3:76:1d:21:67:c1: d6:fb:80:d9:40:d9:fe:4f:a0:a8:b4:0b:eb:75:e8:64:fe:fd: e6:b7:68:7c:71:93:69:a9:0b:cf:0b:ec:7d:b5:09:20:73:eb: 94:d6:e3:b7:45:f4:a0:14:8d:c4:d4:6f:f3:d0:ad:12:b1:10: 37:c7:6c:9e:a6:60:b4:88:ff:28:5a:85:69:c5:cc:73:5a:e5: ee:de:a9:50:cd:95:2c:5e:5b:6f:14:ab:58:3d:27:89:9c:6f: d6:6a:91:af:cb:0b:56:52:9d:3a:9d:99:ca:5b:7d:94:19:48: bf:29:b1:7d:bb:92:a0:c7:c0:71:ca:df:0d:fd:2c:0b:e0:73: 1e:a4:03:2f:52:f9:15:d8:59:bd:f0:e4:3e:26:b4:e5:18:62: a0:94:57:a3:1c:9d:39:77:d5:bf:b9:0c:ef:fa:9b:f6:9e:df: ff:b9:9a:4c:1e:68:4e:b5:12:14:27:d0:a9:ad:32:8a:ac:00: 80:28:7e:ee:0e:88:b2:f3:eb:2c:a5:98:20:1c:a6:48:48:9a: 3e:f1:8f:4e:a6:5c:95:f9:d0:c0:03:3d:7f:63:9f:0b:3f:55: 7d:70:5f:6b:28:ed:f5:ab:b5:6b:1d:ea:f1:e6:c7:73:8a:6e: 15:95:9b:7f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI0NDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDdGMDhFRUExMzQ4MDM2 RUU2QTRGNkRFMTlFN0UxREQwOTg0QzlFQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDMFPWSyCOnVhnzCnBQ5aBdPxXWd7YgyKF1P07s3CGmXhkh9b0 4Dcu6jYmlvcTdNPubqrMv2K4b9sh6Hr4WQLDPv58ZV3BfOgBfcjRNfVulv8ehyQo 2OVW66ykxKKSbPbyNLPMDMlnPyQLidhBoyVIAWO2lnfpWwbsc6AcBTG0KW+T3QLb +NAy/+1OxtTzqPOm19sJ2D2P4UIlQXBRxnRhAgtz49kINPgfdw27s8nFBHtxLGgO ebY8sFa14j05EtmQ7Z8g66Jy5742DxHHm6xSAANbFf4HJLv1Z2FNCmDEmhH4apLS +IdGjX/6MXtuyJV3xLky3sLaapITuphBTfUpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUfwjuoTSANu5qT23hnn4d0JhMnrgwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2Z3anVvVFNBTnU1cVQy M2hubjRkMEpoTW5yZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3Q4wDQYJKoZIhvcNAQELBQADggEBAN6BkaXQcrr7SqeTGbN2HSFnwdb7gNlA 2f5PoKi0C+t16GT+/ea3aHxxk2mpC88L7H21CSBz65TW47dF9KAUjcTUb/PQrRKx EDfHbJ6mYLSI/yhahWnFzHNa5e7eqVDNlSxeW28Uq1g9J4mcb9Zqka/LC1ZSnTqd mcpbfZQZSL8psX27kqDHwHHK3w39LAvgcx6kAy9S+RXYWb3w5D4mtOUYYqCUV6Mc nTl31b+5DO/6m/ae3/+5mkweaE61EhQn0KmtMoqsAIAofu4OiLLz6yylmCAcpkhI mj7xj06mXJX50MADPX9jnws/VX1wX2so7fWrtWsd6vHmx3OKbhWVm38= -----END CERTIFICATE-----Generated at Sat Apr 26 14:39:42 2025 by rpki-client