$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hkSO-diooUm7sKI4SwX6B6A9STU.roa File: hkSO-diooUm7sKI4SwX6B6A9STU.roa (raw, json) Hash identifier: yL0CZ594NShIUd04w8fIwdZIyNFbWHfP9CwYYnx1DPc= Subject key identifier: 86:44:8E:F9:D8:A8:A1:49:BB:B0:A2:38:4B:05:FA:07:A0:3D:49:35 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 18DE Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hkSO-diooUm7sKI4SwX6B6A9STU.roa Signing time: Fri 17 Jan 2025 01:25:43 +0000 ROA not before: Fri 17 Jan 2025 01:25:43 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 13444 IP address blocks: 103.220.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Apr 2025 16:38:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6366 (0x18de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Jan 17 01:25:43 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=86448EF9D8A8A149BBB0A2384B05FA07A03D4935 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:ce:c1:1f:b0:df:6d:e1:2f:b3:5a:c4:1c:f6: b6:ac:fe:a9:f0:8f:b4:50:78:9e:c8:e6:28:08:34: d6:3d:8d:18:ea:03:94:99:79:f0:7a:db:9e:89:60: 63:80:c5:2a:21:ab:a4:ce:e9:3e:47:01:ac:ac:63: d3:ee:9a:3f:4f:fc:69:28:aa:d3:d6:c0:b3:ef:f9: c2:6f:32:8f:ab:c2:17:a9:45:51:bd:b7:87:f7:a5: e5:0b:5b:01:04:4c:85:ae:60:6f:2c:51:1e:fc:5a: 11:2d:fb:33:6d:50:7b:de:3c:29:9e:26:7e:5e:2c: dd:7f:25:48:d1:04:d1:fe:c7:86:a4:7d:c0:6d:50: 9a:ce:4c:2f:28:d6:3e:2e:e0:32:82:3b:76:2c:06: 6c:aa:71:82:97:62:dd:36:97:66:d7:24:b6:28:aa: d6:1a:c0:17:99:76:59:51:83:a5:3b:0b:1d:78:79: f4:cf:12:64:65:e4:ff:38:bc:4e:3d:ca:6b:a1:12: d5:4b:d7:78:af:db:2e:de:0d:09:3f:b5:46:4a:aa: a1:10:12:90:1f:1e:59:21:f0:5b:a8:31:bd:c8:e2: 64:99:c4:23:46:df:92:e2:b1:0c:0c:2a:d3:34:64: de:c7:70:a4:95:6c:37:bb:89:02:9e:60:14:b8:5e: 75:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:44:8E:F9:D8:A8:A1:49:BB:B0:A2:38:4B:05:FA:07:A0:3D:49:35 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hkSO-diooUm7sKI4SwX6B6A9STU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.255.0/24 Signature Algorithm: sha256WithRSAEncryption 02:a5:b5:6a:84:6e:8f:fd:c0:63:81:99:99:c3:d7:59:00:fd: 8e:4d:63:53:6c:f5:dc:8c:fc:62:04:b6:dd:72:29:81:ee:05: e4:90:f4:05:df:a5:3f:c1:c0:68:65:df:d8:42:d6:e9:7f:3f: 1a:1b:5c:33:3a:d4:9c:f1:58:38:9a:1f:4d:2d:65:2c:61:93: 49:d7:00:b4:8f:e8:d6:6f:be:30:71:ae:6f:eb:7e:98:59:30: 69:30:bd:8f:27:09:49:be:ef:1f:db:c0:4a:7c:bc:23:6c:f5: b5:22:63:72:2a:2c:57:e8:80:30:61:c0:96:e0:ad:bc:1d:99: a4:23:2b:31:75:7d:0e:d9:a0:98:f9:6c:ea:a4:48:27:d8:0a: 65:28:a7:84:3b:29:99:69:c4:2a:13:e3:a7:75:24:5d:77:b8: cc:02:76:c3:7f:e9:b7:6b:a1:11:74:8f:36:16:01:18:b4:cc: 40:a9:03:72:e7:e8:ca:81:5c:07:33:91:ae:9e:fc:86:14:68: 51:8a:3a:98:bd:d6:6d:cd:ee:9b:ed:67:3a:78:3e:31:28:a0: 62:62:27:63:26:96:5c:98:e8:ab:81:66:5e:2c:dd:b7:e5:95: 7a:9a:62:4f:27:a1:b4:da:d3:03:31:19:3a:de:0c:86:05:0d: da:24:c4:ba -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICGN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNTAxMTcw MTI1NDNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg2NDQ4RUY5RDhBOEEx NDlCQkIwQTIzODRCMDVGQTA3QTAzRDQ5MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD2zsEfsN9t4S+zWsQc9ras/qnwj7RQeJ7I5igINNY9jRjqA5SZ efB6256JYGOAxSohq6TO6T5HAaysY9Pumj9P/GkoqtPWwLPv+cJvMo+rwhepRVG9 t4f3peULWwEETIWuYG8sUR78WhEt+zNtUHvePCmeJn5eLN1/JUjRBNH+x4akfcBt UJrOTC8o1j4u4DKCO3YsBmyqcYKXYt02l2bXJLYoqtYawBeZdllRg6U7Cx14efTP EmRl5P84vE49ymuhEtVL13iv2y7eDQk/tUZKqqEQEpAfHlkh8FuoMb3I4mSZxCNG 35LisQwMKtM0ZN7HcKSVbDe7iQKeYBS4XnV/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUhkSO+diooUm7sKI4SwX6B6A9STUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hrU08tZGlvb1VtN3NL STRTd1g2QjZBOVNUVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3P8wDQYJKoZIhvcNAQELBQADggEBAAKltWqEbo/9wGOBmZnD11kA/Y5NY1Ns 9dyM/GIEtt1yKYHuBeSQ9AXfpT/BwGhl39hC1ul/PxobXDM61JzxWDiaH00tZSxh k0nXALSP6NZvvjBxrm/rfphZMGkwvY8nCUm+7x/bwEp8vCNs9bUiY3IqLFfogDBh wJbgrbwdmaQjKzF1fQ7ZoJj5bOqkSCfYCmUop4Q7KZlpxCoT46d1JF13uMwCdsN/ 6bdroRF0jzYWARi0zECpA3Ln6MqBXAczka6e/IYUaFGKOpi91m3N7pvtZzp4PjEo oGJiJ2MmllyY6KuBZl4s3bfllXqaYk8nobTa0wMxGTreDIYFDdokxLo= -----END CERTIFICATE-----Generated at Sat Apr 26 14:31:30 2025 by rpki-client