$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1826/ggdx-mcu0shZmPEtYMJfufUw3pU.roa File: ggdx-mcu0shZmPEtYMJfufUw3pU.roa (raw, json) Hash identifier: fBLKKRGSlN4WW1ZnUwP/Np/OXAhH2RF44bTFLA0hSLk= Subject key identifier: 82:07:71:FA:67:2E:D2:C8:59:98:F1:2D:60:C2:5F:B9:F5:30:DE:95 Certificate issuer: /CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F Certificate serial: 14C2 Authority key identifier: 75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/ggdx-mcu0shZmPEtYMJfufUw3pU.roa Signing time: Sun 27 Apr 2025 09:29:37 +0000 ROA not before: Sun 27 Apr 2025 09:29:37 +0000 ROA not after: Fri 03 Apr 2026 08:00:09 +0000 asID: 152320 IP address blocks: 103.223.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 20:10:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5314 (0x14c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F Validity Not Before: Apr 27 09:29:37 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=820771FA672ED2C85998F12D60C25FB9F530DE95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:90:1f:da:70:4f:15:ff:ea:39:6f:3e:16:0c: 12:16:ac:c1:b2:53:9b:32:1d:f2:ea:d6:50:cc:84: 05:28:12:ee:6f:c7:d2:22:13:a6:fa:fc:2d:98:de: c3:da:a6:be:3f:02:1a:16:fc:87:c8:02:2c:fd:0e: c1:65:9a:6a:c4:52:dc:67:74:b2:ae:2c:e4:6b:da: 3e:f4:3e:fe:31:d9:a6:b3:d8:54:a2:13:b9:0a:c5: 28:d5:db:ad:06:0c:fb:b2:52:27:38:65:f3:58:6a: ce:da:1a:12:06:bb:55:63:04:3c:00:82:f0:48:90: 74:b2:01:69:38:2d:48:81:13:92:74:f7:c8:48:e4: ef:d9:69:08:18:7d:8c:bd:95:fb:ec:d1:1e:28:c5: 7d:82:cd:78:7d:08:d4:1f:48:b8:bd:91:67:b7:0d: 8e:54:bd:c1:f8:03:cb:b5:f5:97:79:0d:19:d2:e0: a2:6d:92:e1:26:68:6b:4a:ff:46:9c:0e:fe:27:c2: 88:1b:78:6d:06:73:b2:52:a6:31:f5:0d:7c:a3:90: 02:b4:a5:60:fd:7b:a4:6c:34:5a:9c:b5:b5:f1:94: 21:d6:40:f9:f3:c2:19:90:6c:1f:80:4a:31:9b:88: c4:66:d7:c5:40:87:55:2f:3f:15:bf:1d:f0:7a:7c: dd:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:07:71:FA:67:2E:D2:C8:59:98:F1:2D:60:C2:5F:B9:F5:30:DE:95 X509v3 Authority Key Identifier: keyid:75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/ggdx-mcu0shZmPEtYMJfufUw3pU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.223.121.0/24 Signature Algorithm: sha256WithRSAEncryption 88:11:4a:b4:5e:a6:66:8c:18:c1:66:cf:ff:ec:15:f0:61:fd: 3f:e6:4c:12:46:6f:99:6d:48:ea:d4:97:d8:bf:7f:83:50:9a: 42:01:c6:ba:e6:6a:5a:09:ff:db:f5:92:7e:1f:50:00:aa:dd: 33:5f:86:f6:8f:e0:ed:3a:b7:93:97:b1:00:e6:77:54:e0:43: 9c:ea:39:b7:66:a3:ad:c1:8d:88:eb:56:05:dc:88:8a:f1:50: b4:73:b2:11:9c:30:be:da:4b:b9:1a:81:f6:44:85:14:19:d7: 4a:ce:4b:c6:b1:50:8a:b2:bc:f0:9c:e3:07:d3:ec:a4:6c:6b: 4e:cf:bb:8f:6c:ae:5c:0f:17:0b:a9:e2:ec:47:df:c4:d2:aa: a4:cc:92:14:4c:23:a9:96:0e:97:03:a0:1a:74:b3:30:04:99: b3:82:3e:02:62:e1:4c:ec:d0:b6:85:be:1f:99:4f:21:04:83: f9:50:61:5a:9f:fe:5a:d8:25:29:d4:d7:0a:01:55:36:59:6f: 11:ed:2f:a4:4e:57:e1:35:dc:25:9e:a4:c0:26:b2:6f:6c:e3: e1:cb:e2:39:28:4d:e0:01:c3:0a:a1:39:cd:12:fb:a0:84:32: 1a:0d:1c:34:d6:a0:df:c1:8d:16:d5:fe:b1:b9:d7:05:29:c4: 17:b8:d9:0d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzUz MjREM0I4RjFENUVCQTU3NzBFNjYxRUUxNkFGMjRBNzUwNTU0RjAeFw0yNTA0Mjcw OTI5MzdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDgyMDc3MUZBNjcyRUQy Qzg1OTk4RjEyRDYwQzI1RkI5RjUzMERFOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7kB/acE8V/+o5bz4WDBIWrMGyU5syHfLq1lDMhAUoEu5vx9Ii E6b6/C2Y3sPapr4/AhoW/IfIAiz9DsFlmmrEUtxndLKuLORr2j70Pv4x2aaz2FSi E7kKxSjV260GDPuyUic4ZfNYas7aGhIGu1VjBDwAgvBIkHSyAWk4LUiBE5J098hI 5O/ZaQgYfYy9lfvs0R4oxX2CzXh9CNQfSLi9kWe3DY5UvcH4A8u19Zd5DRnS4KJt kuEmaGtK/0acDv4nwogbeG0Gc7JSpjH1DXyjkAK0pWD9e6RsNFqctbXxlCHWQPnz whmQbB+ASjGbiMRm18VAh1UvPxW/HfB6fN2lAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUggdx+mcu0shZmPEtYMJfufUw3pUwHwYDVR0jBBgwFoAUdTJNO48dXrpXcOZh 7havJKdQVU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy Ni9kVEpOTzQ4ZFhycFhjT1poN2hhdkpLZFFWVTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2RUSk5PNDhkWHJwWGNPWmg3aGF2SktkUVZVOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjYvZ2dkeC1tY3Uwc2ha bVBFdFlNSmZ1ZlV3M3BVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGffeTANBgkqhkiG9w0BAQsFAAOCAQEAiBFKtF6mZowYwWbP/+wV8GH9P+ZM EkZvmW1I6tSX2L9/g1CaQgHGuuZqWgn/2/WSfh9QAKrdM1+G9o/g7Tq3k5exAOZ3 VOBDnOo5t2ajrcGNiOtWBdyIivFQtHOyEZwwvtpLuRqB9kSFFBnXSs5LxrFQirK8 8JzjB9PspGxrTs+7j2yuXA8XC6ni7EffxNKqpMySFEwjqZYOlwOgGnSzMASZs4I+ AmLhTOzQtoW+H5lPIQSD+VBhWp/+WtglKdTXCgFVNllvEe0vpE5X4TXcJZ6kwCay b2zj4cviOShN4AHDCqE5zRL7oIQyGg0cNNag38GNFtX+sbnXBSnEF7jZDQ== -----END CERTIFICATE-----Generated at Sun May 11 18:51:59 2025 by rpki-client