$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/UStN7kvuK_-ppvq5ruV5bVQfDuI.roa File: UStN7kvuK_-ppvq5ruV5bVQfDuI.roa (raw, json) Hash identifier: +WC1c0y0Oz3sKmMUqpO35inYl85R6iLjyunKAOfCRHQ= Subject key identifier: 51:2B:4D:EE:4B:EE:2B:FF:A9:A6:FA:B9:AE:E5:79:6D:54:1F:0E:E2 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1A41 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/UStN7kvuK_-ppvq5ruV5bVQfDuI.roa Signing time: Thu 28 Mar 2024 11:32:05 +0000 ROA not before: Thu 28 Mar 2024 11:32:05 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 61317 IP address blocks: 103.244.116.0/22 maxlen: 24 223.29.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 12:23:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6721 (0x1a41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Mar 28 11:32:05 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=512B4DEE4BEE2BFFA9A6FAB9AEE5796D541F0EE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:21:c3:df:e8:f5:fd:54:b5:91:27:28:68:89: a0:2b:f6:60:25:e7:6e:48:eb:76:f2:01:44:42:a8: a5:61:0c:b9:27:89:62:7e:a7:f3:f0:29:ff:50:71: cd:9b:66:38:34:59:b8:6c:c5:e2:9f:51:b2:b6:30: 20:fb:33:19:b9:5e:ca:d0:ce:cc:68:c1:9a:04:12: b3:e5:4c:67:27:2e:9b:fd:89:5a:4c:13:55:cb:c5: 2d:cb:e4:bd:1f:e4:a9:9b:c7:3d:e7:7b:cc:a2:8f: 4a:6f:e8:c4:ff:00:5b:1a:9b:b3:3b:b1:bd:e4:7a: 8b:cb:80:32:97:68:b7:aa:ca:1f:ad:b1:12:a3:e3: 2d:c5:a5:d3:8b:2b:f1:5d:c7:52:14:b2:5a:71:a1: f9:9c:c2:bf:6c:a8:6d:f2:c1:e3:bd:a2:21:bc:b7: 29:96:20:0f:2c:a3:e6:4c:77:78:72:70:7c:0a:6a: 2b:71:aa:df:13:9c:e5:10:01:b9:15:d7:c5:c9:55: 68:11:57:c9:9a:17:bd:10:2b:be:28:d0:c1:62:cc: f4:22:3a:e2:b3:cb:64:81:b6:d6:a1:ac:5b:45:06: bf:9d:09:58:ee:f8:d6:be:4f:92:44:bf:ef:51:01: 08:93:3f:70:e5:c4:dd:de:ef:b4:c5:f0:33:83:4a: f5:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:2B:4D:EE:4B:EE:2B:FF:A9:A6:FA:B9:AE:E5:79:6D:54:1F:0E:E2 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/UStN7kvuK_-ppvq5ruV5bVQfDuI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.116.0/22 223.29.252.0/22 Signature Algorithm: sha256WithRSAEncryption 98:c9:b9:47:b3:82:88:4c:9d:c0:56:ba:7f:be:2c:74:c4:78: 87:5a:a8:1c:21:36:ec:5d:b5:1c:6f:4f:69:05:dd:c0:38:97: 2f:d1:2d:32:4b:dc:20:06:9d:d3:b3:ad:51:7a:79:c6:67:7b: 4d:bc:6d:07:48:63:ab:e4:85:b0:9f:02:1a:4f:c2:f5:6f:6a: 20:a4:5b:06:f1:58:08:61:ae:5d:18:95:f6:8d:e8:3a:f4:2c: a0:c8:21:e5:23:65:fa:f2:31:21:cc:72:af:73:c9:1c:b2:15: 4e:a6:ea:ce:8f:4f:c6:6a:2f:64:48:8b:e8:61:b2:f0:6c:4f: a2:be:11:dc:d1:aa:7e:ff:94:3d:04:4e:8a:85:86:69:d6:42: d1:92:56:2f:3d:cd:05:10:5d:7a:3b:c0:61:55:6e:21:28:23: 9e:40:ad:f2:2e:87:81:64:dc:96:4f:e3:b5:39:16:19:e5:38: a7:ce:a0:8e:a5:a5:cf:b3:09:37:9e:fc:f1:b6:d1:e6:e2:c3: b7:7c:ad:1c:b5:84:85:d5:1b:79:3b:2e:c3:fb:8d:5c:28:9e: 76:ea:96:d8:4b:a2:76:6c:73:51:e6:f1:a9:ea:64:b7:8e:f2: 6b:1e:95:9a:d4:b9:bf:a0:4d:5b:9b:d7:b4:c8:b0:b4:37:f6: 37:52:16:b1 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICGkEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMjgx MTMyMDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUxMkI0REVFNEJFRTJC RkZBOUE2RkFCOUFFRTU3OTZENTQxRjBFRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSIcPf6PX9VLWRJyhoiaAr9mAl525I63byAURCqKVhDLkniWJ+ p/PwKf9Qcc2bZjg0WbhsxeKfUbK2MCD7Mxm5XsrQzsxowZoEErPlTGcnLpv9iVpM E1XLxS3L5L0f5Kmbxz3ne8yij0pv6MT/AFsam7M7sb3keovLgDKXaLeqyh+tsRKj 4y3FpdOLK/Fdx1IUslpxofmcwr9sqG3yweO9oiG8tymWIA8so+ZMd3hycHwKaitx qt8TnOUQAbkV18XJVWgRV8maF70QK74o0MFizPQiOuKzy2SBttahrFtFBr+dCVju +Na+T5JEv+9RAQiTP3DlxN3e77TF8DODSvWnAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUUStN7kvuK/+ppvq5ruV5bVQfDuIwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvVVN0TjdrdnVLXy1w cHZxNXJ1VjViVlFmRHVJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAmf0dAMEAt8d/DANBgkqhkiG9w0BAQsFAAOCAQEAmMm5R7OCiEydwFa6f74s dMR4h1qoHCE27F21HG9PaQXdwDiXL9EtMkvcIAad07OtUXp5xmd7TbxtB0hjq+SF sJ8CGk/C9W9qIKRbBvFYCGGuXRiV9o3oOvQsoMgh5SNl+vIxIcxyr3PJHLIVTqbq zo9PxmovZEiL6GGy8GxPor4R3NGqfv+UPQROioWGadZC0ZJWLz3NBRBdejvAYVVu ISgjnkCt8i6HgWTclk/jtTkWGeU4p86gjqWlz7MJN5788bbR5uLDt3ytHLWEhdUb eTsuw/uNXCieduqW2EuidmxzUebxqepkt47yax6VmtS5v6BNW5vXtMiwtDf2N1IW sQ== -----END CERTIFICATE-----Generated at Sat May 4 08:33:01 2024 by rpki-client on console-fra.rpki-client.org