$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/z7e9dfjPdLPAkRwmCZdWxmJk4u0.roa File: z7e9dfjPdLPAkRwmCZdWxmJk4u0.roa (raw, json) Hash identifier: pIXXbkR95npm68cDn866IUWc6Mqn1NPZpzKEnk7rxKM= Subject key identifier: CF:B7:BD:75:F8:CF:74:B3:C0:91:1C:26:09:97:56:C6:62:64:E2:ED Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 19ED Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/z7e9dfjPdLPAkRwmCZdWxmJk4u0.roa Signing time: Wed 13 Mar 2024 01:21:11 +0000 ROA not before: Wed 13 Mar 2024 01:21:11 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 212237 IP address blocks: 103.31.236.0/22 maxlen: 24 103.31.237.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 02:53:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6637 (0x19ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Mar 13 01:21:11 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CFB7BD75F8CF74B3C0911C26099756C66264E2ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:ee:74:4f:6a:67:77:88:13:25:c1:83:e9:53: a2:96:d1:20:6f:29:7d:4f:16:a9:95:d7:bf:78:67: 90:1f:b3:76:10:47:e8:d6:30:40:51:3f:55:1a:6c: e0:aa:c8:96:e8:b7:60:41:8d:4c:64:96:a8:37:b6: b2:33:72:84:c3:fa:d6:d3:da:da:29:6b:1f:06:58: b0:4e:01:09:60:ea:33:f7:0b:cc:51:fd:6c:f2:d6: 58:10:31:3d:31:92:3d:a6:1a:7b:c8:f3:bb:18:ed: 49:76:83:55:6b:29:5a:11:73:23:70:78:fc:38:53: 18:e9:c1:70:4f:78:d3:e3:f7:db:7e:48:6b:0b:55: 33:af:11:43:35:e8:1e:ca:4d:65:ed:f0:b6:bf:0b: 5e:fc:97:78:ab:44:41:06:2f:07:59:e0:84:71:db: d0:2e:1a:b2:96:30:2f:ca:36:4b:51:68:73:94:1a: d2:b0:93:66:44:52:ef:2b:4d:93:72:89:6d:87:5b: 6b:5f:01:32:33:aa:f6:3d:6a:42:a2:d2:73:8d:94: 09:cb:eb:c6:49:d8:9a:66:64:8e:52:26:8f:95:ab: 7b:50:bf:f2:9b:58:04:f8:26:d9:b0:74:af:e6:b9: d6:21:33:dc:5b:9e:4d:df:b6:10:59:44:5a:ef:64: 58:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:B7:BD:75:F8:CF:74:B3:C0:91:1C:26:09:97:56:C6:62:64:E2:ED X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/z7e9dfjPdLPAkRwmCZdWxmJk4u0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.31.236.0/22 Signature Algorithm: sha256WithRSAEncryption e0:55:7a:89:84:c6:f7:fa:6d:61:52:45:8f:d0:c7:d8:02:26: 1b:c0:08:2e:ed:73:34:26:a4:44:dd:a7:0d:d2:bf:b9:71:34: 1f:3a:f1:ba:ef:24:45:59:94:81:20:e7:d0:95:cb:1b:c8:b6: 12:27:a9:2f:8e:e7:70:c3:7f:d4:f7:7a:3b:2b:02:2b:dc:5a: 3f:87:3e:eb:6f:46:b7:76:9b:91:fb:b7:de:b8:a7:e7:5f:bc: 25:3c:9a:fa:42:5f:3e:66:8f:8b:e7:95:fd:97:a4:7a:4b:a6: 90:5c:63:b0:74:e9:bc:29:b9:b4:f5:a3:c0:10:57:2c:77:35: 66:fc:86:d4:6e:e8:f8:9d:8f:9e:94:98:e4:6d:21:f3:e0:9a: ec:46:df:39:b3:7f:e0:04:ac:a3:79:86:f5:93:55:22:ec:bf: d4:b7:27:4b:e8:b6:a2:b1:19:9b:d6:8d:97:e9:2c:93:05:04: 61:09:52:06:09:33:ef:81:28:e9:ca:2f:4d:c6:55:64:26:a4: e9:44:13:ea:20:5a:00:3d:c3:69:65:b4:8e:78:24:fd:99:0d: f8:cd:12:9e:84:7e:1c:60:0d:52:71:67:e1:51:d2:bd:1c:9d: 16:62:81:c6:4c:63:f5:09:69:40:73:f5:cf:66:5b:b0:f7:ec: 2e:16:53:38 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGe0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMTMw MTIxMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGQjdCRDc1RjhDRjc0 QjNDMDkxMUMyNjA5OTc1NkM2NjI2NEUyRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDn7nRPamd3iBMlwYPpU6KW0SBvKX1PFqmV1794Z5Afs3YQR+jW MEBRP1UabOCqyJbot2BBjUxklqg3trIzcoTD+tbT2topax8GWLBOAQlg6jP3C8xR /Wzy1lgQMT0xkj2mGnvI87sY7Ul2g1VrKVoRcyNwePw4UxjpwXBPeNPj99t+SGsL VTOvEUM16B7KTWXt8La/C178l3irREEGLwdZ4IRx29AuGrKWMC/KNktRaHOUGtKw k2ZEUu8rTZNyiW2HW2tfATIzqvY9akKi0nONlAnL68ZJ2JpmZI5SJo+Vq3tQv/Kb WAT4JtmwdK/mudYhM9xbnk3fthBZRFrvZFgnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUz7e9dfjPdLPAkRwmCZdWxmJk4u0wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvejdlOWRmalBkTFBB a1J3bUNaZFd4bUprNHUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmcf7DANBgkqhkiG9w0BAQsFAAOCAQEA4FV6iYTG9/ptYVJFj9DH2AImG8AI Lu1zNCakRN2nDdK/uXE0Hzrxuu8kRVmUgSDn0JXLG8i2EiepL47ncMN/1Pd6OysC K9xaP4c+629Gt3abkfu33rin51+8JTya+kJfPmaPi+eV/ZekekumkFxjsHTpvCm5 tPWjwBBXLHc1ZvyG1G7o+J2PnpSY5G0h8+Ca7EbfObN/4ASso3mG9ZNVIuy/1Lcn S+i2orEZm9aNl+kskwUEYQlSBgkz74Eo6covTcZVZCak6UQT6iBaAD3DaWW0jngk /ZkN+M0SnoR+HGANUnFn4VHSvRydFmKBxkxj9QlpQHP1z2ZbsPfsLhZTOA== -----END CERTIFICATE-----Generated at Fri May 3 00:07:58 2024 by rpki-client on console-ams.rpki-client.org