$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2833/17qfPQCAlWlK7-Z7bh_7z0FJwW0.roa File: 17qfPQCAlWlK7-Z7bh_7z0FJwW0.roa (raw, json) Hash identifier: VowlkQRs+pX2FgtqaJJBsghVPpg1iBtkRUxHVAEmpO8= Subject key identifier: D7:BA:9F:3D:00:80:95:69:4A:EF:E6:7B:6E:1F:FB:CF:41:49:C1:6D Certificate issuer: /CN=63D6C9D8941744BA15480050C04EF53320CA0FC3 Certificate serial: 03 Authority key identifier: 63:D6:C9:D8:94:17:44:BA:15:48:00:50:C0:4E:F5:33:20:CA:0F:C3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Y9bJ2JQXRLoVSABQwE71MyDKD8M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/17qfPQCAlWlK7-Z7bh_7z0FJwW0.roa Signing time: Thu 28 Mar 2024 11:27:07 +0000 ROA not before: Thu 28 Mar 2024 11:27:07 +0000 ROA not after: Fri 28 Mar 2025 11:22:23 +0000 asID: 2914 IP address blocks: 103.125.236.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/Y9bJ2JQXRLoVSABQwE71MyDKD8M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/Y9bJ2JQXRLoVSABQwE71MyDKD8M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Y9bJ2JQXRLoVSABQwE71MyDKD8M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 01:53:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63D6C9D8941744BA15480050C04EF53320CA0FC3 Validity Not Before: Mar 28 11:27:07 2024 GMT Not After : Mar 28 11:22:23 2025 GMT Subject: CN=D7BA9F3D008095694AEFE67B6E1FFBCF4149C16D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:31:7a:25:5a:f9:d1:d9:dd:3e:d9:aa:ba:7d: a3:52:c3:ef:f5:d1:99:5e:ea:e3:43:f7:c6:ac:38: 42:5a:e1:c1:e0:30:71:a0:6e:ad:07:bb:ea:e5:49: 84:61:0d:fa:d0:ea:e6:7b:08:16:cc:77:58:f1:da: da:f7:db:5b:e2:81:bd:a1:7b:e8:c8:92:d5:16:a7: d3:0c:43:85:47:1f:c5:e4:af:ba:9f:0a:8a:19:3d: 9d:11:64:79:ea:7b:5f:aa:c8:85:97:ea:27:04:d2: b1:12:32:11:e2:53:61:dc:48:69:a0:33:d6:32:07: a9:af:4c:9b:a0:2a:c9:84:fd:76:b6:97:bc:cd:19: 77:bb:a5:85:1d:71:a2:c2:a0:aa:1b:60:70:c6:7e: 53:a4:72:6f:5c:76:c0:94:04:6a:94:d8:44:ae:23: aa:2b:9f:2c:9f:05:d9:b3:30:a6:a6:7e:f6:ff:d2: 46:b3:39:22:8e:ec:93:97:ca:b2:24:f2:1f:f1:fb: da:c5:ee:0a:e0:c4:1c:ec:92:61:b7:d3:81:bb:e9: 70:5e:df:69:f2:78:8a:fa:ff:a1:4a:6b:bc:15:8f: 8e:f2:f8:63:cf:19:1e:0c:84:f4:82:63:39:0b:05: a3:d6:a5:7f:7c:ee:ae:e5:1d:10:38:48:37:6c:55: a2:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:BA:9F:3D:00:80:95:69:4A:EF:E6:7B:6E:1F:FB:CF:41:49:C1:6D X509v3 Authority Key Identifier: keyid:63:D6:C9:D8:94:17:44:BA:15:48:00:50:C0:4E:F5:33:20:CA:0F:C3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/Y9bJ2JQXRLoVSABQwE71MyDKD8M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Y9bJ2JQXRLoVSABQwE71MyDKD8M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2833/17qfPQCAlWlK7-Z7bh_7z0FJwW0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.125.236.0/22 Signature Algorithm: sha256WithRSAEncryption 77:91:22:dc:aa:52:10:7c:ca:23:5e:2d:ca:9c:e0:c4:5e:bc: 2b:d9:d8:54:fb:41:23:de:65:7b:71:8e:59:4d:d7:77:59:38: 54:aa:0a:5d:3b:01:40:2a:b1:ac:04:87:3c:39:a1:c8:7e:76: dc:bd:5d:7b:29:98:c7:67:aa:8a:6b:8f:c2:6b:42:4a:19:be: 64:67:43:cd:28:c4:6d:5b:95:da:1a:fa:93:3e:1a:10:65:77: c8:2b:0f:62:8d:67:25:4b:90:5f:0b:6e:ea:16:07:c0:97:d9: 8a:b0:d9:57:f5:d3:1e:90:3e:43:6f:9d:c5:74:a7:f9:7e:f9: 86:b6:2c:03:9a:9e:e7:bc:b7:e4:0c:88:46:04:56:35:0e:49: a9:30:5d:29:40:d9:d5:f5:cb:56:aa:c4:e8:07:01:4e:7c:2e: ec:a9:f3:c1:99:37:e9:6a:e1:14:65:04:cd:70:4b:dd:3c:e3: f3:7e:6e:24:25:ac:97:b2:68:10:bc:cc:06:2e:c5:93:04:02: 12:5f:d3:cd:32:9e:e1:52:71:d3:2f:56:17:87:09:03:42:ec: dd:51:15:d4:7b:c7:b4:99:92:ed:ad:b5:ea:ba:26:f1:ee:6d: de:bf:d6:ec:de:dc:2d:2d:be:ec:f5:82:fc:99:ef:52:e0:5e: 92:cb:d7:3c -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2M0Q2 QzlEODk0MTc0NEJBMTU0ODAwNTBDMDRFRjUzMzIwQ0EwRkMzMB4XDTI0MDMyODEx MjcwN1oXDTI1MDMyODExMjIyM1owMzExMC8GA1UEAxMoRDdCQTlGM0QwMDgwOTU2 OTRBRUZFNjdCNkUxRkZCQ0Y0MTQ5QzE2RDCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALwxeiVa+dHZ3T7Zqrp9o1LD7/XRmV7q40P3xqw4QlrhweAwcaBu rQe76uVJhGEN+tDq5nsIFsx3WPHa2vfbW+KBvaF76MiS1Ran0wxDhUcfxeSvup8K ihk9nRFkeep7X6rIhZfqJwTSsRIyEeJTYdxIaaAz1jIHqa9Mm6AqyYT9draXvM0Z d7ulhR1xosKgqhtgcMZ+U6Ryb1x2wJQEapTYRK4jqiufLJ8F2bMwpqZ+9v/SRrM5 Io7sk5fKsiTyH/H72sXuCuDEHOySYbfTgbvpcF7fafJ4ivr/oUprvBWPjvL4Y88Z HgyE9IJjOQsFo9alf3zuruUdEDhIN2xVoqUCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTXup89AICVaUrv5ntuH/vPQUnBbTAfBgNVHSMEGDAWgBRj1snYlBdEuhVIAFDA TvUzIMoPwzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yODMz L1k5YkoySlFYUkxvVlNBQlF3RTcxTXlES0Q4TS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvWTliSjJKUVhSTG9WU0FCUXdFNzFNeURLRDhNLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgzMy8xN3FmUFFDQWxXbEs3 LVo3YmhfN3owRkp3VzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ33sMA0GCSqGSIb3DQEBCwUAA4IBAQB3kSLcqlIQfMojXi3KnODEXrwr2dhU +0Ej3mV7cY5ZTdd3WThUqgpdOwFAKrGsBIc8OaHIfnbcvV17KZjHZ6qKa4/Ca0JK Gb5kZ0PNKMRtW5XaGvqTPhoQZXfIKw9ijWclS5BfC27qFgfAl9mKsNlX9dMekD5D b53FdKf5fvmGtiwDmp7nvLfkDIhGBFY1DkmpMF0pQNnV9ctWqsToBwFOfC7sqfPB mTfpauEUZQTNcEvdPOPzfm4kJayXsmgQvMwGLsWTBAISX9PNMp7hUnHTL1YXhwkD QuzdURXUe8e0mZLtrbXquibx7m3ev9bs3twtLb7s9YL8me9S4F6Sy9c8 -----END CERTIFICATE-----Generated at Sun May 5 23:30:08 2024 by rpki-client on console-ams.rpki-client.org