$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/-aVnrM62LtJotWL1oNEDSb_4C0g.roa File: -aVnrM62LtJotWL1oNEDSb_4C0g.roa (raw, json) Hash identifier: FVGKCtb7UAxbkerK9d9Ud7WYGD26fLOXyFMI4lHQ/DI= Subject key identifier: F9:A5:67:AC:CE:B6:2E:D2:68:B5:62:F5:A0:D1:03:49:BF:F8:0B:48 Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B83 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/-aVnrM62LtJotWL1oNEDSb_4C0g.roa Signing time: Thu 21 Nov 2024 09:32:17 +0000 ROA not before: Thu 21 Nov 2024 09:32:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4766 IP address blocks: 103.203.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 21:26:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7043 (0x1b83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:17 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=F9A567ACCEB62ED268B562F5A0D10349BFF80B48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:49:4f:26:b1:0c:18:8f:4c:a6:cc:e1:5f:ac: 98:5f:c1:c0:5d:f9:04:b7:1e:72:a6:33:20:46:c3: 23:d3:87:81:0b:67:1d:17:62:c2:42:78:98:ca:0c: 7d:d2:e4:7f:ce:54:7f:f4:7d:92:6c:02:17:b2:60: 3d:78:20:c2:be:ee:dd:c2:fb:53:cc:2d:a8:d1:f9: 6e:f7:ff:cc:b7:2d:c9:58:64:77:de:89:9a:16:0b: ae:b4:e6:4a:e2:49:66:ff:0c:3d:74:ec:0c:fe:c5: 99:c5:b7:90:3e:3f:d1:82:2d:b4:aa:d2:10:51:eb: 1f:7a:c8:e6:0e:45:5e:7f:2a:e2:02:d7:85:e2:06: 1c:7e:19:db:55:65:fd:b0:f2:99:f2:67:34:74:85: c1:f7:d3:77:f4:0d:ca:37:40:d5:9c:04:73:05:bd: b7:d2:52:31:7d:88:36:16:31:06:d6:73:ad:b4:be: 8d:d2:41:9a:9e:da:cb:73:67:7c:84:3a:a5:b5:f6: ef:ef:b6:af:f2:9d:9c:10:aa:03:39:ba:d9:a1:a5: 54:4a:23:13:ee:72:ce:ed:29:92:80:8f:8c:53:12: e4:ba:ea:74:0a:9a:9d:0a:68:79:6f:91:05:b7:96: 90:a3:93:b0:d4:9e:20:10:9b:a6:5d:6b:1c:59:4d: 99:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:A5:67:AC:CE:B6:2E:D2:68:B5:62:F5:A0:D1:03:49:BF:F8:0B:48 X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/-aVnrM62LtJotWL1oNEDSb_4C0g.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.203.100.0/22 Signature Algorithm: sha256WithRSAEncryption 25:32:f1:2e:4f:b9:e9:64:58:16:d9:fa:c6:84:87:ac:b5:e7: e2:0f:e7:6d:01:53:87:89:1c:ea:55:ff:57:f5:2a:5a:64:94: d5:b4:d0:e9:53:5e:90:c5:aa:7c:6b:f7:f9:6b:aa:25:63:d9: 41:4c:79:2b:b6:63:d7:78:7d:37:e3:cb:e8:b6:31:19:9a:7b: d9:8e:56:fc:0b:b1:4a:05:c5:f0:af:6f:18:62:28:36:46:6a: c3:56:29:ae:e0:d8:bd:53:24:61:b6:c1:11:f3:a7:f7:28:a5: d0:3b:34:c5:6f:63:27:06:15:08:b9:1f:d7:0c:5e:9d:49:04: e1:04:57:bc:d2:02:26:77:e6:74:f6:44:fb:33:8d:40:ad:b1: ac:27:85:6d:f9:86:c7:4d:ea:a7:2a:de:4d:62:a7:f9:a6:89: 36:12:8a:bf:27:8f:74:79:4e:84:16:2e:c9:33:c9:e3:1c:ff: 6d:da:22:9d:81:bd:e4:ba:6c:0f:bf:15:ff:2f:be:89:97:78: f6:fe:19:c1:fc:f9:b4:65:d9:58:4f:31:5b:be:07:f4:d1:13: 7f:d4:26:d4:ca:52:1f:b1:d9:1e:06:ae:d1:86:e6:26:e0:b0: 2a:7b:57:5f:12:e6:92:8b:e2:18:de:b9:ea:27:b3:c4:19:9c: 00:ac:24:e2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEY5QTU2N0FDQ0VCNjJF RDI2OEI1NjJGNUEwRDEwMzQ5QkZGODBCNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuSU8msQwYj0ymzOFfrJhfwcBd+QS3HnKmMyBGwyPTh4ELZx0X YsJCeJjKDH3S5H/OVH/0fZJsAheyYD14IMK+7t3C+1PMLajR+W73/8y3LclYZHfe iZoWC6605kriSWb/DD107Az+xZnFt5A+P9GCLbSq0hBR6x96yOYORV5/KuIC14Xi Bhx+GdtVZf2w8pnyZzR0hcH303f0Dco3QNWcBHMFvbfSUjF9iDYWMQbWc620vo3S QZqe2stzZ3yEOqW19u/vtq/ynZwQqgM5utmhpVRKIxPucs7tKZKAj4xTEuS66nQK mp0KaHlvkQW3lpCjk7DUniAQm6ZdaxxZTZmTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU+aVnrM62LtJotWL1oNEDSb/4C0gwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzLy1hVm5yTTYyTHRKb3RX TDFvTkVEU2JfNEMwZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJny2QwDQYJKoZIhvcNAQELBQADggEBACUy8S5PuelkWBbZ+saEh6y15+IP520B U4eJHOpV/1f1KlpklNW00OlTXpDFqnxr9/lrqiVj2UFMeSu2Y9d4fTfjy+i2MRma e9mOVvwLsUoFxfCvbxhiKDZGasNWKa7g2L1TJGG2wRHzp/copdA7NMVvYycGFQi5 H9cMXp1JBOEEV7zSAiZ35nT2RPszjUCtsawnhW35hsdN6qcq3k1ip/mmiTYSir8n j3R5ToQWLskzyeMc/23aIp2BveS6bA+/Ff8vvomXePb+GcH8+bRl2VhPMVu+B/TR E3/UJtTKUh+x2R4GrtGG5ibgsCp7V18S5pKL4hjeueons8QZnACsJOI= -----END CERTIFICATE-----Generated at Sun Feb 16 20:44:36 2025 by rpki-client