$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/6Aiwu63JyFHZbTj6A2agWs7PyZc.roa File: 6Aiwu63JyFHZbTj6A2agWs7PyZc.roa (raw, json) Hash identifier: mn9jIfH0kO4o/DU6euYyzzQni6oHHIlRJ3lW/5DfCIk= Subject key identifier: E8:08:B0:BB:AD:C9:C8:51:D9:6D:38:FA:03:66:A0:5A:CE:CF:C9:97 Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B86 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/6Aiwu63JyFHZbTj6A2agWs7PyZc.roa Signing time: Thu 21 Nov 2024 09:32:17 +0000 ROA not before: Thu 21 Nov 2024 09:32:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 103.236.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 01:21:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7046 (0x1b86) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:17 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=E808B0BBADC9C851D96D38FA0366A05ACECFC997 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:89:5f:7f:4a:d4:d5:00:9e:8c:e5:ae:33:a7: 60:df:17:1b:a1:52:10:43:80:8e:b3:fc:52:a3:ac: 47:61:0a:92:2e:09:3f:43:47:ac:e5:b9:6d:d5:8e: b3:5d:1a:78:67:6d:3f:39:86:68:08:15:9a:fb:d9: 6a:dd:5a:92:c3:a1:d5:6b:92:a2:5e:71:84:e7:1d: 4a:31:61:e0:66:d2:6b:d1:d5:21:9d:46:6d:3a:98: e0:91:5b:5e:bf:19:9b:ca:c8:ce:2e:f8:7b:06:10: f8:78:fd:6f:bd:d5:21:7f:e3:b8:97:20:7d:3e:e6: a6:89:df:b3:76:76:27:90:d4:a1:24:01:b5:1d:c1: 84:f8:4d:dc:0e:02:25:55:8c:50:ba:20:93:bb:d8: ff:d5:51:ed:27:ae:58:29:c3:60:24:72:95:49:8e: c0:85:84:a9:d5:e8:5e:e9:a9:59:bc:c5:7c:a0:cc: bf:6a:ff:97:f2:2a:6d:eb:c9:2c:0b:39:38:3f:9c: c6:21:37:93:71:9a:be:f6:45:7b:ea:c7:f0:d5:b4: ce:23:19:ce:26:a8:77:b1:80:8b:cc:de:e3:02:85: 54:f2:e1:a0:de:fe:1c:68:66:f2:97:be:71:a3:0f: 2d:89:5b:45:bd:29:a8:9f:18:8a:fd:de:2c:f4:6c: 9d:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:08:B0:BB:AD:C9:C8:51:D9:6D:38:FA:03:66:A0:5A:CE:CF:C9:97 X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/6Aiwu63JyFHZbTj6A2agWs7PyZc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.232.0/22 Signature Algorithm: sha256WithRSAEncryption cb:01:a3:6e:88:36:7a:89:ac:c4:a7:80:94:ab:c4:7c:1f:c8: 66:9e:8a:ea:33:28:c3:b9:64:67:e9:30:d5:3a:9d:10:00:39: 37:cc:78:f7:4c:a2:19:92:b9:78:50:dc:52:06:8b:1e:25:4a: 53:c1:95:2e:a4:9e:55:a0:ed:b8:e5:f5:37:c4:6c:eb:f5:cd: 95:e0:00:f4:2f:21:05:53:c8:16:db:0a:32:19:87:50:f7:81: 82:87:36:ef:c0:fa:b8:ba:04:d5:94:b6:cb:73:8a:b1:e8:1d: f8:33:00:e5:bb:22:0a:b8:66:14:70:1a:7d:4f:7b:3c:1b:4f: 55:89:3f:3a:98:fb:0d:9d:3a:cc:18:51:6e:4a:14:81:c3:78: c0:3f:1b:e9:7e:65:73:b1:0e:a4:5c:4d:16:2d:01:de:a7:54: d8:b8:6b:9b:39:e1:56:c3:05:ab:be:39:01:cd:c1:54:d7:31: 39:88:60:9d:bd:95:71:a8:55:02:f9:78:38:0a:a8:d7:79:6d: 35:7e:d2:67:cc:0c:0a:58:b3:b6:e6:7f:46:45:99:eb:eb:89: c6:91:b3:36:86:88:3c:93:d3:0b:1f:45:de:98:07:cf:7a:e4: 57:4a:38:5c:e3:2e:57:3f:a2:8d:05:90:2e:6f:65:f5:9f:3d: 40:89:d5:4c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEU4MDhCMEJCQURDOUM4 NTFEOTZEMzhGQTAzNjZBMDVBQ0VDRkM5OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFiV9/StTVAJ6M5a4zp2DfFxuhUhBDgI6z/FKjrEdhCpIuCT9D R6zluW3VjrNdGnhnbT85hmgIFZr72WrdWpLDodVrkqJecYTnHUoxYeBm0mvR1SGd Rm06mOCRW16/GZvKyM4u+HsGEPh4/W+91SF/47iXIH0+5qaJ37N2dieQ1KEkAbUd wYT4TdwOAiVVjFC6IJO72P/VUe0nrlgpw2AkcpVJjsCFhKnV6F7pqVm8xXygzL9q /5fyKm3rySwLOTg/nMYhN5Nxmr72RXvqx/DVtM4jGc4mqHexgIvM3uMChVTy4aDe /hxoZvKXvnGjDy2JW0W9KaifGIr93iz0bJ2PAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU6Aiwu63JyFHZbTj6A2agWs7PyZcwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzLzZBaXd1NjNKeUZIWmJU ajZBMmFnV3M3UHlaYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7OgwDQYJKoZIhvcNAQELBQADggEBAMsBo26INnqJrMSngJSrxHwfyGaeiuoz KMO5ZGfpMNU6nRAAOTfMePdMohmSuXhQ3FIGix4lSlPBlS6knlWg7bjl9TfEbOv1 zZXgAPQvIQVTyBbbCjIZh1D3gYKHNu/A+ri6BNWUtstzirHoHfgzAOW7Igq4ZhRw Gn1PezwbT1WJPzqY+w2dOswYUW5KFIHDeMA/G+l+ZXOxDqRcTRYtAd6nVNi4a5s5 4VbDBau+OQHNwVTXMTmIYJ29lXGoVQL5eDgKqNd5bTV+0mfMDApYs7bmf0ZFmevr icaRszaGiDyT0wsfRd6YB8965FdKOFzjLlc/oo0FkC5vZfWfPUCJ1Uw= -----END CERTIFICATE-----Generated at Thu Nov 21 23:43:06 2024 by rpki-client on console-ams.rpki-client.org