$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/XtXDlnhs5rhRL_5-jFwWwSMuZps.roa File: XtXDlnhs5rhRL_5-jFwWwSMuZps.roa (raw, json) Hash identifier: a6jDMzm94Asoeyf60OIohSUyCZiYpy8MluLph5eME7M= Subject key identifier: 5E:D5:C3:96:78:6C:E6:B8:51:2F:FE:7E:8C:5C:16:C1:23:2E:66:9B Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B89 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/XtXDlnhs5rhRL_5-jFwWwSMuZps.roa Signing time: Thu 21 Nov 2024 09:32:18 +0000 ROA not before: Thu 21 Nov 2024 09:32:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4766 IP address blocks: 103.236.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7049 (0x1b89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:18 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5ED5C396786CE6B8512FFE7E8C5C16C1232E669B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:12:37:37:85:96:bd:64:80:26:a1:22:af:0a: fe:c5:0c:4f:19:28:b4:4b:60:c3:c2:eb:61:ed:2c: b4:6e:19:97:ea:fb:a5:ca:01:fb:80:cb:06:8b:9c: eb:f0:40:ba:62:ab:63:ee:42:d3:4f:18:d2:26:98: 1f:fb:c6:d2:03:c0:5f:2e:1e:9d:2b:1a:99:eb:e6: 90:b2:10:5f:25:f6:c4:09:17:62:23:e0:5c:56:b1: 43:b5:b9:ea:53:ce:26:5e:86:2b:3f:42:1d:2e:e9: fa:6e:34:72:6f:8f:49:ba:ec:a4:5f:e4:5b:4a:c4: 53:18:39:c3:65:2c:0c:16:b2:01:9b:11:d4:3e:bc: 05:39:64:1f:c6:bb:bd:32:73:13:6b:03:b3:73:0e: 1f:f5:6c:15:5c:03:bf:35:3d:2f:22:50:cc:52:59: 02:ef:78:35:04:c5:cc:ca:71:f7:3f:6b:dd:4d:01: ca:d3:0c:0e:4b:f7:7c:d5:c2:85:1a:5d:76:a4:f2: 57:de:e8:c8:f3:89:99:50:a3:4e:22:df:81:2f:f9: 6f:58:49:b6:19:0e:a0:13:e5:1a:6d:eb:43:07:3c: 88:4c:ab:98:d2:d7:ad:99:f6:bb:3b:0a:93:eb:3c: b5:60:15:0d:ea:9a:60:3c:c5:f4:c9:7d:c3:7b:9c: ac:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:D5:C3:96:78:6C:E6:B8:51:2F:FE:7E:8C:5C:16:C1:23:2E:66:9B X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/XtXDlnhs5rhRL_5-jFwWwSMuZps.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.232.0/22 Signature Algorithm: sha256WithRSAEncryption d7:35:74:09:f8:79:58:34:c5:73:44:37:2b:a8:5b:b6:3f:a5: f2:94:6c:80:d5:db:3f:32:2c:14:27:4a:1b:4d:c4:55:26:60: 8b:aa:42:d2:a9:63:73:e8:42:31:21:48:e8:41:bd:1b:75:12: f8:a1:c8:4a:38:66:c9:62:43:c8:26:e7:25:ec:00:8e:76:71: c2:bd:27:84:de:2d:35:bf:ec:48:fe:a7:3c:8f:de:06:1a:61: 89:ea:08:04:54:71:f2:e5:2e:62:bb:14:87:8d:c7:d9:12:51: 73:16:72:17:6c:9d:eb:aa:28:80:6a:2d:88:49:f7:a4:9c:15: bd:31:01:5d:dc:b2:0b:e4:29:5c:e1:ef:7f:65:7d:fd:a0:40: f4:5a:14:ea:ab:58:c2:ae:62:1e:8d:ca:21:0d:33:0e:7f:30: 59:57:84:93:2a:0b:6c:5e:4c:98:6b:b7:e8:93:ca:7a:e1:0d: 1b:04:72:df:07:9f:5d:12:8f:e6:d0:00:c3:87:dc:f0:d0:87: 66:65:07:01:73:f2:db:fd:a6:bd:79:86:b8:cb:3f:fb:30:1d: 67:d0:0b:c8:fb:19:55:dc:3a:31:16:b5:70:8d:52:6a:2e:27: 97:d2:ff:e5:05:e6:70:ae:7e:e2:17:ec:31:ef:2b:f5:2f:16: 67:02:04:2c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDVFRDVDMzk2Nzg2Q0U2 Qjg1MTJGRkU3RThDNUMxNkMxMjMyRTY2OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC3Ejc3hZa9ZIAmoSKvCv7FDE8ZKLRLYMPC62HtLLRuGZfq+6XK AfuAywaLnOvwQLpiq2PuQtNPGNImmB/7xtIDwF8uHp0rGpnr5pCyEF8l9sQJF2Ij 4FxWsUO1uepTziZehis/Qh0u6fpuNHJvj0m67KRf5FtKxFMYOcNlLAwWsgGbEdQ+ vAU5ZB/Gu70ycxNrA7NzDh/1bBVcA781PS8iUMxSWQLveDUExczKcfc/a91NAcrT DA5L93zVwoUaXXak8lfe6MjziZlQo04i34Ev+W9YSbYZDqAT5Rpt60MHPIhMq5jS 162Z9rs7CpPrPLVgFQ3qmmA8xfTJfcN7nKyLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXtXDlnhs5rhRL/5+jFwWwSMuZpswHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL1h0WERsbmhzNXJoUkxf NS1qRndXd1NNdVpwcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7OgwDQYJKoZIhvcNAQELBQADggEBANc1dAn4eVg0xXNENyuoW7Y/pfKUbIDV 2z8yLBQnShtNxFUmYIuqQtKpY3PoQjEhSOhBvRt1EvihyEo4ZsliQ8gm5yXsAI52 ccK9J4TeLTW/7Ej+pzyP3gYaYYnqCARUcfLlLmK7FIeNx9kSUXMWchdsneuqKIBq LYhJ96ScFb0xAV3csgvkKVzh739lff2gQPRaFOqrWMKuYh6NyiENMw5/MFlXhJMq C2xeTJhrt+iTynrhDRsEct8Hn10Sj+bQAMOH3PDQh2ZlBwFz8tv9pr15hrjLP/sw HWfQC8j7GVXcOjEWtXCNUmouJ5fS/+UF5nCufuIX7DHvK/UvFmcCBCw= -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:36 2024 by rpki-client on console-ams.rpki-client.org