$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/qBHwFIITHb9vcCPPC7SuclSTLnw.roa File: qBHwFIITHb9vcCPPC7SuclSTLnw.roa (raw, json) Hash identifier: aQM5TysVLiOxOc2xtUIDmdRXdLsNsYbSG7K6fJuB45o= Subject key identifier: A8:11:F0:14:82:13:1D:BF:6F:70:23:CF:0B:B4:AE:72:54:93:2E:7C Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B84 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/qBHwFIITHb9vcCPPC7SuclSTLnw.roa Signing time: Thu 21 Nov 2024 09:32:17 +0000 ROA not before: Thu 21 Nov 2024 09:32:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 103.203.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7044 (0x1b84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:17 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A811F01482131DBF6F7023CF0BB4AE7254932E7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:04:80:96:7a:46:31:38:6c:46:e0:b7:d4:7e: 83:26:84:71:56:b5:0b:7a:9f:5b:aa:5f:d2:36:be: e3:41:13:a4:64:0e:0a:c5:f7:3a:72:9b:de:5e:08: c3:2a:c1:dd:a5:f2:0f:b2:e9:68:bf:db:64:6d:24: e5:71:13:ee:c2:68:90:09:a0:78:ad:71:05:a5:f7: ae:fd:b5:c4:b7:56:84:1c:66:66:e6:b9:03:f4:93: 11:69:c3:fb:cd:e5:7c:37:35:62:aa:b6:8e:a1:b9: 28:14:a5:0f:a4:46:e2:95:c6:3d:9b:b7:52:c2:a0: ec:dd:17:2d:f4:bf:22:f5:00:2f:38:9b:37:e1:29: 6d:ed:6a:db:8e:29:9e:3e:45:26:5d:70:87:78:6d: c9:a3:3e:ce:04:ab:78:ca:64:ec:2d:64:3b:a7:82: 2f:35:b4:c7:4f:94:6a:24:1c:e0:65:f6:81:c0:fb: 4d:a3:38:c8:5e:f5:2d:9a:4e:78:a9:97:52:db:fd: ce:32:7f:d6:e7:ea:6e:e1:29:72:a1:e8:05:c2:8d: f7:63:bb:95:1d:cb:95:9a:46:df:49:85:f0:e7:d9: 12:ab:07:47:bf:65:83:72:1e:0b:63:52:6e:bf:64: 29:9e:b3:58:3f:53:75:1d:e5:18:61:36:da:9c:92: 28:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:11:F0:14:82:13:1D:BF:6F:70:23:CF:0B:B4:AE:72:54:93:2E:7C X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/qBHwFIITHb9vcCPPC7SuclSTLnw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.203.100.0/22 Signature Algorithm: sha256WithRSAEncryption c1:c9:3a:b6:d5:a6:f2:93:21:6f:a0:83:d2:bf:6a:62:f7:a9: 37:ea:4b:08:a0:b8:23:6d:da:d6:17:ff:f5:4a:79:81:d2:89: 45:bc:bf:13:a7:9a:6c:9b:f2:67:d8:ad:d1:2a:72:c6:fe:64: b5:4c:56:5c:27:d7:8f:a3:fd:d2:06:b1:f6:62:d2:1f:de:99: c3:ab:62:19:6a:d2:1c:32:d2:d1:e0:b2:12:28:4c:2d:5b:11: 84:6a:b2:83:47:a6:de:5b:7e:2d:99:6f:30:f9:76:fc:ff:0a: 03:9a:1d:68:b7:06:90:b1:64:1a:da:a9:28:59:e4:d8:a7:1e: 88:4f:48:8d:31:ce:b4:20:e0:86:d0:8b:04:eb:c3:7b:ed:10: 67:35:95:d7:b2:69:1d:47:16:7c:18:8d:16:d5:79:e7:72:75: 36:60:e5:96:0e:95:92:3b:04:67:e9:04:92:56:7f:68:b4:3d: 18:99:40:5c:3b:35:34:78:e3:3b:61:cb:06:3a:09:20:02:34: 05:1d:db:cf:64:9b:d8:07:93:22:ff:50:d8:e8:fa:de:27:32: b0:c2:0b:50:49:3a:dc:02:00:49:ed:b4:59:1f:65:13:62:21: a7:bb:15:83:81:bc:e7:e3:91:dd:0f:ed:ab:b1:c4:45:32:f1: 43:d5:48:ce -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEE4MTFGMDE0ODIxMzFE QkY2RjcwMjNDRjBCQjRBRTcyNTQ5MzJFN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmBICWekYxOGxG4LfUfoMmhHFWtQt6n1uqX9I2vuNBE6RkDgrF 9zpym95eCMMqwd2l8g+y6Wi/22RtJOVxE+7CaJAJoHitcQWl9679tcS3VoQcZmbm uQP0kxFpw/vN5Xw3NWKqto6huSgUpQ+kRuKVxj2bt1LCoOzdFy30vyL1AC84mzfh KW3tatuOKZ4+RSZdcId4bcmjPs4Eq3jKZOwtZDungi81tMdPlGokHOBl9oHA+02j OMhe9S2aTnipl1Lb/c4yf9bn6m7hKXKh6AXCjfdju5Udy5WaRt9JhfDn2RKrB0e/ ZYNyHgtjUm6/ZCmes1g/U3Ud5RhhNtqckijxAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUqBHwFIITHb9vcCPPC7SuclSTLnwwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL3FCSHdGSUlUSGI5dmND UFBDN1N1Y2xTVExudy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJny2QwDQYJKoZIhvcNAQELBQADggEBAMHJOrbVpvKTIW+gg9K/amL3qTfqSwig uCNt2tYX//VKeYHSiUW8vxOnmmyb8mfYrdEqcsb+ZLVMVlwn14+j/dIGsfZi0h/e mcOrYhlq0hwy0tHgshIoTC1bEYRqsoNHpt5bfi2ZbzD5dvz/CgOaHWi3BpCxZBra qShZ5NinHohPSI0xzrQg4IbQiwTrw3vtEGc1ldeyaR1HFnwYjRbVeedydTZg5ZYO lZI7BGfpBJJWf2i0PRiZQFw7NTR44zthywY6CSACNAUd289km9gHkyL/UNjo+t4n MrDCC1BJOtwCAEnttFkfZRNiIae7FYOBvOfjkd0P7auxxEUy8UPVSM4= -----END CERTIFICATE-----Generated at Fri Nov 22 02:02:57 2024 by rpki-client on console-ams.rpki-client.org