$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/RdzlYXdrkIlz5zdq_uky2869UaM.roa File: RdzlYXdrkIlz5zdq_uky2869UaM.roa (raw, json) Hash identifier: Zrtno3SiPYmnE7VIpxd3/w1CoF3rH7IuIaaCg+DwPAU= Subject key identifier: 45:DC:E5:61:77:6B:90:89:73:E7:37:6A:FE:E9:32:DB:CE:BD:51:A3 Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Certificate serial: 04 Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/RdzlYXdrkIlz5zdq_uky2869UaM.roa Signing time: Wed 06 Nov 2024 09:54:29 +0000 ROA not before: Wed 06 Nov 2024 09:54:29 +0000 ROA not after: Thu 06 Nov 2025 09:48:25 +0000 asID: 132883 IP address blocks: 203.83.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Validity Not Before: Nov 6 09:54:29 2024 GMT Not After : Nov 6 09:48:25 2025 GMT Subject: CN=45DCE561776B908973E7376AFEE932DBCEBD51A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:47:e0:8a:34:f7:51:56:ed:cf:b9:9a:51:f8: f1:93:11:a4:84:3c:06:1e:52:ff:de:06:1a:97:96: 08:0d:bd:11:db:72:1b:64:7a:62:bd:2a:e6:e7:12: 6a:7a:00:63:d8:1f:db:2c:08:34:27:a2:24:fc:6c: 99:bf:4b:1c:01:6f:80:af:c7:3c:28:88:e7:b1:0d: ac:03:34:f5:34:38:88:48:c2:b3:fc:53:d2:f0:4b: 63:88:b1:91:1a:7d:d9:9d:af:24:12:98:4d:95:8f: b2:21:90:16:bb:8b:c8:fd:9b:53:0b:c8:88:57:a3: 5b:7e:60:30:44:50:f9:45:25:08:8f:cb:a9:ab:8a: 92:58:8d:b5:82:1d:8a:67:8a:aa:8a:1f:14:0a:4e: 03:fa:49:35:4c:90:81:67:2e:db:91:80:64:07:0f: 97:d3:1e:79:3e:b8:5f:e4:69:0d:a5:78:60:fc:c5: 44:81:c4:0d:d7:54:98:3c:da:9c:a1:14:cf:3d:9a: d6:44:e6:c4:4d:15:20:eb:4b:78:e9:4c:d5:4e:91: 4b:96:2f:7b:c6:71:c4:36:4e:7e:49:2f:a0:42:42: 4c:18:af:2c:55:66:b0:fe:be:58:c2:d1:a1:2a:f7: 89:ee:70:e6:7d:07:ad:cd:15:03:52:76:19:b1:3f: 59:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:DC:E5:61:77:6B:90:89:73:E7:37:6A:FE:E9:32:DB:CE:BD:51:A3 X509v3 Authority Key Identifier: keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/RdzlYXdrkIlz5zdq_uky2869UaM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.83.10.0/24 Signature Algorithm: sha256WithRSAEncryption 64:18:3e:dd:86:c1:7a:de:2d:6e:18:49:de:0e:18:ea:c9:9e: 1e:19:2f:ad:a3:f2:97:d7:1c:ea:7e:3c:36:01:19:f8:d8:67: 47:9e:ed:24:6c:bf:51:3e:ac:72:35:6a:d0:d2:de:2a:2a:db: c1:dd:a6:14:fc:de:24:f2:1c:21:93:98:87:da:34:de:1f:ec: 70:f9:f1:50:19:12:fe:68:46:eb:6f:b3:ea:22:8c:e7:89:dd: d5:63:d9:39:96:61:f5:22:a2:c2:20:78:de:0b:29:8e:d0:e5: 08:7a:5f:f2:16:ae:13:98:3e:97:bf:3b:25:f0:b3:41:17:bf: 9c:b4:e6:96:7f:90:ad:88:96:05:93:eb:e8:65:92:bc:cf:75: 0e:5f:f4:06:cd:14:2a:93:4e:fe:cb:ba:20:9b:64:ae:d8:d3: 72:10:b3:f5:0c:fc:06:d3:09:8a:24:7f:01:b6:0c:6f:e5:6f: 52:c5:b5:89:2a:ac:9a:07:6a:27:76:37:9c:40:59:10:6c:ec: 5b:fa:3c:62:14:63:8f:07:2a:e4:66:f1:6f:23:16:67:82:7c: 46:64:a6:5a:23:99:ba:eb:05:5c:80:c2:25:a5:5d:c4:ef:81: ad:00:d3:e0:e5:08:5e:d7:03:95:24:79:06:3e:c8:6b:43:a9: a6:a4:87:b1 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzMkQ1 RUMxNUM1RTU2NEU0NzBFQzdCMTRDRDQ3REUyRDg2MkFDRTgzMB4XDTI0MTEwNjA5 NTQyOVoXDTI1MTEwNjA5NDgyNVowMzExMC8GA1UEAxMoNDVEQ0U1NjE3NzZCOTA4 OTczRTczNzZBRkVFOTMyREJDRUJENTFBMzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMVH4Io091FW7c+5mlH48ZMRpIQ8Bh5S/94GGpeWCA29EdtyG2R6 Yr0q5ucSanoAY9gf2ywINCeiJPxsmb9LHAFvgK/HPCiI57ENrAM09TQ4iEjCs/xT 0vBLY4ixkRp92Z2vJBKYTZWPsiGQFruLyP2bUwvIiFejW35gMERQ+UUlCI/LqauK kliNtYIdimeKqoofFApOA/pJNUyQgWcu25GAZAcPl9MeeT64X+RpDaV4YPzFRIHE DddUmDzanKEUzz2a1kTmxE0VIOtLeOlM1U6RS5Yve8ZxxDZOfkkvoEJCTBivLFVm sP6+WMLRoSr3ie5w5n0Hrc0VA1J2GbE/WZMCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRF3OVhd2uQiXPnN2r+6TLbzr1RozAfBgNVHSMEGDAWgBQy1ewVxeVk5HDsexTN R94thirOgzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMDIz L010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTXRYc0ZjWGxaT1J3N0hzVXpVZmVMWVlxem9NLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAyMy9SZHpsWVhkcmtJbHo1 emRxX3VreTI4NjlVYU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAy1MKMA0GCSqGSIb3DQEBCwUAA4IBAQBkGD7dhsF63i1uGEneDhjqyZ4eGS+t o/KX1xzqfjw2ARn42GdHnu0kbL9RPqxyNWrQ0t4qKtvB3aYU/N4k8hwhk5iH2jTe H+xw+fFQGRL+aEbrb7PqIoznid3VY9k5lmH1IqLCIHjeCymO0OUIel/yFq4TmD6X vzsl8LNBF7+ctOaWf5CtiJYFk+voZZK8z3UOX/QGzRQqk07+y7ogm2Su2NNyELP1 DPwG0wmKJH8Btgxv5W9SxbWJKqyaB2ondjecQFkQbOxb+jxiFGOPByrkZvFvIxZn gnxGZKZaI5m66wVcgMIlpV3E74GtANPg5Qhe1wOVJHkGPshrQ6mmpIex -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:08 2024 by rpki-client on console-fra.rpki-client.org