$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/2sf_uVfTHcks65OIerwSzPzxLTU.roa File: 2sf_uVfTHcks65OIerwSzPzxLTU.roa (raw, json) Hash identifier: z2Dlo+At49NXiKLzv4VRgN452gkSeterlfMyzK5knAs= Subject key identifier: DA:C7:FF:B9:57:D3:1D:C9:2C:EB:93:88:7A:BC:12:CC:FC:F1:2D:35 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D8F Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/2sf_uVfTHcks65OIerwSzPzxLTU.roa Signing time: Thu 12 Sep 2024 11:20:04 +0000 ROA not before: Thu 12 Sep 2024 11:20:04 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 209242 IP address blocks: 103.244.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7567 (0x1d8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:04 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DAC7FFB957D31DC92CEB93887ABC12CCFCF12D35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b4:b6:b6:c4:59:35:67:89:28:94:ea:81:48: 62:fb:e3:f5:e7:f2:16:24:31:7e:86:13:eb:01:d4: df:72:45:0e:6c:f3:e0:11:34:23:85:75:79:14:9d: b3:a3:d7:2a:78:b2:ea:b4:d7:7f:4f:3e:12:c9:60: bd:50:de:75:9c:06:a9:b0:24:05:76:05:20:ea:c9: 26:92:9f:65:6d:a8:f9:ba:30:36:c4:c6:a8:20:44: 21:1a:ef:e9:c1:6a:93:03:c7:ae:94:8e:ab:8a:80: 2b:11:bc:ae:91:78:6c:d0:69:bd:e6:30:04:ba:5c: 75:7f:6e:2d:c3:10:25:36:e6:b9:32:b6:e5:2b:90: 5e:82:92:54:95:7c:df:b5:67:8e:5e:34:b9:2f:6b: c3:77:35:cb:68:3d:d1:3a:d2:72:48:23:8e:e4:db: e1:1c:f4:39:e3:df:eb:b1:b4:0f:78:47:4c:8a:2e: f6:32:2c:ba:cb:74:49:79:3d:5c:ac:36:99:61:a5: bf:8b:f4:f3:84:81:3f:0b:a7:ca:5a:d2:7b:96:8f: 45:e0:bc:26:78:ad:e8:e5:ea:35:c0:f6:19:62:af: c1:d2:97:ad:79:0c:2e:c8:59:68:3c:1f:e8:7c:47: ab:52:91:11:b1:1a:eb:b3:34:0d:fd:28:ac:1d:0c: f2:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:C7:FF:B9:57:D3:1D:C9:2C:EB:93:88:7A:BC:12:CC:FC:F1:2D:35 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/2sf_uVfTHcks65OIerwSzPzxLTU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.119.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:4a:e0:b3:7c:2e:d6:a4:0a:28:81:07:91:12:05:3f:87:c5: ba:d1:d3:47:76:29:b4:4e:48:20:d0:53:f2:19:3f:89:56:95: 99:71:fe:a3:b6:c1:f0:01:68:e3:55:75:78:1e:a5:29:a2:d8: 98:29:d8:b0:34:af:15:00:49:50:c8:5c:26:e6:13:88:00:33: 65:7e:5f:56:13:cb:ab:36:05:40:95:dc:0a:61:0a:b6:87:02: 52:50:ba:ff:ec:29:4e:a8:00:39:09:91:76:83:68:80:f6:d8: d0:d9:09:70:1f:cc:19:57:4b:d4:d5:93:74:9e:55:9e:2d:aa: 71:1c:af:cd:47:33:ea:0d:31:d7:23:eb:3f:9f:5f:32:00:ee: 1d:63:ec:fa:d7:0a:13:48:8f:eb:0b:44:cf:07:ba:c6:b0:c5: 43:bb:85:47:54:cd:1b:ce:b7:a4:16:a2:61:54:c9:56:9d:a3: c2:de:ea:3c:ae:de:25:04:73:5a:2b:bc:15:dd:65:7b:dc:e0: 3b:35:51:39:f5:fb:59:e8:50:a9:65:65:3d:71:d6:27:6b:d5: 40:50:1a:66:78:86:47:83:76:33:22:8e:91:3d:f9:e1:56:1a: 69:18:5c:cf:28:bf:67:3e:1e:3a:6a:fd:42:c9:71:97:fa:20: a1:d4:5c:4d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHY8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERBQzdGRkI5NTdEMzFE QzkyQ0VCOTM4ODdBQkMxMkNDRkNGMTJEMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCptLa2xFk1Z4kolOqBSGL74/Xn8hYkMX6GE+sB1N9yRQ5s8+AR NCOFdXkUnbOj1yp4suq0139PPhLJYL1Q3nWcBqmwJAV2BSDqySaSn2VtqPm6MDbE xqggRCEa7+nBapMDx66UjquKgCsRvK6ReGzQab3mMAS6XHV/bi3DECU25rkytuUr kF6CklSVfN+1Z45eNLkva8N3NctoPdE60nJII47k2+Ec9Dnj3+uxtA94R0yKLvYy LLrLdEl5PVysNplhpb+L9POEgT8Lp8pa0nuWj0XgvCZ4rejl6jXA9hlir8HSl615 DC7IWWg8H+h8R6tSkRGxGuuzNA39KKwdDPIrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2sf/uVfTHcks65OIerwSzPzxLTUwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvMnNmX3VWZlRIY2tz NjVPSWVyd1N6UHp4TFRVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGf0dzANBgkqhkiG9w0BAQsFAAOCAQEAekrgs3wu1qQKKIEHkRIFP4fFutHT R3YptE5IINBT8hk/iVaVmXH+o7bB8AFo41V1eB6lKaLYmCnYsDSvFQBJUMhcJuYT iAAzZX5fVhPLqzYFQJXcCmEKtocCUlC6/+wpTqgAOQmRdoNogPbY0NkJcB/MGVdL 1NWTdJ5Vni2qcRyvzUcz6g0x1yPrP59fMgDuHWPs+tcKE0iP6wtEzwe6xrDFQ7uF R1TNG863pBaiYVTJVp2jwt7qPK7eJQRzWiu8Fd1le9zgOzVROfX7WehQqWVlPXHW J2vVQFAaZniGR4N2MyKOkT354VYaaRhczyi/Zz4eOmr9Qslxl/ogodRcTQ== -----END CERTIFICATE-----Generated at Fri Nov 22 02:02:42 2024 by rpki-client on console-ams.rpki-client.org