$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/AolRVv85EFkDTmzgm3lL_oYrCGc.roa File: AolRVv85EFkDTmzgm3lL_oYrCGc.roa (raw, json) Hash identifier: Fah2YDamI2FvAA3gMqyQQHJxtYNp8470LrhxEAMEqzQ= Subject key identifier: 02:89:51:56:FF:39:10:59:03:4E:6C:E0:9B:79:4B:FE:86:2B:08:67 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 19EE Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/AolRVv85EFkDTmzgm3lL_oYrCGc.roa Signing time: Wed 13 Mar 2024 01:21:11 +0000 ROA not before: Wed 13 Mar 2024 01:21:11 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139648 IP address blocks: 103.244.116.0/22 maxlen: 24 103.244.118.0/24 maxlen: 24 103.244.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Jun 2024 11:24:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6638 (0x19ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Mar 13 01:21:11 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=02895156FF391059034E6CE09B794BFE862B0867 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:67:da:da:11:dc:d8:09:e3:1e:cc:b6:3d:72: dd:34:8e:11:d4:6f:9e:59:66:d0:1f:7f:1d:fe:e0: 45:cc:ee:52:63:78:8b:c1:0c:ea:e2:32:e8:1f:28: fa:1e:2b:ab:01:2a:e9:83:d2:4d:9d:a0:50:d5:be: 37:f6:48:d5:34:ae:a4:90:08:b6:fe:a7:e3:9f:d1: 64:1d:9a:11:d0:98:7d:c8:33:7b:ab:7d:a9:fe:f7: 8a:a6:e3:15:d4:cd:1e:19:4d:99:2d:25:70:ef:54: 47:6b:98:c4:85:b2:79:84:b5:a3:7f:85:49:23:44: 6f:cb:f4:79:75:98:f7:f9:5f:00:ee:62:51:f5:4b: 6e:45:15:51:9d:64:97:d3:a3:fd:4c:bb:49:fa:14: bd:ed:d4:1c:d1:75:89:34:d9:99:a8:e9:18:78:a7: 6b:5d:45:6a:27:48:d3:22:db:22:48:a5:64:3b:ac: 6a:0f:fc:b5:2a:c0:be:ac:5f:c4:ae:72:6f:a5:14: 7e:ae:a6:9b:05:60:77:c4:4b:a6:08:ee:e7:57:fb: 95:cd:36:a0:4c:da:ef:b9:44:54:18:34:e9:f0:14: 10:81:a4:cf:c5:da:61:7d:47:4f:3b:af:94:71:78: a1:1a:ce:16:b1:d9:ef:b3:c5:1c:ad:1c:cd:4f:ea: ed:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:89:51:56:FF:39:10:59:03:4E:6C:E0:9B:79:4B:FE:86:2B:08:67 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/AolRVv85EFkDTmzgm3lL_oYrCGc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.116.0/22 Signature Algorithm: sha256WithRSAEncryption 59:88:fc:01:54:3d:65:e6:b9:51:3c:c0:b0:fe:27:ac:ad:38: 0f:2a:9a:07:1c:4d:e9:c2:73:69:a1:05:ef:c9:e3:b0:3f:ad: ff:bd:b7:e1:c3:8d:43:45:69:68:d4:2f:30:39:3b:bc:05:08: af:16:fe:6c:7d:35:26:11:a4:76:19:94:46:5b:58:4c:ae:95: 11:a7:58:53:43:e8:e4:85:31:0b:df:15:ed:be:3d:9a:8d:4c: 0d:f8:63:15:f3:03:78:ba:01:70:35:8f:4b:b3:31:ff:59:7b: 9b:cb:7d:e0:01:4d:67:70:ac:f7:59:eb:1b:62:3c:d3:2c:c3: 69:ee:18:c7:56:13:8b:be:af:f2:a5:c9:be:31:fb:b5:5b:83: 60:47:49:12:05:6f:7f:86:93:5b:7c:43:9c:9c:2c:50:51:b9: 32:f6:a3:40:36:a4:eb:43:72:c3:a3:57:b2:f6:dd:e6:50:d8: 9a:71:54:2a:ef:a0:d6:6e:d4:aa:65:ec:05:39:5f:5c:de:8a: bf:46:6a:0c:b7:4f:6b:68:59:0d:bd:a7:de:21:d5:07:4c:10: 07:8b:2b:8c:6b:26:fe:09:85:b6:61:fc:60:89:2c:80:c1:36: ae:b6:8b:2a:ec:f9:a9:7a:91:ef:9b:66:d7:d2:21:a9:32:7f: 2d:00:5c:dd -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMTMw MTIxMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAyODk1MTU2RkYzOTEw NTkwMzRFNkNFMDlCNzk0QkZFODYyQjA4NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBZ9raEdzYCeMezLY9ct00jhHUb55ZZtAffx3+4EXM7lJjeIvB DOriMugfKPoeK6sBKumD0k2doFDVvjf2SNU0rqSQCLb+p+Of0WQdmhHQmH3IM3ur fan+94qm4xXUzR4ZTZktJXDvVEdrmMSFsnmEtaN/hUkjRG/L9Hl1mPf5XwDuYlH1 S25FFVGdZJfTo/1Mu0n6FL3t1BzRdYk02Zmo6Rh4p2tdRWonSNMi2yJIpWQ7rGoP /LUqwL6sX8Sucm+lFH6uppsFYHfES6YI7udX+5XNNqBM2u+5RFQYNOnwFBCBpM/F 2mF9R087r5RxeKEazhax2e+zxRytHM1P6u0dAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUAolRVv85EFkDTmzgm3lL/oYrCGcwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvQW9sUlZ2ODVFRmtE VG16Z20zbExfb1lyQ0djLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmf0dDANBgkqhkiG9w0BAQsFAAOCAQEAWYj8AVQ9Zea5UTzAsP4nrK04Dyqa BxxN6cJzaaEF78njsD+t/7234cONQ0VpaNQvMDk7vAUIrxb+bH01JhGkdhmURltY TK6VEadYU0Po5IUxC98V7b49mo1MDfhjFfMDeLoBcDWPS7Mx/1l7m8t94AFNZ3Cs 91nrG2I80yzDae4Yx1YTi76v8qXJvjH7tVuDYEdJEgVvf4aTW3xDnJwsUFG5Mvaj QDak60Nyw6NXsvbd5lDYmnFUKu+g1m7UqmXsBTlfXN6Kv0ZqDLdPa2hZDb2n3iHV B0wQB4srjGsm/gmFtmH8YIksgME2rraLKuz5qXqR75tm19IhqTJ/LQBc3Q== -----END CERTIFICATE-----Generated at Sat Jun 1 07:13:55 2024 by rpki-client on console-ams.rpki-client.org