$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/Yn02BaYfU6zzzHCnF9Y7UeACizU.roa File: Yn02BaYfU6zzzHCnF9Y7UeACizU.roa (raw, json) Hash identifier: tpzRxn2YBv8JFot87RTI/f2YYprjyd7VgTsOdDsCGw0= Subject key identifier: 62:7D:36:05:A6:1F:53:AC:F3:CC:70:A7:17:D6:3B:51:E0:02:8B:35 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 19F0 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/Yn02BaYfU6zzzHCnF9Y7UeACizU.roa Signing time: Wed 13 Mar 2024 01:21:12 +0000 ROA not before: Wed 13 Mar 2024 01:21:12 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 209242 IP address blocks: 103.244.116.0/22 maxlen: 24 103.244.118.0/24 maxlen: 24 103.244.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 08:55:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6640 (0x19f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Mar 13 01:21:12 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=627D3605A61F53ACF3CC70A717D63B51E0028B35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:23:14:47:d2:0f:fe:3a:d8:0c:52:cf:c3:2d: 55:3d:6e:ab:a5:dc:c8:2b:ab:3a:5f:68:10:a4:42: 51:ae:a4:6c:63:53:5c:96:3e:c4:96:35:44:7a:54: ce:bb:1e:86:83:3c:b2:1f:c6:10:00:c2:d6:2d:24: c8:c5:e1:02:eb:35:48:fc:3e:7e:bd:6e:a6:84:6f: ba:4f:70:9c:d5:0c:a4:75:d9:c3:fe:0d:7c:e0:73: 85:07:63:94:8b:a1:e4:59:0f:83:33:5b:37:ff:81: fb:95:de:41:60:2b:cc:31:aa:1a:3f:3e:20:04:67: 79:65:6d:4e:54:3d:14:1d:ab:aa:3d:df:4e:c5:5a: 96:f2:26:1c:1d:27:7b:f5:d6:21:28:e6:39:2f:5c: 39:2b:03:36:fd:d2:a0:ae:d0:61:c5:73:a0:05:cd: 16:40:be:20:7a:36:29:7b:f3:50:b1:25:b0:0b:c3: 89:9f:a8:e9:ea:9f:c3:6d:e9:59:23:39:20:88:53: 18:c1:04:6e:a4:8d:3e:77:34:9b:be:60:3c:6b:d2: fa:7c:92:d3:1e:59:d9:44:65:54:e5:2e:64:e9:f1: 11:80:02:ff:f3:64:03:a9:d2:99:44:77:fd:14:90: 80:24:66:9e:da:54:9b:b4:06:b7:68:9c:17:13:63: 60:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:7D:36:05:A6:1F:53:AC:F3:CC:70:A7:17:D6:3B:51:E0:02:8B:35 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/Yn02BaYfU6zzzHCnF9Y7UeACizU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.116.0/22 Signature Algorithm: sha256WithRSAEncryption 6b:2c:1c:9f:80:84:13:f0:a9:10:6f:84:2d:07:26:3d:9c:a4: cc:2b:0d:30:f3:73:0a:e3:6b:7a:54:7f:63:97:59:36:c1:48: 01:fe:de:78:1d:32:2b:e3:f9:a1:96:c6:7c:21:64:9d:bc:53: 31:b8:f8:fb:dd:d5:e9:92:c5:65:54:69:4f:37:6d:78:63:e6: ad:ce:d5:32:ee:09:bb:51:12:b1:74:bd:0b:07:1c:f7:7a:fb: f3:22:d3:ae:7f:43:b0:3a:fc:0e:05:09:a8:3e:3d:f5:39:51: da:d7:02:38:d1:fa:12:20:c4:f1:0e:6f:b1:3c:6c:21:c7:91: fb:d5:f0:3d:f0:18:51:e1:98:f7:52:b5:b1:80:5a:96:b9:17: 24:d6:0a:73:ba:15:78:03:e8:08:14:7e:11:31:f5:35:d0:b7: 82:cd:03:3a:14:72:e8:c3:14:be:2c:29:a2:22:ad:ea:5d:31: 26:b4:ba:36:41:60:f4:bc:e4:84:dd:d4:ac:fc:9e:40:74:87: 12:84:15:1c:16:c2:80:dd:93:c2:d7:15:23:b8:14:e2:2f:dc: 04:fa:d4:a5:e6:7e:8d:6e:ed:b8:dc:bf:42:16:06:c2:8e:64: ce:e1:96:dc:8b:98:5f:12:9d:ee:81:c3:d2:33:05:dd:08:42: 10:b8:88:6d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMTMw MTIxMTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYyN0QzNjA1QTYxRjUz QUNGM0NDNzBBNzE3RDYzQjUxRTAwMjhCMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCdIxRH0g/+OtgMUs/DLVU9bqul3MgrqzpfaBCkQlGupGxjU1yW PsSWNUR6VM67HoaDPLIfxhAAwtYtJMjF4QLrNUj8Pn69bqaEb7pPcJzVDKR12cP+ DXzgc4UHY5SLoeRZD4MzWzf/gfuV3kFgK8wxqho/PiAEZ3llbU5UPRQdq6o9307F WpbyJhwdJ3v11iEo5jkvXDkrAzb90qCu0GHFc6AFzRZAviB6Nil781CxJbALw4mf qOnqn8Nt6VkjOSCIUxjBBG6kjT53NJu+YDxr0vp8ktMeWdlEZVTlLmTp8RGAAv/z ZAOp0plEd/0UkIAkZp7aVJu0BrdonBcTY2CvAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYn02BaYfU6zzzHCnF9Y7UeACizUwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvWW4wMkJhWWZVNnp6 ekhDbkY5WTdVZUFDaXpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmf0dDANBgkqhkiG9w0BAQsFAAOCAQEAaywcn4CEE/CpEG+ELQcmPZykzCsN MPNzCuNrelR/Y5dZNsFIAf7eeB0yK+P5oZbGfCFknbxTMbj4+93V6ZLFZVRpTzdt eGPmrc7VMu4Ju1ESsXS9Cwcc93r78yLTrn9DsDr8DgUJqD499TlR2tcCONH6EiDE 8Q5vsTxsIceR+9XwPfAYUeGY91K1sYBalrkXJNYKc7oVeAPoCBR+ETH1NdC3gs0D OhRy6MMUviwpoiKt6l0xJrS6NkFg9LzkhN3UrPyeQHSHEoQVHBbCgN2TwtcVI7gU 4i/cBPrUpeZ+jW7tuNy/QhYGwo5kzuGW3IuYXxKd7oHD0jMF3QhCELiIbQ== -----END CERTIFICATE-----Generated at Tue May 7 03:54:45 2024 by rpki-client on console-fra.rpki-client.org