$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/il48wMOcWKJXqTM6mlGip4hQEQc.roa File: il48wMOcWKJXqTM6mlGip4hQEQc.roa (raw, json) Hash identifier: 8mI3F84+eS+u1HAS3j2dxh5M8SUD2ckwDfpE5xnbNYE= Subject key identifier: 8A:5E:3C:C0:C3:9C:58:A2:57:A9:33:3A:9A:51:A2:A7:88:50:11:07 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D96 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/il48wMOcWKJXqTM6mlGip4hQEQc.roa Signing time: Thu 12 Sep 2024 11:20:07 +0000 ROA not before: Thu 12 Sep 2024 11:20:07 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 61317 IP address blocks: 103.244.116.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 06:51:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7574 (0x1d96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:07 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=8A5E3CC0C39C58A257A9333A9A51A2A788501107 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:79:ae:1a:40:f5:4e:54:f2:64:4d:69:0c:1a: 3c:ab:0b:b9:3f:98:a1:f0:b3:fd:ab:14:6c:c1:8f: b9:43:61:0b:36:a3:40:d2:05:24:83:03:85:82:26: 78:f6:a5:4b:ae:72:96:c7:a5:e7:61:17:ad:a4:b2: b2:b9:d9:7f:17:4f:bb:12:6e:91:99:d3:11:69:b2: ea:cb:1c:09:a9:8d:d9:e6:59:4e:70:04:2e:b8:07: 5a:26:41:90:70:5b:7c:57:1a:33:0c:13:4e:2d:7b: d5:77:bd:3e:cf:f2:42:10:a6:91:b1:8d:43:71:44: 86:71:2e:c1:6b:62:c4:e1:67:0f:b8:f8:33:6d:71: 3f:e9:bf:15:c4:5e:19:b8:77:53:2a:76:16:04:93: 9b:ab:f7:53:07:8b:bb:c7:5d:ab:72:94:6e:f0:92: ea:2b:f7:97:c8:aa:df:11:6c:86:bb:b8:fc:06:c5: 88:4c:8a:3a:70:29:51:06:38:7e:67:eb:18:c5:ca: d1:14:f3:a3:81:28:33:de:6a:6d:4c:7d:69:78:b4: d3:06:70:42:52:cb:c1:76:11:57:b3:7f:19:15:d6: 49:88:79:c2:9e:42:87:1c:1d:1a:5d:60:b0:86:b5: 5f:0a:e3:cb:4c:59:d1:1b:1c:83:de:54:ee:02:91: c4:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:5E:3C:C0:C3:9C:58:A2:57:A9:33:3A:9A:51:A2:A7:88:50:11:07 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/il48wMOcWKJXqTM6mlGip4hQEQc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.116.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:19:8d:da:3e:52:ea:dd:b0:54:77:20:0a:01:de:22:4f:eb: df:27:8b:7d:2d:34:70:08:35:79:e8:53:72:64:00:d3:fc:3e: b2:21:8d:2b:1e:9c:8f:73:a8:91:5c:26:53:2f:14:10:6e:ec: a6:0f:16:2c:a6:41:85:d3:82:5a:ac:92:f2:6c:48:36:16:d1: 4a:19:17:17:ab:f7:88:a0:6a:d8:28:7c:63:1e:c4:0a:50:24: a9:21:74:76:e8:28:59:a1:31:f3:25:a9:21:ae:33:74:bf:5e: a2:59:f5:5c:b0:6e:09:a4:90:db:83:9c:83:15:35:f0:ac:d1: 49:18:76:92:99:42:c9:5f:9b:2d:f0:a9:76:a9:3f:db:c2:58: 18:a7:53:13:6d:ea:92:01:c2:91:92:a7:3d:d3:8e:49:69:10: a4:e7:7b:74:cb:c5:0a:21:5c:9a:6d:4b:f2:f0:32:8b:df:8f: f0:39:09:54:37:77:1c:89:ba:70:38:ed:15:5b:5d:53:5c:1c: 7b:10:c5:7d:8b:31:d3:72:3c:b6:d0:1e:33:77:f7:28:1c:e3: c6:26:a7:a5:11:ea:6c:98:5e:67:05:b8:d9:df:cb:6a:f7:05: 69:66:33:3f:fb:75:cb:cd:c2:96:39:f6:7a:ca:01:06:32:0f: 18:82:f5:16 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhBNUUzQ0MwQzM5QzU4 QTI1N0E5MzMzQTlBNTFBMkE3ODg1MDExMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2ea4aQPVOVPJkTWkMGjyrC7k/mKHws/2rFGzBj7lDYQs2o0DS BSSDA4WCJnj2pUuucpbHpedhF62ksrK52X8XT7sSbpGZ0xFpsurLHAmpjdnmWU5w BC64B1omQZBwW3xXGjMME04te9V3vT7P8kIQppGxjUNxRIZxLsFrYsThZw+4+DNt cT/pvxXEXhm4d1MqdhYEk5ur91MHi7vHXatylG7wkuor95fIqt8RbIa7uPwGxYhM ijpwKVEGOH5n6xjFytEU86OBKDPeam1MfWl4tNMGcEJSy8F2EVezfxkV1kmIecKe QoccHRpdYLCGtV8K48tMWdEbHIPeVO4CkcS/AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUil48wMOcWKJXqTM6mlGip4hQEQcwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvaWw0OHdNT2NXS0pY cVRNNm1sR2lwNGhRRVFjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmf0dDANBgkqhkiG9w0BAQsFAAOCAQEAnxmN2j5S6t2wVHcgCgHeIk/r3yeL fS00cAg1eehTcmQA0/w+siGNKx6cj3OokVwmUy8UEG7spg8WLKZBhdOCWqyS8mxI NhbRShkXF6v3iKBq2Ch8Yx7EClAkqSF0dugoWaEx8yWpIa4zdL9eoln1XLBuCaSQ 24OcgxU18KzRSRh2kplCyV+bLfCpdqk/28JYGKdTE23qkgHCkZKnPdOOSWkQpOd7 dMvFCiFcmm1L8vAyi9+P8DkJVDd3HIm6cDjtFVtdU1wcexDFfYsx03I8ttAeM3f3 KBzjxianpRHqbJheZwW42d/LavcFaWYzP/t1y83Cljn2esoBBjIPGIL1Fg== -----END CERTIFICATE-----Generated at Fri Nov 22 02:37:53 2024 by rpki-client on console-fra.rpki-client.org