$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/o7ZmOW9qOsqZ0bHchQ6Nv-vA914.roa File: o7ZmOW9qOsqZ0bHchQ6Nv-vA914.roa (raw, json) Hash identifier: EpikzgR5XeVLPyQXbMACsFePHc6e8L/dPN7LjpPduTI= Subject key identifier: A3:B6:66:39:6F:6A:3A:CA:99:D1:B1:DC:85:0E:8D:BF:EB:C0:F7:5E Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D8A Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/o7ZmOW9qOsqZ0bHchQ6Nv-vA914.roa Signing time: Thu 12 Sep 2024 11:20:02 +0000 ROA not before: Thu 12 Sep 2024 11:20:02 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 209242 IP address blocks: 103.244.116.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 06:51:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7562 (0x1d8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:20:02 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A3B666396F6A3ACA99D1B1DC850E8DBFEBC0F75E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:bd:2a:d4:45:87:83:9f:9b:f2:2a:e9:47:2f: 6e:ea:4a:5b:d5:0b:94:82:93:c6:0a:6c:b1:d1:de: 7a:c1:df:7c:3b:fc:45:d8:ac:ab:a7:0d:68:55:be: de:c9:b9:6d:26:42:36:dc:bd:88:a1:ed:43:71:a8: 53:01:1b:5c:ed:08:41:45:27:f8:cc:f4:0f:19:c1: b9:01:e5:bd:7c:dd:02:ad:7a:1c:ce:0c:c9:11:cd: 44:b2:f9:ee:99:88:73:79:54:76:93:20:e1:de:5c: e5:0c:96:55:fb:3f:b3:38:3d:86:ac:b5:c7:86:de: 0c:5f:73:50:dd:19:f7:b2:30:26:69:5b:95:a4:45: dd:56:7c:79:cb:e4:18:d0:0d:b7:5d:6a:a5:3d:64: 3c:9a:14:1a:1d:75:8f:ed:bb:54:a1:11:cd:7b:3e: a6:57:34:2c:82:b1:8f:a8:58:03:90:b7:1c:95:00: 59:62:8b:19:b8:d9:69:87:37:2e:4e:3f:69:3f:37: 7a:54:f0:a6:41:c6:50:d4:0b:f3:c0:bb:32:92:f1: df:e4:f5:26:d5:97:59:5b:d8:9b:d0:af:71:d2:02: 88:79:85:d2:fb:0f:c3:0e:e1:7d:6e:de:ea:e1:1b: 60:71:81:85:d4:8e:05:bf:1c:be:4b:c3:bd:08:bb: 76:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:B6:66:39:6F:6A:3A:CA:99:D1:B1:DC:85:0E:8D:BF:EB:C0:F7:5E X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/o7ZmOW9qOsqZ0bHchQ6Nv-vA914.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.244.116.0/22 Signature Algorithm: sha256WithRSAEncryption e0:17:c1:c7:7c:89:47:67:a1:3b:dd:9d:78:dd:2f:bb:cc:97: 22:3a:2e:17:76:e2:29:2c:c2:49:ce:d0:a7:8a:94:60:1b:60: eb:92:d7:33:97:b2:88:fb:6a:93:84:15:e5:db:09:21:f1:c3: e9:10:7c:5e:85:3d:e6:15:4f:83:c1:eb:ee:98:88:cc:08:8d: 0e:85:35:ea:62:f9:a9:79:98:dc:9a:44:95:38:87:5e:e2:0a: 98:59:a9:23:7a:95:2e:1d:d5:09:ab:d4:f2:a2:6c:08:16:29: 6b:cf:3a:bd:49:53:69:a9:b5:53:0a:56:7d:45:9f:6f:b8:d0: 32:31:f1:5b:b3:ef:86:07:3e:7a:83:bd:0e:be:f6:29:b7:26: b3:a1:69:34:48:80:37:69:ac:d4:e0:c6:eb:26:af:74:66:6c: 95:f9:66:6f:b3:31:6a:69:de:bc:d0:44:17:9e:fd:0d:34:58: 83:0f:ed:d6:05:a4:f7:d8:88:82:d2:d8:b1:55:34:58:0a:7e: b4:8b:42:15:b5:be:81:ed:7f:60:58:9c:5f:65:19:36:a8:19: 48:60:2d:6c:4d:10:c2:46:57:8b:b7:3f:38:13:7a:9c:2c:d3: 52:88:ae:df:59:63:ef:76:b9:cd:c8:bc:c4:3a:dc:c8:9a:4b: e3:4f:2b:8d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTIwMDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEzQjY2NjM5NkY2QTNB Q0E5OUQxQjFEQzg1MEU4REJGRUJDMEY3NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTvSrURYeDn5vyKulHL27qSlvVC5SCk8YKbLHR3nrB33w7/EXY rKunDWhVvt7JuW0mQjbcvYih7UNxqFMBG1ztCEFFJ/jM9A8ZwbkB5b183QKtehzO DMkRzUSy+e6ZiHN5VHaTIOHeXOUMllX7P7M4PYastceG3gxfc1DdGfeyMCZpW5Wk Rd1WfHnL5BjQDbddaqU9ZDyaFBoddY/tu1ShEc17PqZXNCyCsY+oWAOQtxyVAFli ixm42WmHNy5OP2k/N3pU8KZBxlDUC/PAuzKS8d/k9SbVl1lb2JvQr3HSAoh5hdL7 D8MO4X1u3urhG2BxgYXUjgW/HL5Lw70Iu3ZZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUo7ZmOW9qOsqZ0bHchQ6Nv+vA914wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvbzdabU9XOXFPc3Fa MGJIY2hRNk52LXZBOTE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmf0dDANBgkqhkiG9w0BAQsFAAOCAQEA4BfBx3yJR2ehO92deN0vu8yXIjou F3biKSzCSc7Qp4qUYBtg65LXM5eyiPtqk4QV5dsJIfHD6RB8XoU95hVPg8Hr7piI zAiNDoU16mL5qXmY3JpElTiHXuIKmFmpI3qVLh3VCavU8qJsCBYpa886vUlTaam1 UwpWfUWfb7jQMjHxW7Pvhgc+eoO9Dr72Kbcms6FpNEiAN2ms1ODG6yavdGZslflm b7MxamnevNBEF579DTRYgw/t1gWk99iIgtLYsVU0WAp+tItCFbW+ge1/YFicX2UZ NqgZSGAtbE0QwkZXi7c/OBN6nCzTUoiu31lj73a5zci8xDrcyJpL408rjQ== -----END CERTIFICATE-----Generated at Fri Nov 22 04:32:49 2024 by rpki-client on console-fra.rpki-client.org