$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1534/kE8KURFkRltmZ1-2SoLx-p7TWvw.roa File: kE8KURFkRltmZ1-2SoLx-p7TWvw.roa (raw, json) Hash identifier: TO/DiBQuRq3X8QdZZI0lCVOPkjFYbZChlategWDpTyY= Subject key identifier: 90:4F:0A:51:11:64:46:5B:66:67:5F:B6:4A:82:F1:FA:9E:D3:5A:FC Certificate issuer: /CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E Certificate serial: 1BB3 Authority key identifier: 0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/kE8KURFkRltmZ1-2SoLx-p7TWvw.roa Signing time: Wed 13 Mar 2024 01:23:24 +0000 ROA not before: Wed 13 Mar 2024 01:23:24 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59067 IP address blocks: 103.25.156.0/24 maxlen: 24 111.221.28.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:24:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7091 (0x1bb3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0CA4F183C659ED57FB46D59AD5483D6FE9B34F4E Validity Not Before: Mar 13 01:23:24 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=904F0A511164465B66675FB64A82F1FA9ED35AFC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:5d:2d:75:f9:00:92:68:66:c9:06:f3:9e:a4: 5c:1d:27:61:15:9b:95:78:3e:fa:fd:79:8c:d4:2f: db:a4:67:b9:de:a0:81:f9:e5:75:1f:70:37:2d:db: 8a:97:79:c3:22:9e:ec:2c:f0:98:bb:cf:41:ab:b3: 2a:e5:31:2b:ca:8a:d9:3e:64:5b:d5:8b:e4:d6:41: 93:35:b2:06:44:0c:dd:2f:3b:7a:d6:ce:3c:fa:04: 1f:ca:96:32:14:6b:0d:df:33:ea:3f:f9:af:ce:4b: 14:ed:3e:23:2f:98:51:1a:1e:25:39:8f:66:8f:f8: c9:6d:6c:ae:7a:02:9b:82:11:00:34:0a:4f:eb:70: 9d:5f:82:60:7f:3a:c2:38:5a:d3:67:a7:e1:91:e7: ba:fb:3c:53:93:b7:b6:11:c1:32:e3:31:a9:34:26: 32:2a:af:1b:21:3c:0f:08:04:29:1e:24:2a:32:71: 24:86:e9:01:30:83:37:d1:07:00:e4:5a:01:df:f3: a5:a1:e9:f8:d8:d5:12:a9:2c:ba:3b:7b:8f:25:0a: 4b:a4:3d:be:49:47:fa:fe:88:e4:07:f0:92:e3:c5: 09:53:0b:69:f1:92:ce:4f:c0:98:c0:48:90:dc:b6: b0:34:da:6e:45:48:9f:af:1a:fd:2e:bc:a0:f5:47: f5:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:4F:0A:51:11:64:46:5B:66:67:5F:B6:4A:82:F1:FA:9E:D3:5A:FC X509v3 Authority Key Identifier: keyid:0C:A4:F1:83:C6:59:ED:57:FB:46:D5:9A:D5:48:3D:6F:E9:B3:4F:4E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DKTxg8ZZ7Vf7RtWa1Ug9b-mzT04.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1534/kE8KURFkRltmZ1-2SoLx-p7TWvw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.25.156.0/24 111.221.28.0/24 Signature Algorithm: sha256WithRSAEncryption 0f:29:7a:28:55:fe:85:5e:b2:c7:7a:8d:46:66:4e:f4:16:86: 9b:8e:6f:03:aa:bf:87:71:b0:7c:6e:5f:ad:e3:7c:c8:c4:c4: 0a:31:6e:2c:34:01:b2:9c:0a:fb:ff:9a:18:60:ff:10:82:bf: b6:df:06:e3:03:25:cb:06:2c:2e:ab:b9:af:6b:b4:94:87:11: 4a:a1:82:e4:7a:b7:9a:e9:3f:00:fa:aa:99:a4:da:5f:58:07: 7b:ac:56:e9:85:c1:09:52:56:e3:ad:7f:ba:b8:01:d4:28:2f: ca:f1:12:45:d4:e2:b1:08:55:f3:19:50:a9:ef:68:b1:e1:3b: 56:9e:56:9d:f6:0d:91:35:5e:ab:ff:e6:4a:21:82:01:08:1f: 37:f7:52:3c:0e:47:cf:32:6e:d0:18:47:25:11:a5:2f:f2:c2: 7f:e5:26:c2:02:3e:96:33:4f:fa:02:c9:cd:7c:ee:9b:91:4f: bf:aa:95:dc:b8:0c:23:6e:5e:92:af:aa:75:ff:c6:b7:01:60: 23:b8:07:f4:28:24:50:11:ed:93:b4:64:93:07:d3:6a:3b:7c: 63:3b:5f:0f:52:09:be:7c:d7:f5:61:98:e2:63:cb:80:47:5d: e3:0c:a7:a7:90:64:16:94:af:3c:04:e5:37:2d:70:0c:7c:db: 51:2c:0f:55 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICG7MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMENB NEYxODNDNjU5RUQ1N0ZCNDZENTlBRDU0ODNENkZFOUIzNEY0RTAeFw0yNDAzMTMw MTIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDkwNEYwQTUxMTE2NDQ2 NUI2NjY3NUZCNjRBODJGMUZBOUVEMzVBRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDpXS11+QCSaGbJBvOepFwdJ2EVm5V4Pvr9eYzUL9ukZ7neoIH5 5XUfcDct24qXecMinuws8Ji7z0GrsyrlMSvKitk+ZFvVi+TWQZM1sgZEDN0vO3rW zjz6BB/KljIUaw3fM+o/+a/OSxTtPiMvmFEaHiU5j2aP+MltbK56ApuCEQA0Ck/r cJ1fgmB/OsI4WtNnp+GR57r7PFOTt7YRwTLjMak0JjIqrxshPA8IBCkeJCoycSSG 6QEwgzfRBwDkWgHf86Wh6fjY1RKpLLo7e48lCkukPb5JR/r+iOQH8JLjxQlTC2nx ks5PwJjASJDctrA02m5FSJ+vGv0uvKD1R/VzAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUkE8KURFkRltmZ1+2SoLx+p7TWvwwHwYDVR0jBBgwFoAUDKTxg8ZZ7Vf7RtWa 1Ug9b+mzT04wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTUz NC9ES1R4ZzhaWjdWZjdSdFdhMVVnOWItbXpUMDQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0RLVHhnOFpaN1ZmN1J0V2ExVWc5Yi1telQwNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1MzQva0U4S1VSRmtSbHRt WjEtMlNvTHgtcDdUV3Z3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAGcZnAMEAG/dHDANBgkqhkiG9w0BAQsFAAOCAQEADyl6KFX+hV6yx3qNRmZO 9BaGm45vA6q/h3GwfG5freN8yMTECjFuLDQBspwK+/+aGGD/EIK/tt8G4wMlywYs Lqu5r2u0lIcRSqGC5Hq3muk/APqqmaTaX1gHe6xW6YXBCVJW461/urgB1CgvyvES RdTisQhV8xlQqe9oseE7Vp5WnfYNkTVeq//mSiGCAQgfN/dSPA5HzzJu0BhHJRGl L/LCf+UmwgI+ljNP+gLJzXzum5FPv6qV3LgMI25ekq+qdf/GtwFgI7gH9CgkUBHt k7RkkwfTajt8YztfD1IJvnzX9WGY4mPLgEdd4wynp5BkFpSvPATlNy1wDHzbUSwP VQ== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:39 2024 by rpki-client on console-ams.rpki-client.org