$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/82HUZN1PHcM21yiLKlvgzUbpuiA.roa File: 82HUZN1PHcM21yiLKlvgzUbpuiA.roa (raw, json) Hash identifier: MGZdWX+vVPShvShzYQoKVrjhA0UM4EuEB1KN0/EVC7E= Subject key identifier: F3:61:D4:64:DD:4F:1D:C3:36:D7:28:8B:2A:5B:E0:CD:46:E9:BA:20 Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Certificate serial: 15FE Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/82HUZN1PHcM21yiLKlvgzUbpuiA.roa Signing time: Wed 13 Mar 2024 01:22:01 +0000 ROA not before: Wed 13 Mar 2024 01:22:01 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 63689 IP address blocks: 103.204.72.0/22 maxlen: 24 202.160.140.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5630 (0x15fe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Validity Not Before: Mar 13 01:22:01 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=F361D464DD4F1DC336D7288B2A5BE0CD46E9BA20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:1b:15:88:39:9c:c5:20:13:dc:70:fb:f6:2b: 92:30:63:96:f2:2b:1e:e8:2e:77:14:9d:1b:32:03: a1:c1:de:35:c8:8a:d8:90:92:c4:0a:0d:1a:bd:fa: 0b:0f:b2:ae:5d:da:a0:00:c9:27:43:87:42:3a:56: 7e:c5:55:ca:3c:13:dc:c3:a7:f2:b3:e5:85:88:c9: 28:92:df:37:fa:5a:af:36:bc:7e:b8:81:c5:29:27: 15:8c:56:41:0a:24:d0:24:0f:66:a9:f6:42:c0:7d: 7c:d5:6f:74:9c:9b:7b:8b:b2:c0:49:c4:07:44:a3: 64:af:85:b6:67:a6:7a:e0:8c:66:56:ef:fb:f8:ae: 16:32:0c:05:22:30:33:5f:35:55:bb:59:fd:8c:ed: f0:56:f2:da:d7:73:5f:ef:d0:e8:00:b9:d7:64:07: 3f:d9:49:10:3d:4f:d0:56:54:48:e9:c3:c1:12:f9: e1:e1:2a:46:f0:5a:d1:28:be:85:6e:74:1a:0a:34: b9:ea:57:ca:db:ce:18:50:9a:ee:91:3d:c0:69:ba: 35:8e:91:f1:4a:ff:1e:30:b5:93:c2:43:2a:1f:a4: 9c:ba:e0:18:13:10:e4:3b:c5:9f:f3:24:73:dc:c0: 3d:dc:ed:1b:a9:f1:0b:7a:19:a1:da:52:4e:1d:a4: ec:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:61:D4:64:DD:4F:1D:C3:36:D7:28:8B:2A:5B:E0:CD:46:E9:BA:20 X509v3 Authority Key Identifier: keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/82HUZN1PHcM21yiLKlvgzUbpuiA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.204.72.0/22 202.160.140.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:23:68:6d:78:99:65:d7:41:1d:db:d2:05:4f:05:94:05:5f: 53:f2:3b:d4:ca:cb:96:bc:95:40:5f:e1:c8:79:f6:f5:0e:c7: 62:1c:8a:70:ac:84:65:27:21:22:6f:68:96:b3:ba:2e:06:14: 16:1e:99:25:3a:65:dc:61:ff:4a:ed:77:16:f3:04:2d:65:54: 1c:25:ac:1e:5e:2c:2c:ca:8c:da:d2:7f:80:b4:64:9b:76:43: 9d:a4:a7:11:ed:12:16:36:f8:67:ac:9b:f0:84:5d:5d:f0:26: 45:06:f0:d1:ed:da:c6:0e:80:a1:ba:0a:e5:4b:f3:e4:15:7d: 03:23:02:9c:da:81:ad:c4:c7:6f:2b:fe:a3:8f:6f:b4:d8:99: c4:38:c2:58:23:1d:c1:89:66:17:03:f9:2c:74:e5:82:c6:29: a8:3d:0a:79:6d:4c:db:b0:ee:a0:30:b3:25:5e:69:77:3a:4b: 46:65:c0:fa:a2:9a:41:34:8a:72:ba:18:ea:ac:72:0e:7d:cd: 99:f5:c2:6c:d8:05:cf:b0:bb:47:90:8a:e5:b2:7c:a7:51:2b: 8c:c5:40:2f:1d:ab:f8:47:3a:27:f9:38:45:b1:d5:9a:65:12: 6a:ee:67:2e:72:c6:40:f5:6f:f9:db:f7:58:dd:ef:2d:a9:c7: 7d:f3:e3:5d -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICFf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNDAzMTMw MTIyMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEYzNjFENDY0REQ0RjFE QzMzNkQ3Mjg4QjJBNUJFMENENDZFOUJBMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDVGxWIOZzFIBPccPv2K5IwY5byKx7oLncUnRsyA6HB3jXIitiQ ksQKDRq9+gsPsq5d2qAAySdDh0I6Vn7FVco8E9zDp/Kz5YWIySiS3zf6Wq82vH64 gcUpJxWMVkEKJNAkD2ap9kLAfXzVb3Scm3uLssBJxAdEo2SvhbZnpnrgjGZW7/v4 rhYyDAUiMDNfNVW7Wf2M7fBW8trXc1/v0OgAuddkBz/ZSRA9T9BWVEjpw8ES+eHh KkbwWtEovoVudBoKNLnqV8rbzhhQmu6RPcBpujWOkfFK/x4wtZPCQyofpJy64BgT EOQ7xZ/zJHPcwD3c7Rup8Qt6GaHaUk4dpOwRAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQU82HUZN1PHcM21yiLKlvgzUbpuiAwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvODJIVVpOMVBIY00y MXlpTEtsdmd6VWJwdWlBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAmfMSAMEAsqgjDANBgkqhkiG9w0BAQsFAAOCAQEADyNobXiZZddBHdvSBU8F lAVfU/I71MrLlryVQF/hyHn29Q7HYhyKcKyEZSchIm9olrO6LgYUFh6ZJTpl3GH/ Su13FvMELWVUHCWsHl4sLMqM2tJ/gLRkm3ZDnaSnEe0SFjb4Z6yb8IRdXfAmRQbw 0e3axg6AoboK5Uvz5BV9AyMCnNqBrcTHbyv+o49vtNiZxDjCWCMdwYlmFwP5LHTl gsYpqD0KeW1M27DuoDCzJV5pdzpLRmXA+qKaQTSKcroY6qxyDn3NmfXCbNgFz7C7 R5CK5bJ8p1ErjMVALx2r+Ec6J/k4RbHVmmUSau5nLnLGQPVv+dv3WN3vLanHffPj XQ== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org