$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1587/hChTticOg_Igfh0977CJB4t0-GA.roa File: hChTticOg_Igfh0977CJB4t0-GA.roa (raw, json) Hash identifier: +naNd6MebVMszrh375bKWJPhqQbP2Am/duSbLeVK6zw= Subject key identifier: 84:28:53:B6:27:0E:83:F2:20:7E:1D:3D:EF:B0:89:07:8B:74:F8:60 Certificate issuer: /CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Certificate serial: 15FF Authority key identifier: 2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/hChTticOg_Igfh0977CJB4t0-GA.roa Signing time: Wed 13 Mar 2024 01:22:01 +0000 ROA not before: Wed 13 Mar 2024 01:22:01 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 132168 IP address blocks: 103.204.72.0/22 maxlen: 24 202.160.140.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 02:21:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5631 (0x15ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2DE14F2AC7F0238137052EAA315C5BD643134022 Validity Not Before: Mar 13 01:22:01 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=842853B6270E83F2207E1D3DEFB089078B74F860 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:eb:3e:7b:54:0e:9d:08:bd:57:c5:2b:87:95: 69:1f:90:3d:e1:19:ef:3b:28:76:32:23:16:ea:52: 43:4a:ce:57:c5:cd:84:f1:ff:bb:ea:7d:d8:e0:c2: f6:32:df:1b:cf:ec:4d:b4:5e:5c:60:81:07:c5:14: 97:79:43:69:5c:07:dc:0a:dd:52:d1:77:6f:e5:dc: 62:1b:70:7e:a0:67:83:20:f3:28:01:d4:94:7f:96: cc:18:0b:29:56:1b:bd:31:10:d0:d3:fc:e2:c6:6a: 1e:b2:0b:ba:9b:51:eb:b8:6f:1a:29:6d:33:fb:f6: 05:11:25:f3:1f:1b:76:cc:c5:86:99:8d:42:d4:f4: 89:6b:14:94:09:20:a1:d9:01:e5:83:bd:3d:c2:48: 5f:7b:f6:f3:95:93:bb:f9:49:ee:e3:ee:a8:7e:28: 22:39:24:d4:76:a7:ef:22:bc:38:73:6e:e0:a5:40: ed:3a:76:3e:c7:b3:03:34:bc:fd:e2:09:6b:4e:fb: 43:82:dd:db:e1:14:e6:af:9b:f0:ed:e0:c3:43:4b: 63:d9:37:de:08:1c:e4:59:07:fa:60:8b:88:51:4d: 38:3c:3e:c2:8d:95:8f:4f:b6:be:8a:69:30:98:31: 68:84:92:ab:7f:39:f7:f9:ab:37:4d:a3:cc:b6:08: 2d:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:28:53:B6:27:0E:83:F2:20:7E:1D:3D:EF:B0:89:07:8B:74:F8:60 X509v3 Authority Key Identifier: keyid:2D:E1:4F:2A:C7:F0:23:81:37:05:2E:AA:31:5C:5B:D6:43:13:40:22 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/LeFPKsfwI4E3BS6qMVxb1kMTQCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LeFPKsfwI4E3BS6qMVxb1kMTQCI.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1587/hChTticOg_Igfh0977CJB4t0-GA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.204.72.0/22 202.160.140.0/22 Signature Algorithm: sha256WithRSAEncryption 39:dd:ff:47:b1:a6:48:18:3c:d0:53:37:38:f0:3a:9f:41:5c: 34:f2:b4:eb:3d:e3:5a:c8:a7:69:13:47:0f:3c:16:3a:41:4c: e5:0b:71:62:d5:88:88:25:30:c2:36:98:89:ef:64:27:60:95: a3:0b:1a:cc:01:f1:97:51:d5:84:d8:cd:93:ae:4f:cb:49:a4: fd:7c:77:97:e3:52:a8:15:13:69:91:52:ad:6b:e2:dd:2f:d4: c8:6b:6c:0e:53:bc:74:38:08:c6:0b:9b:5d:e3:61:f0:9f:08: c3:25:c7:e7:e4:04:5b:24:05:1a:e5:8e:95:00:1a:d9:bc:ea: 47:3b:0e:f0:ef:9b:05:2d:e6:de:7c:16:09:65:69:66:05:b3: a6:32:d2:d4:0c:44:7f:ae:88:a6:b8:d5:fa:1a:cc:7f:12:e1: 8c:13:4a:7b:31:a3:77:7c:89:1b:40:4c:6d:63:53:05:59:f3: 2b:59:fb:d7:b6:1a:91:89:27:c6:79:6c:71:bd:c4:df:e4:9d: 0c:d4:8f:fc:54:03:76:5b:a0:6a:8c:9b:00:30:b8:8b:2c:9b: dc:cf:f5:92:b8:de:da:ff:f9:f6:0c:bb:c9:47:92:57:6b:15: 58:99:07:c6:7f:b2:f0:21:51:6c:39:8c:9f:4a:87:3e:bf:fe: 30:c6:ae:6b -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICFf8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF MTRGMkFDN0YwMjM4MTM3MDUyRUFBMzE1QzVCRDY0MzEzNDAyMjAeFw0yNDAzMTMw MTIyMDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg0Mjg1M0I2MjcwRTgz RjIyMDdFMUQzREVGQjA4OTA3OEI3NEY4NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDf6z57VA6dCL1XxSuHlWkfkD3hGe87KHYyIxbqUkNKzlfFzYTx /7vqfdjgwvYy3xvP7E20XlxggQfFFJd5Q2lcB9wK3VLRd2/l3GIbcH6gZ4Mg8ygB 1JR/lswYCylWG70xENDT/OLGah6yC7qbUeu4bxopbTP79gURJfMfG3bMxYaZjULU 9IlrFJQJIKHZAeWDvT3CSF979vOVk7v5Se7j7qh+KCI5JNR2p+8ivDhzbuClQO06 dj7HswM0vP3iCWtO+0OC3dvhFOavm/Dt4MNDS2PZN94IHORZB/pgi4hRTTg8PsKN lY9Ptr6KaTCYMWiEkqt/Off5qzdNo8y2CC2FAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUhChTticOg/Igfh0977CJB4t0+GAwHwYDVR0jBBgwFoAULeFPKsfwI4E3BS6q MVxb1kMTQCIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTU4 Ny9MZUZQS3Nmd0k0RTNCUzZxTVZ4YjFrTVRRQ0kuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0xlRlBLc2Z3STRFM0JTNnFNVnhiMWtNVFFDSS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE1ODcvaENoVHRpY09nX0ln ZmgwOTc3Q0pCNHQwLUdBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAmfMSAMEAsqgjDANBgkqhkiG9w0BAQsFAAOCAQEAOd3/R7GmSBg80FM3OPA6 n0FcNPK06z3jWsinaRNHDzwWOkFM5QtxYtWIiCUwwjaYie9kJ2CVowsazAHxl1HV hNjNk65Py0mk/Xx3l+NSqBUTaZFSrWvi3S/UyGtsDlO8dDgIxgubXeNh8J8IwyXH 5+QEWyQFGuWOlQAa2bzqRzsO8O+bBS3m3nwWCWVpZgWzpjLS1AxEf66IprjV+hrM fxLhjBNKezGjd3yJG0BMbWNTBVnzK1n717YakYknxnlscb3E3+SdDNSP/FQDdlug aoybADC4iyyb3M/1krje2v/59gy7yUeSV2sVWJkHxn+y8CFRbDmMn0qHPr/+MMau aw== -----END CERTIFICATE-----Generated at Fri Nov 22 23:40:44 2024 by rpki-client on console-fra.rpki-client.org