$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1823/yfvPex2Bv8fj70JMombPB9eR9JM.roa File: yfvPex2Bv8fj70JMombPB9eR9JM.roa (raw, json) Hash identifier: 0tkl5Cb65JEm4umqPw3YujQtcmrx7NqySi3D3sojVx8= Subject key identifier: C9:FB:CF:7B:1D:81:BF:C7:E3:EF:42:4C:A2:66:CF:07:D7:91:F4:93 Certificate issuer: /CN=46E7400FC97FC7A2093E054CF0DF42CB77564023 Certificate serial: 2A Authority key identifier: 46:E7:40:0F:C9:7F:C7:A2:09:3E:05:4C:F0:DF:42:CB:77:56:40:23 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/yfvPex2Bv8fj70JMombPB9eR9JM.roa Signing time: Tue 01 Oct 2024 13:25:23 +0000 ROA not before: Tue 01 Oct 2024 13:25:23 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 1449 IP address blocks: 103.59.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46E7400FC97FC7A2093E054CF0DF42CB77564023 Validity Not Before: Oct 1 13:25:23 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C9FBCF7B1D81BFC7E3EF424CA266CF07D791F493 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:7a:38:ce:d4:d2:12:57:e9:1f:c5:ad:54:44: 97:c2:03:a4:e0:b4:68:c1:2f:82:63:b6:f3:4b:25: 4f:d8:f5:14:e1:6b:cb:6a:cb:ab:89:09:bc:28:79: 0b:6d:76:45:4c:80:fc:da:bb:6b:19:fa:ba:69:6f: 48:fb:06:ea:1e:ae:8f:e2:29:9d:82:0f:69:cc:e5: a1:06:77:6d:c1:01:75:54:fe:85:95:62:83:ce:26: c1:70:65:c5:62:09:28:13:4a:36:c6:18:3f:84:30: b2:79:42:3a:ac:3e:c8:cf:80:66:55:e6:08:ec:2f: 33:bb:81:ed:ee:1a:e5:43:4b:d7:d1:94:ab:5b:b1: 26:03:d6:00:68:94:fd:57:75:e1:1f:f7:59:bb:34: 6d:e3:46:53:de:86:35:df:48:40:6e:5f:2e:af:42: fb:ef:60:71:99:72:32:ac:1a:4c:7e:d5:aa:bd:6a: a6:8d:9f:f3:8f:ee:4f:4d:34:60:e9:93:fc:f3:4f: 09:af:a3:a0:da:b6:bf:5c:a7:08:bf:78:ff:53:67: a0:e0:4e:ad:6e:68:69:47:da:d4:03:6f:d0:43:94: f7:13:ad:8b:04:70:37:f1:38:70:4d:d5:ff:a1:24: 66:af:10:4c:3c:f3:b9:64:da:c7:db:85:1b:94:60: d0:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:FB:CF:7B:1D:81:BF:C7:E3:EF:42:4C:A2:66:CF:07:D7:91:F4:93 X509v3 Authority Key Identifier: keyid:46:E7:40:0F:C9:7F:C7:A2:09:3E:05:4C:F0:DF:42:CB:77:56:40:23 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/RudAD8l_x6IJPgVM8N9Cy3dWQCM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/RudAD8l_x6IJPgVM8N9Cy3dWQCM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1823/yfvPex2Bv8fj70JMombPB9eR9JM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.59.123.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:49:cc:ce:02:2c:c6:08:06:ca:f4:95:11:40:3b:f6:4a:d4: 02:36:df:44:e6:d8:63:3b:e1:bc:73:71:fd:1c:a7:0d:e0:45: 63:03:37:9b:12:d0:a8:8e:4a:c3:f9:95:d4:3c:f7:28:b5:7e: c7:af:ef:95:0c:72:df:c7:74:3c:9d:74:64:b7:f2:49:92:48: 1a:f4:4f:5f:0f:fc:95:44:d9:48:ae:dd:d4:3d:d1:06:45:fd: 19:38:f5:65:9c:1e:af:e5:1f:a7:05:12:bf:56:96:c4:d4:43: a6:70:1a:96:47:0d:15:78:f2:56:86:a6:18:4f:0f:18:67:51: 22:81:fd:b4:6a:44:6a:20:87:bc:9c:bb:76:97:84:72:ba:2a: 09:da:e5:71:22:1d:f8:f0:78:36:0d:e9:63:64:42:9c:fd:e4: de:58:71:e2:d6:91:5c:7a:62:5c:da:56:e8:4d:ac:94:7d:65: 05:6e:98:21:71:28:3f:fc:e9:81:cc:fd:9a:1a:53:d7:16:04: 7e:64:c8:24:9b:ab:e2:68:b0:c4:a8:66:fb:8e:58:8c:89:22: a4:5f:3d:9a:94:39:5a:58:ca:8a:9f:19:0d:7b:60:23:80:fb: 5b:1f:0a:1e:11:0a:d4:cf:5a:89:03:c9:fb:5c:19:ac:b1:46: f4:1f:c1:c0 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0NkU3 NDAwRkM5N0ZDN0EyMDkzRTA1NENGMERGNDJDQjc3NTY0MDIzMB4XDTI0MTAwMTEz MjUyM1oXDTI1MDkyNzAyNDAxNFowMzExMC8GA1UEAxMoQzlGQkNGN0IxRDgxQkZD N0UzRUY0MjRDQTI2NkNGMDdENzkxRjQ5MzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAPh6OM7U0hJX6R/FrVREl8IDpOC0aMEvgmO280slT9j1FOFry2rL q4kJvCh5C212RUyA/Nq7axn6umlvSPsG6h6uj+IpnYIPaczloQZ3bcEBdVT+hZVi g84mwXBlxWIJKBNKNsYYP4QwsnlCOqw+yM+AZlXmCOwvM7uB7e4a5UNL19GUq1ux JgPWAGiU/Vd14R/3Wbs0beNGU96GNd9IQG5fLq9C++9gcZlyMqwaTH7Vqr1qpo2f 84/uT000YOmT/PNPCa+joNq2v1ynCL94/1NnoOBOrW5oaUfa1ANv0EOU9xOtiwRw N/E4cE3V/6EkZq8QTDzzuWTax9uFG5Rg0OkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTJ+897HYG/x+PvQkyiZs8H15H0kzAfBgNVHSMEGDAWgBRG50APyX/Hogk+BUzw 30LLd1ZAIzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xODIz L1J1ZEFEOGxfeDZJSlBnVk04TjlDeTNkV1FDTS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvUnVkQUQ4bF94NklKUGdWTThOOUN5M2RXUUNNLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgyMy95ZnZQZXgyQnY4Zmo3 MEpNb21iUEI5ZVI5Sk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZzt7MA0GCSqGSIb3DQEBCwUAA4IBAQBdSczOAizGCAbK9JURQDv2StQCNt9E 5thjO+G8c3H9HKcN4EVjAzebEtCojkrD+ZXUPPcotX7Hr++VDHLfx3Q8nXRkt/JJ kkga9E9fD/yVRNlIrt3UPdEGRf0ZOPVlnB6v5R+nBRK/VpbE1EOmcBqWRw0VePJW hqYYTw8YZ1Eigf20akRqIIe8nLt2l4RyuioJ2uVxIh348Hg2DeljZEKc/eTeWHHi 1pFcemJc2lboTayUfWUFbpghcSg//OmBzP2aGlPXFgR+ZMgkm6viaLDEqGb7jliM iSKkXz2alDlaWMqKnxkNe2AjgPtbHwoeEQrUz1qJA8n7XBmssUb0H8HA -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org