$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1826/s6qZ59C9C3Rx1_dYYkL8Pba15QE.roa File: s6qZ59C9C3Rx1_dYYkL8Pba15QE.roa (raw, json) Hash identifier: Z5eUU4BhcKqS/6XZ5bO9vhYAIrozt8on0FwXTp8twqs= Subject key identifier: B3:AA:99:E7:D0:BD:0B:74:71:D7:F7:58:62:42:FC:3D:B6:B5:E5:01 Certificate issuer: /CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F Certificate serial: 1094 Authority key identifier: 75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/s6qZ59C9C3Rx1_dYYkL8Pba15QE.roa Signing time: Tue 24 Sep 2024 00:21:32 +0000 ROA not before: Tue 24 Sep 2024 00:21:32 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 152320 IP address blocks: 45.254.24.0/24 maxlen: 24 45.254.25.0/24 maxlen: 24 45.254.26.0/24 maxlen: 24 45.254.27.0/24 maxlen: 24 103.223.120.0/24 maxlen: 24 103.223.121.0/24 maxlen: 24 103.223.122.0/24 maxlen: 24 103.223.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4244 (0x1094) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75324D3B8F1D5EBA5770E661EE16AF24A750554F Validity Not Before: Sep 24 00:21:32 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=B3AA99E7D0BD0B7471D7F7586242FC3DB6B5E501 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:79:fa:56:30:86:7d:5a:e2:dd:0b:fa:83:bf: 13:4e:43:a3:a5:ec:6a:5c:b2:15:86:75:99:ee:94: 53:83:a0:c3:02:56:99:54:09:dd:d4:55:f1:7e:36: 3e:d3:c4:db:e3:cc:62:a9:37:9a:5c:a0:ae:fc:ac: 0d:47:f2:56:b5:d3:0b:ef:77:f7:e2:f4:35:bc:87: ab:03:9f:75:fc:5c:c0:b4:9e:a9:02:a8:ef:14:7b: de:c9:f0:95:f0:80:72:e6:69:e7:ae:65:0e:dd:32: d2:66:db:ce:8f:61:f8:f3:f7:a0:f5:8b:8e:45:9f: ea:ea:05:76:0f:61:51:f0:31:a8:c9:ab:7f:2e:cb: 0c:86:c5:a1:e9:ca:14:91:f0:be:be:0e:da:ba:3c: b3:2b:be:49:9a:64:aa:fe:83:b1:a9:84:f7:56:2f: 02:1d:e3:df:9a:41:e9:b3:4d:5a:eb:3a:45:54:f4: fc:50:f8:a5:f2:d7:28:97:01:93:6b:fd:f5:57:f4: f8:82:6b:7a:d5:8e:cb:10:ab:db:12:13:61:f8:40: 5b:75:56:b5:1f:35:48:42:c7:7b:67:8e:ea:40:ee: d5:ac:e4:74:74:ab:66:10:4a:9d:31:99:4c:9c:db: 52:18:05:68:bc:a0:cf:6b:78:34:fd:8e:23:e9:5f: cc:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:AA:99:E7:D0:BD:0B:74:71:D7:F7:58:62:42:FC:3D:B6:B5:E5:01 X509v3 Authority Key Identifier: keyid:75:32:4D:3B:8F:1D:5E:BA:57:70:E6:61:EE:16:AF:24:A7:50:55:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/dTJNO48dXrpXcOZh7havJKdQVU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dTJNO48dXrpXcOZh7havJKdQVU8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1826/s6qZ59C9C3Rx1_dYYkL8Pba15QE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.254.24.0/22 103.223.120.0/22 Signature Algorithm: sha256WithRSAEncryption 94:42:76:54:4f:3f:52:65:8f:7f:39:c4:31:90:16:d5:d2:b9: c3:cd:4e:84:9c:7b:a0:f9:e0:8a:1d:69:bb:01:82:44:03:1e: dc:33:59:ff:53:41:4e:03:3c:4d:64:a6:6f:60:2d:d1:36:2a: e8:7c:7a:31:b7:e7:f3:fe:97:37:aa:f4:51:92:fc:70:41:f5: 6f:cd:af:4d:54:1b:fb:20:75:db:e1:8a:2f:fd:85:5d:01:e0: 43:3b:ab:9c:e6:46:3e:bb:9c:af:b3:f4:0f:2d:2d:3a:b7:19: 39:76:92:44:94:48:71:63:b2:2e:44:85:fc:90:51:0a:db:34: 4a:45:60:39:2b:ed:be:60:dc:9d:c7:9e:89:0c:af:47:bd:bb: 11:53:9c:c5:89:98:f8:4b:42:31:4b:fb:9a:9d:ff:45:ca:cf: 55:e9:70:a9:f2:20:51:cb:94:14:df:87:73:91:56:10:4c:d1: 8e:1d:45:63:e0:58:14:a0:20:70:8c:8b:cf:c0:fa:d9:e5:ca: 62:85:51:75:02:f8:06:96:cc:9a:82:d5:81:9a:05:18:c6:65: 86:a5:0c:3f:25:60:19:ee:38:fa:c4:c1:6b:6b:66:45:16:f7: 9e:18:fb:16:12:e7:c3:06:96:c8:9a:6e:40:91:7f:94:27:42: 59:e1:d1:bb -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICEJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzUz MjREM0I4RjFENUVCQTU3NzBFNjYxRUUxNkFGMjRBNzUwNTU0RjAeFw0yNDA5MjQw MDIxMzJaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEIzQUE5OUU3RDBCRDBC NzQ3MUQ3Rjc1ODYyNDJGQzNEQjZCNUU1MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD3efpWMIZ9WuLdC/qDvxNOQ6Ol7GpcshWGdZnulFODoMMCVplU Cd3UVfF+Nj7TxNvjzGKpN5pcoK78rA1H8la10wvvd/fi9DW8h6sDn3X8XMC0nqkC qO8Ue97J8JXwgHLmaeeuZQ7dMtJm286PYfjz96D1i45Fn+rqBXYPYVHwMajJq38u ywyGxaHpyhSR8L6+Dtq6PLMrvkmaZKr+g7GphPdWLwId49+aQemzTVrrOkVU9PxQ +KXy1yiXAZNr/fVX9PiCa3rVjssQq9sSE2H4QFt1VrUfNUhCx3tnjupA7tWs5HR0 q2YQSp0xmUyc21IYBWi8oM9reDT9jiPpX8wDAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUs6qZ59C9C3Rx1/dYYkL8Pba15QEwHwYDVR0jBBgwFoAUdTJNO48dXrpXcOZh 7havJKdQVU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTgy Ni9kVEpOTzQ4ZFhycFhjT1poN2hhdkpLZFFWVTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2RUSk5PNDhkWHJwWGNPWmg3aGF2SktkUVZVOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE4MjYvczZxWjU5QzlDM1J4 MV9kWVlrTDhQYmExNVFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAi3+GAMEAmffeDANBgkqhkiG9w0BAQsFAAOCAQEAlEJ2VE8/UmWPfznEMZAW 1dK5w81OhJx7oPngih1puwGCRAMe3DNZ/1NBTgM8TWSmb2At0TYq6Hx6Mbfn8/6X N6r0UZL8cEH1b82vTVQb+yB12+GKL/2FXQHgQzurnOZGPrucr7P0Dy0tOrcZOXaS RJRIcWOyLkSF/JBRCts0SkVgOSvtvmDcnceeiQyvR727EVOcxYmY+EtCMUv7mp3/ RcrPVelwqfIgUcuUFN+Hc5FWEEzRjh1FY+BYFKAgcIyLz8D62eXKYoVRdQL4BpbM moLVgZoFGMZlhqUMPyVgGe44+sTBa2tmRRb3nhj7FhLnwwaWyJpuQJF/lCdCWeHR uw== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:23 2024 by rpki-client on console-fra.rpki-client.org