$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2048/W4Idow3crSPetth7hod2gZSZIAE.roa File: W4Idow3crSPetth7hod2gZSZIAE.roa (raw, json) Hash identifier: 9g4JXRrzAY2PYgT52UhsnSeQvIPvbGWF/FOEc9mfY34= Subject key identifier: 5B:82:1D:A3:0D:DC:AD:23:DE:B6:D8:7B:86:87:76:81:94:99:20:01 Certificate issuer: /CN=4E25934FE8D89959425D1018EB121981DA250985 Certificate serial: FD Authority key identifier: 4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/W4Idow3crSPetth7hod2gZSZIAE.roa Signing time: Wed 17 Apr 2024 02:40:12 +0000 ROA not before: Wed 17 Apr 2024 02:40:12 +0000 ROA not after: Sun 02 Mar 2025 02:27:12 +0000 asID: 151296 IP address blocks: 103.9.24.0/22 maxlen: 24 103.9.108.0/22 maxlen: 24 103.71.68.0/22 maxlen: 24 180.210.212.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 253 (0xfd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4E25934FE8D89959425D1018EB121981DA250985 Validity Not Before: Apr 17 02:40:12 2024 GMT Not After : Mar 2 02:27:12 2025 GMT Subject: CN=5B821DA30DDCAD23DEB6D87B8687768194992001 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:21:13:5a:cf:36:35:84:68:01:0d:46:ac:fd: ff:ac:57:56:32:01:79:0c:d1:02:cc:5d:d6:25:a1: 52:1a:40:81:ba:2d:e6:bb:58:81:36:8b:90:e0:20: af:98:d6:e8:17:b9:ff:5a:91:11:b8:f2:6b:4e:e5: 2e:b0:6a:c3:50:a8:1f:aa:5c:28:69:cd:19:e2:72: 85:a4:51:ad:13:99:1d:0b:89:d7:cb:5a:df:ab:a2: 2e:6a:cb:11:a1:48:99:1e:26:a5:06:53:f9:af:38: bc:ea:d0:a6:fb:6a:9a:28:c9:70:92:20:88:34:1e: 77:ec:8a:17:3c:ba:5d:f9:27:2d:2d:41:0a:bd:c0: b9:df:d1:52:4a:1d:65:83:0b:4f:02:5b:ef:b3:c3: db:2a:83:b8:b9:ba:6b:32:83:6c:e3:77:66:a1:f9: 4a:05:c7:4a:a2:2a:3f:b2:c9:67:52:4b:58:c5:1f: 26:45:bf:b2:86:69:00:42:c8:29:92:51:6c:ef:88: a1:63:4c:1b:f4:b3:1f:0d:2e:2c:06:0e:d8:ca:a1: 8f:03:98:d5:ce:68:c0:02:21:0b:19:01:b7:fc:4d: 2d:9c:d4:24:f6:a4:55:8d:72:e2:0e:6c:11:ad:1d: fa:fb:77:6e:4f:da:4c:1c:c0:1e:f7:45:75:d9:9c: 03:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:82:1D:A3:0D:DC:AD:23:DE:B6:D8:7B:86:87:76:81:94:99:20:01 X509v3 Authority Key Identifier: keyid:4E:25:93:4F:E8:D8:99:59:42:5D:10:18:EB:12:19:81:DA:25:09:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/TiWTT-jYmVlCXRAY6xIZgdolCYU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TiWTT-jYmVlCXRAY6xIZgdolCYU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2048/W4Idow3crSPetth7hod2gZSZIAE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.9.24.0/22 103.9.108.0/22 103.71.68.0/22 180.210.212.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:3a:e9:e6:7d:b3:04:86:d8:8f:1d:05:13:3c:82:67:61:52: 07:d1:1d:a1:90:b9:47:01:d1:ec:bb:7c:9b:7e:d0:d8:d7:b0: 31:96:0b:af:40:09:84:59:cb:0b:be:19:d6:2f:87:51:b6:5c: 94:8c:f6:80:d6:de:60:e6:2b:cc:73:97:8d:b6:8c:8e:00:29: 45:f8:38:28:01:4f:7d:ff:e5:7c:42:d0:90:19:04:7f:02:13: a6:82:91:7e:c7:f4:6e:a6:9c:30:37:93:76:1b:a4:69:50:f5: f4:49:ee:58:fe:04:3a:94:16:5d:47:d1:e1:a8:02:3f:2d:74: 20:42:67:38:89:fd:2e:3a:87:9f:01:9d:ea:f4:4b:a7:fc:93: 5b:7d:64:33:09:ff:a2:a9:54:14:e4:0e:a5:fa:66:46:a6:99: ba:4c:23:2a:08:b5:a7:8b:a2:ec:21:65:85:e0:79:de:8d:e2: f3:79:92:ef:1c:00:42:99:25:a9:4c:f3:72:a8:ee:89:dc:2d: 69:d1:b9:fa:15:e8:59:7a:16:27:fe:b4:8f:d2:f1:cf:67:f4: 18:62:8a:83:d0:0b:8d:8e:b8:97:2a:f8:c5:1f:4b:9b:a4:69: 17:20:ef:e0:c7:8f:7c:17:eb:9e:70:36:54:29:1f:87:ca:b8: 7b:16:e4:f6 -----BEGIN CERTIFICATE----- MIIE6TCCA9GgAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEUy NTkzNEZFOEQ4OTk1OTQyNUQxMDE4RUIxMjE5ODFEQTI1MDk4NTAeFw0yNDA0MTcw MjQwMTJaFw0yNTAzMDIwMjI3MTJaMDMxMTAvBgNVBAMTKDVCODIxREEzMEREQ0FE MjNERUI2RDg3Qjg2ODc3NjgxOTQ5OTIwMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6IRNazzY1hGgBDUas/f+sV1YyAXkM0QLMXdYloVIaQIG6Lea7 WIE2i5DgIK+Y1ugXuf9akRG48mtO5S6wasNQqB+qXChpzRnicoWkUa0TmR0LidfL Wt+roi5qyxGhSJkeJqUGU/mvOLzq0Kb7apooyXCSIIg0Hnfsihc8ul35Jy0tQQq9 wLnf0VJKHWWDC08CW++zw9sqg7i5umsyg2zjd2ah+UoFx0qiKj+yyWdSS1jFHyZF v7KGaQBCyCmSUWzviKFjTBv0sx8NLiwGDtjKoY8DmNXOaMACIQsZAbf8TS2c1CT2 pFWNcuIObBGtHfr7d25P2kwcwB73RXXZnAMtAgMBAAGjggIFMIICATAdBgNVHQ4E FgQUW4Idow3crSPetth7hod2gZSZIAEwHwYDVR0jBBgwFoAUTiWTT+jYmVlCXRAY 6xIZgdolCYUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA0 OC9UaVdUVC1qWW1WbENYUkFZNnhJWmdkb2xDWVUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RpV1RULWpZbVZsQ1hSQVk2eElaZ2RvbENZVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNDgvVzRJZG93M2NyU1Bl dHRoN2hvZDJnWlNaSUFFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEw GAMEAmcJGAMEAmcJbAMEAmdHRAMEArTS1DANBgkqhkiG9w0BAQsFAAOCAQEAnzrp 5n2zBIbYjx0FEzyCZ2FSB9EdoZC5RwHR7Lt8m37Q2NewMZYLr0AJhFnLC74Z1i+H UbZclIz2gNbeYOYrzHOXjbaMjgApRfg4KAFPff/lfELQkBkEfwITpoKRfsf0bqac MDeTdhukaVD19EnuWP4EOpQWXUfR4agCPy10IEJnOIn9LjqHnwGd6vRLp/yTW31k Mwn/oqlUFOQOpfpmRqaZukwjKgi1p4ui7CFlheB53o3i83mS7xwAQpklqUzzcqju idwtadG5+hXoWXoWJ/60j9Lxz2f0GGKKg9ALjY64lyr4xR9Lm6RpFyDv4MePfBfr nnA2VCkfh8q4exbk9g== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org