$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2072/G3xDWWPpNfwbVhG2hPtBkZuWnWk.roa File: G3xDWWPpNfwbVhG2hPtBkZuWnWk.roa (raw, json) Hash identifier: JiQWrUcvPDBupOa+6Fs+tn7Fm3I0M8iehNekCavGF80= Subject key identifier: 1B:7C:43:59:63:E9:35:FC:1B:56:11:B6:84:FB:41:91:9B:96:9D:69 Certificate issuer: /CN=BCF4017A6E2915F26147D419E5F7A7D164D04984 Certificate serial: 15D3 Authority key identifier: BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/G3xDWWPpNfwbVhG2hPtBkZuWnWk.roa Signing time: Wed 13 Mar 2024 01:21:17 +0000 ROA not before: Wed 13 Mar 2024 01:21:17 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 133199 IP address blocks: 103.67.173.0/24 maxlen: 24 103.67.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5587 (0x15d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=BCF4017A6E2915F26147D419E5F7A7D164D04984 Validity Not Before: Mar 13 01:21:17 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=1B7C435963E935FC1B5611B684FB41919B969D69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:5d:2c:81:57:b0:34:e6:80:b5:94:29:63:b4: da:a1:67:3f:73:17:1e:39:42:e8:a7:c3:81:f2:58: 84:05:1a:15:1f:af:cc:a0:e8:6e:08:87:8b:d4:bd: 7c:62:aa:9a:99:59:2b:ed:e2:43:cc:3a:b3:8c:c0: f7:8b:3e:af:10:3b:f5:0d:15:76:b6:c6:ca:f4:c2: 8c:07:11:5f:da:c0:7b:a3:16:14:fc:57:3a:a6:d1: aa:fb:81:bb:52:1c:20:d4:14:8f:e7:d3:9a:b9:49: a6:14:fa:a3:9e:f3:d9:57:89:de:d2:34:5f:1a:47: 10:9f:ef:8d:bb:e3:d8:23:a4:3b:ec:24:1a:9f:40: 99:04:ee:cf:f0:70:8c:3f:6d:85:7e:69:ea:e7:37: 51:c0:0d:a0:e7:ef:4c:0e:9c:67:43:d3:27:22:9d: 25:6f:8a:a3:0d:96:c2:4d:05:f0:26:45:73:71:47: d6:15:77:44:02:b5:df:08:20:b6:ba:8f:62:f9:61: 15:0f:e9:e3:ea:47:9e:e4:86:56:ba:a2:58:6c:5a: 57:fa:fd:c4:ba:d7:a4:44:30:bd:e7:ef:c1:b9:87: 08:e6:39:54:b2:b5:f0:f0:7d:35:56:71:b6:d1:64: 74:df:a5:81:73:36:bd:56:53:51:32:21:1f:45:50: ec:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:7C:43:59:63:E9:35:FC:1B:56:11:B6:84:FB:41:91:9B:96:9D:69 X509v3 Authority Key Identifier: keyid:BC:F4:01:7A:6E:29:15:F2:61:47:D4:19:E5:F7:A7:D1:64:D0:49:84 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/vPQBem4pFfJhR9QZ5fen0WTQSYQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vPQBem4pFfJhR9QZ5fen0WTQSYQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2072/G3xDWWPpNfwbVhG2hPtBkZuWnWk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.67.173.0-103.67.174.255 Signature Algorithm: sha256WithRSAEncryption a5:e1:20:0d:5e:7c:6c:72:fa:7e:cb:63:4c:51:21:08:aa:ba: 29:9e:9c:d2:1e:4b:4e:ac:ba:28:a2:86:75:b6:fc:0d:14:c9: 70:66:31:e2:b5:26:0b:2d:bd:bd:4a:ff:aa:e4:3b:0a:3d:78: 52:8e:80:59:bc:af:8a:2f:4e:11:62:fc:88:8f:e2:7a:f7:3c: 0d:0b:9b:ac:2d:74:c1:18:ef:af:d8:0e:f6:4b:9a:59:77:db: 05:1f:a5:ca:ef:46:b5:b4:c2:30:4f:7e:ba:6e:82:91:54:cb: ba:80:eb:1b:b9:95:0e:62:8a:57:60:ab:3b:14:c9:3a:c5:dd: de:00:49:ae:4d:9c:5a:2d:84:5f:4e:81:14:9f:12:08:f3:dd: 77:1f:ae:df:aa:d0:5d:0e:dc:ee:f1:e6:1c:f8:ef:20:28:b7: c2:42:27:b1:0f:d8:e4:3d:cf:57:da:b7:d9:d4:ce:c0:82:04: 30:32:5b:ae:8d:03:73:ad:b7:c1:e6:73:1d:d3:5d:40:45:71: d7:60:b4:68:37:61:41:34:00:58:00:a2:71:24:3d:bc:78:b7: 9f:b4:fd:65:13:a7:2c:5b:fa:25:1c:57:11:1c:8a:5c:5d:2f: b3:39:f9:e9:98:fe:97:55:73:09:8f:8e:05:cd:c7:42:5d:69: ba:3d:dd:3f -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgICFdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkNG NDAxN0E2RTI5MTVGMjYxNDdENDE5RTVGN0E3RDE2NEQwNDk4NDAeFw0yNDAzMTMw MTIxMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFCN0M0MzU5NjNFOTM1 RkMxQjU2MTFCNjg0RkI0MTkxOUI5NjlENjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBXSyBV7A05oC1lCljtNqhZz9zFx45Quinw4HyWIQFGhUfr8yg 6G4Ih4vUvXxiqpqZWSvt4kPMOrOMwPeLPq8QO/UNFXa2xsr0wowHEV/awHujFhT8 Vzqm0ar7gbtSHCDUFI/n05q5SaYU+qOe89lXid7SNF8aRxCf742749gjpDvsJBqf QJkE7s/wcIw/bYV+aernN1HADaDn70wOnGdD0ycinSVviqMNlsJNBfAmRXNxR9YV d0QCtd8IILa6j2L5YRUP6ePqR57khla6olhsWlf6/cS616REML3n78G5hwjmOVSy tfDwfTVWcbbRZHTfpYFzNr1WU1EyIR9FUOyTAgMBAAGjggH7MIIB9zAdBgNVHQ4E FgQUG3xDWWPpNfwbVhG2hPtBkZuWnWkwHwYDVR0jBBgwFoAUvPQBem4pFfJhR9QZ 5fen0WTQSYQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3 Mi92UFFCZW00cEZmSmhSOVFaNWZlbjBXVFFTWVEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3ZQUUJlbTRwRmZKaFI5UVo1ZmVuMFdUUVNZUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzIvRzN4RFdXUHBOZndi VmhHMmhQdEJrWnVXbldrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw DjAMAwQAZ0OtAwQAZ0OuMA0GCSqGSIb3DQEBCwUAA4IBAQCl4SANXnxscvp+y2NM USEIqropnpzSHktOrLooooZ1tvwNFMlwZjHitSYLLb29Sv+q5DsKPXhSjoBZvK+K L04RYvyIj+J69zwNC5usLXTBGO+v2A72S5pZd9sFH6XK70a1tMIwT366boKRVMu6 gOsbuZUOYopXYKs7FMk6xd3eAEmuTZxaLYRfToEUnxII8913H67fqtBdDtzu8eYc +O8gKLfCQiexD9jkPc9X2rfZ1M7AggQwMluujQNzrbfB5nMd011ARXHXYLRoN2FB NABYAKJxJD28eLeftP1lE6csW/olHFcRHIpcXS+zOfnpmP6XVXMJj44FzcdCXWm6 Pd0/ -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:09 2024 by rpki-client on console-ams.rpki-client.org