$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2075/JQh0YI1zlwjxJib2fxbt31XPM30.roa File: JQh0YI1zlwjxJib2fxbt31XPM30.roa (raw, json) Hash identifier: FhQhq4wFLmGrLGvzg9ibXbdanVTTSgBvjiIGrXPQfR8= Subject key identifier: 25:08:74:60:8D:73:97:08:F1:26:26:F6:7F:16:ED:DF:55:CF:33:7D Certificate issuer: /CN=E98A5958665F34A26A3DCAF94C63B33A07059A53 Certificate serial: 48F3 Authority key identifier: E9:8A:59:58:66:5F:34:A2:6A:3D:CA:F9:4C:63:B3:3A:07:05:9A:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/JQh0YI1zlwjxJib2fxbt31XPM30.roa Signing time: Sat 15 Jun 2024 19:55:55 +0000 ROA not before: Sat 15 Jun 2024 19:55:55 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 131482 IP address blocks: 103.72.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/6YpZWGZfNKJqPcr5TGOzOgcFmlM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/6YpZWGZfNKJqPcr5TGOzOgcFmlM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18675 (0x48f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E98A5958665F34A26A3DCAF94C63B33A07059A53 Validity Not Before: Jun 15 19:55:55 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=250874608D739708F12626F67F16EDDF55CF337D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:aa:c9:7c:05:8d:be:f0:78:c8:4b:a9:9f:1a: 7e:23:6d:46:0c:3e:6b:87:c0:f7:cf:e9:0b:6b:d1: 69:da:aa:cf:b2:57:bf:c2:6a:41:00:7a:da:68:08: 7e:9f:19:70:93:c1:d7:db:ba:b9:08:07:97:75:b6: 9b:58:86:3c:a3:0e:c6:b3:db:be:2f:e8:22:7c:28: 5c:ac:70:5e:37:b9:c8:49:24:8b:0a:c1:41:77:a5: 7f:b4:20:24:41:3f:2e:c0:d6:a3:e7:fc:8d:13:14: ae:b3:9f:8f:68:be:e8:97:18:44:51:b8:da:01:2c: 42:8e:66:1c:6e:0f:0c:23:9e:7d:36:5f:eb:86:1b: d9:9b:60:fb:f6:4a:51:7e:5a:3f:af:7b:a3:bc:70: bd:ef:1a:fc:93:ba:be:56:35:da:e4:a5:d3:4d:7d: 0a:53:87:31:77:08:f6:17:5d:ff:8a:fe:48:fa:47: 28:0a:8a:c5:d9:8c:40:a3:6c:5e:79:68:f1:c9:e7: db:cc:87:11:60:ee:aa:b8:2f:61:6d:a8:4b:d0:b0: 8d:5f:7d:e9:9f:8a:f8:8c:7c:5e:68:99:99:d5:2c: 81:ec:4d:08:af:89:bc:43:1b:7e:a6:66:67:55:8a: c1:9e:01:fd:4b:36:0e:7d:9d:af:b9:3f:5d:5e:85: b5:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:08:74:60:8D:73:97:08:F1:26:26:F6:7F:16:ED:DF:55:CF:33:7D X509v3 Authority Key Identifier: keyid:E9:8A:59:58:66:5F:34:A2:6A:3D:CA:F9:4C:63:B3:3A:07:05:9A:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/6YpZWGZfNKJqPcr5TGOzOgcFmlM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6YpZWGZfNKJqPcr5TGOzOgcFmlM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2075/JQh0YI1zlwjxJib2fxbt31XPM30.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.72.120.0/22 Signature Algorithm: sha256WithRSAEncryption ab:d9:1a:4a:c1:51:94:50:f5:e3:5b:3a:e8:6d:55:8b:a7:18: a3:5c:85:c2:f8:2d:68:0f:a8:8e:e9:cf:a0:08:ba:87:88:b0: c7:5c:db:3b:90:fa:b9:b8:f1:d5:97:4a:80:b9:8f:2c:e3:71: 29:6b:95:c8:eb:0f:1f:45:0c:d8:1e:c1:f1:79:c2:30:b1:10: a8:8b:c1:5f:59:0f:6b:d4:dc:a8:b8:8d:e8:b8:1d:ee:8f:c0: 36:34:3b:90:5a:73:ea:fd:47:49:e2:96:ad:d6:b5:bc:f9:47: c0:d6:05:75:c8:9f:32:0f:0b:01:45:17:20:b1:15:e1:3c:3e: 6f:e2:9b:dc:a0:c8:8a:51:b9:7c:4f:fd:52:23:38:fc:12:d7: 35:df:31:05:c3:61:b1:2d:cd:ad:fc:c3:f5:f2:ed:02:16:01: fd:a5:36:c3:05:3b:48:c6:24:14:6f:18:b3:0f:27:4e:d1:55: 78:75:2b:e6:a5:20:04:cf:0e:2b:29:1c:f6:c5:72:b8:5e:e1: b9:96:c3:4b:d5:d1:8a:6d:7a:7a:03:23:64:d1:57:87:2c:2b: 7b:d3:ce:13:8e:37:64:fc:5e:42:23:b9:aa:76:37:50:0d:15: e3:69:13:b2:2f:e2:3f:bc:06:95:ef:40:c8:78:af:b4:aa:4a: f4:71:c0:b4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICSPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTk4 QTU5NTg2NjVGMzRBMjZBM0RDQUY5NEM2M0IzM0EwNzA1OUE1MzAeFw0yNDA2MTUx OTU1NTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI1MDg3NDYwOEQ3Mzk3 MDhGMTI2MjZGNjdGMTZFRERGNTVDRjMzN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+qsl8BY2+8HjIS6mfGn4jbUYMPmuHwPfP6Qtr0Wnaqs+yV7/C akEAetpoCH6fGXCTwdfburkIB5d1tptYhjyjDsaz274v6CJ8KFyscF43uchJJIsK wUF3pX+0ICRBPy7A1qPn/I0TFK6zn49ovuiXGERRuNoBLEKOZhxuDwwjnn02X+uG G9mbYPv2SlF+Wj+ve6O8cL3vGvyTur5WNdrkpdNNfQpThzF3CPYXXf+K/kj6RygK isXZjECjbF55aPHJ59vMhxFg7qq4L2FtqEvQsI1ffemfiviMfF5omZnVLIHsTQiv ibxDG36mZmdVisGeAf1LNg59na+5P11ehbUpAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUJQh0YI1zlwjxJib2fxbt31XPM30wHwYDVR0jBBgwFoAU6YpZWGZfNKJqPcr5 TGOzOgcFmlMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjA3 NS82WXBaV0daZk5LSnFQY3I1VEdPek9nY0ZtbE0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzZZcFpXR1pmTktKcVBjcjVUR096T2djRm1sTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIwNzUvSlFoMFlJMXpsd2p4 SmliMmZ4YnQzMVhQTTMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdIeDANBgkqhkiG9w0BAQsFAAOCAQEAq9kaSsFRlFD141s66G1Vi6cYo1yF wvgtaA+ojunPoAi6h4iwx1zbO5D6ubjx1ZdKgLmPLONxKWuVyOsPH0UM2B7B8XnC MLEQqIvBX1kPa9TcqLiN6Lgd7o/ANjQ7kFpz6v1HSeKWrda1vPlHwNYFdcifMg8L AUUXILEV4Tw+b+Kb3KDIilG5fE/9UiM4/BLXNd8xBcNhsS3NrfzD9fLtAhYB/aU2 wwU7SMYkFG8Ysw8nTtFVeHUr5qUgBM8OKykc9sVyuF7huZbDS9XRim16egMjZNFX hywre9POE443ZPxeQiO5qnY3UA0V42kTsi/iP7wGle9AyHivtKpK9HHAtA== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:39 2024 by rpki-client on console-fra.rpki-client.org