$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2522/GAU6fTVLzPvhgGam3apyOlV2Qic.roa File: GAU6fTVLzPvhgGam3apyOlV2Qic.roa (raw, json) Hash identifier: TmNNjq+nUNESGyizR83srh9KU2Q2g+LfpZqAray8aBs= Subject key identifier: 18:05:3A:7D:35:4B:CC:FB:E1:80:66:A6:DD:AA:72:3A:55:76:42:27 Certificate issuer: /CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Certificate serial: 15E3 Authority key identifier: 40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/GAU6fTVLzPvhgGam3apyOlV2Qic.roa Signing time: Wed 13 Mar 2024 01:20:48 +0000 ROA not before: Wed 13 Mar 2024 01:20:48 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 131567 IP address blocks: 103.96.8.0/22 maxlen: 24 103.96.8.0/24 maxlen: 24 103.96.9.0/24 maxlen: 24 103.96.10.0/24 maxlen: 24 103.96.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5603 (0x15e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4087DAB67172836B082075CE18BE5E5FA45D5E95 Validity Not Before: Mar 13 01:20:48 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=18053A7D354BCCFBE18066A6DDAA723A55764227 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:ee:44:e2:23:f6:30:e4:da:68:6e:c8:0b:19: 1c:b9:a4:df:51:ca:b9:4f:1e:6b:2d:d2:55:09:d9: ba:48:2f:1a:ae:ad:31:41:60:b8:bc:81:6c:92:a7: bb:ad:71:c8:a5:ba:fa:9c:bb:25:3c:c9:89:c0:5f: f4:44:08:0e:f1:5e:9e:e8:e3:3f:2f:c1:2d:cb:c4: 56:ca:4f:f1:50:2f:01:1b:8f:bc:78:9c:eb:64:c3: 65:09:e6:fe:54:be:f6:ea:58:4b:f2:83:53:83:78: 6d:10:51:68:86:13:19:df:1a:95:1c:32:f6:ad:57: 98:0a:bb:fb:8c:fe:28:74:a5:ce:ac:36:15:26:90: 28:f5:41:5c:15:c1:b2:1f:77:68:cc:ee:36:c9:24: 5e:ab:df:24:52:69:5e:ee:f9:a8:f4:9a:59:b2:c0: 21:eb:1b:a5:87:a7:69:7d:13:70:73:07:86:32:d7: a8:dd:cc:02:e4:6e:fe:d9:35:64:83:ca:6f:24:f4: 4a:67:91:41:13:92:62:1e:ae:d2:99:49:60:99:f1: 24:94:fd:a8:1f:9b:86:a1:8c:80:24:1c:d4:d9:29: 15:a3:24:16:5b:92:f3:3f:bd:f0:c1:90:cd:65:bd: a9:33:21:c7:ea:78:69:68:1e:95:90:c1:d6:ef:59: 28:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:05:3A:7D:35:4B:CC:FB:E1:80:66:A6:DD:AA:72:3A:55:76:42:27 X509v3 Authority Key Identifier: keyid:40:87:DA:B6:71:72:83:6B:08:20:75:CE:18:BE:5E:5F:A4:5D:5E:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/QIfatnFyg2sIIHXOGL5eX6RdXpU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QIfatnFyg2sIIHXOGL5eX6RdXpU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2522/GAU6fTVLzPvhgGam3apyOlV2Qic.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.96.8.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:25:e2:20:ca:91:fc:d6:b8:b3:05:b7:4a:e5:16:77:da:b4: 92:2b:47:99:fd:5a:4a:3a:a1:25:58:83:2e:2a:30:79:89:14: 78:e7:e4:07:fe:55:ff:56:0a:45:c3:1b:d8:e0:70:b0:b8:4c: 14:e0:b7:99:87:44:88:b7:61:b2:c5:71:90:4e:91:e7:1a:5f: 21:ef:ee:41:94:4b:f5:dc:e2:28:51:f8:41:f6:9c:9e:bb:ea: e3:bf:96:51:0a:f1:ea:fa:a3:0d:b5:c2:86:99:32:68:12:4a: 39:4a:19:45:9d:4b:40:7a:88:67:0d:38:54:b7:c3:3a:8d:ac: fa:97:9e:d8:74:51:06:73:eb:aa:74:d2:5f:c7:a9:18:2c:47: f7:50:c6:35:4e:57:a0:23:21:a2:62:fa:a0:8b:82:2f:0d:bd: b8:6e:8e:76:02:0e:bc:83:84:b8:6f:cf:43:1a:6f:3d:d8:1e: 49:1c:5b:22:c0:c0:29:bb:27:80:53:21:a0:a1:e4:71:e0:e9: 73:72:09:9b:25:b6:c8:03:9d:c8:cb:9f:e6:62:47:0c:7e:0d: b7:b5:35:8d:79:7f:c9:e2:33:ee:f4:75:12:98:82:21:c9:3f: 06:0b:70:b7:51:82:ed:51:6e:cb:0e:a2:25:8f:52:05:4a:50: 0c:1c:4e:d8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA4 N0RBQjY3MTcyODM2QjA4MjA3NUNFMThCRTVFNUZBNDVENUU5NTAeFw0yNDAzMTMw MTIwNDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE4MDUzQTdEMzU0QkND RkJFMTgwNjZBNkREQUE3MjNBNTU3NjQyMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDO7kTiI/Yw5NpobsgLGRy5pN9RyrlPHmst0lUJ2bpILxqurTFB YLi8gWySp7utcciluvqcuyU8yYnAX/RECA7xXp7o4z8vwS3LxFbKT/FQLwEbj7x4 nOtkw2UJ5v5UvvbqWEvyg1ODeG0QUWiGExnfGpUcMvatV5gKu/uM/ih0pc6sNhUm kCj1QVwVwbIfd2jM7jbJJF6r3yRSaV7u+aj0mlmywCHrG6WHp2l9E3BzB4Yy16jd zALkbv7ZNWSDym8k9EpnkUETkmIertKZSWCZ8SSU/agfm4ahjIAkHNTZKRWjJBZb kvM/vfDBkM1lvakzIcfqeGloHpWQwdbvWSjBAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUGAU6fTVLzPvhgGam3apyOlV2QicwHwYDVR0jBBgwFoAUQIfatnFyg2sIIHXO GL5eX6RdXpUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUy Mi9RSWZhdG5GeWcyc0lJSFhPR0w1ZVg2UmRYcFUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1FJZmF0bkZ5ZzJzSUlIWE9HTDVlWDZSZFhwVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MjIvR0FVNmZUVkx6UHZo Z0dhbTNhcHlPbFYyUWljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdgCDANBgkqhkiG9w0BAQsFAAOCAQEAnyXiIMqR/Na4swW3SuUWd9q0kitH mf1aSjqhJViDLioweYkUeOfkB/5V/1YKRcMb2OBwsLhMFOC3mYdEiLdhssVxkE6R 5xpfIe/uQZRL9dziKFH4Qfacnrvq47+WUQrx6vqjDbXChpkyaBJKOUoZRZ1LQHqI Zw04VLfDOo2s+pee2HRRBnPrqnTSX8epGCxH91DGNU5XoCMhomL6oIuCLw29uG6O dgIOvIOEuG/PQxpvPdgeSRxbIsDAKbsngFMhoKHkceDpc3IJmyW2yAOdyMuf5mJH DH4Nt7U1jXl/yeIz7vR1EpiCIck/Bgtwt1GC7VFuyw6iJY9SBUpQDBxO2A== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org