$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/H4KORnDhY-VKxuYTHr3rYLKQWnQ.roa File: H4KORnDhY-VKxuYTHr3rYLKQWnQ.roa (raw, json) Hash identifier: oKzTY6oapz472bUTZ5uNwL98YiUS9I+uG+Bk+tLd+40= Subject key identifier: 1F:82:8E:46:70:E1:63:E5:4A:C6:E6:13:1E:BD:EB:60:B2:90:5A:74 Certificate issuer: /CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F Certificate serial: 01E9 Authority key identifier: 7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/H4KORnDhY-VKxuYTHr3rYLKQWnQ.roa Signing time: Sat 30 Mar 2024 12:44:03 +0000 ROA not before: Sat 30 Mar 2024 12:44:03 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 152092 IP address blocks: 103.97.56.0/24 maxlen: 24 103.97.57.0/24 maxlen: 24 103.97.58.0/24 maxlen: 24 103.97.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 09:20:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 489 (0x1e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F Validity Not Before: Mar 30 12:44:03 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=1F828E4670E163E54AC6E6131EBDEB60B2905A74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:42:e8:1e:2b:ec:db:07:4b:91:4a:51:5d:10: 12:3e:c8:9e:ab:34:5b:df:db:a5:30:b7:a0:00:ff: 91:06:32:67:ea:c1:e4:e5:b9:49:99:19:26:c8:7e: ef:cc:e1:f0:cd:b9:11:86:ec:97:5e:2b:31:84:c0: 25:67:0c:8e:88:8d:82:c6:51:48:85:4d:aa:29:e0: 84:62:79:cd:78:ab:04:28:2c:8b:12:85:c3:35:a0: c2:2e:04:d0:4a:9c:51:f2:f8:75:80:89:0c:d9:3f: ce:a5:fd:75:d8:a9:ed:bf:cf:bd:45:c5:bf:c6:5f: 2b:85:ae:c9:30:d0:e7:91:b4:23:d0:c1:31:8b:5d: ad:9a:de:64:ce:ee:8d:e9:85:17:a3:a6:7f:66:18: 6d:b5:0a:1b:3e:05:bb:42:18:95:20:6d:e2:01:dc: b8:60:f9:c1:cc:51:0e:a3:6e:5b:0d:d7:59:75:27: 39:1d:20:f3:ce:f8:d9:4c:51:e2:05:99:f7:00:e3: 4c:52:27:b2:9a:1d:83:25:df:f4:ec:a6:b9:53:42: ea:46:1b:d2:ac:cd:a0:ce:cf:26:09:61:6f:da:6f: 03:86:b7:b1:a3:02:b4:22:e0:28:aa:21:58:83:d4: f9:96:ad:81:d6:89:15:14:45:45:b1:8a:18:0b:93: 13:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:82:8E:46:70:E1:63:E5:4A:C6:E6:13:1E:BD:EB:60:B2:90:5A:74 X509v3 Authority Key Identifier: keyid:7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/H4KORnDhY-VKxuYTHr3rYLKQWnQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.97.56.0/22 Signature Algorithm: sha256WithRSAEncryption 9d:9d:ef:8c:1a:f3:1a:de:37:9f:dd:05:97:d7:6a:05:be:2a: 48:3c:0f:e1:23:59:e4:52:99:2e:ab:b0:69:88:0b:31:9e:b7: 97:b2:2c:4f:69:97:6f:42:1a:cf:12:1b:8c:85:5f:1a:50:df: aa:63:92:f9:67:19:a4:03:25:0d:95:fd:03:3b:34:8c:bd:3b: 33:0d:3d:a9:3f:25:29:70:8c:0d:b5:a0:c8:e8:e2:e9:c8:a7: c2:3c:3e:af:cc:3c:eb:0d:3e:e3:74:73:7b:5a:26:2d:e9:11: a7:e3:bf:bd:a0:61:6e:9e:d9:d2:45:0f:e9:1c:58:cb:8f:0e: 13:7c:43:49:67:c1:50:cd:62:56:e1:80:41:f1:e0:67:63:ff: 05:e1:b4:01:f6:d1:c4:92:23:6c:97:29:43:87:66:b1:48:6c: 75:19:07:9c:cc:85:68:71:87:5f:70:a4:2c:9b:0e:39:61:89: 63:c3:8a:1e:e8:d0:03:9e:06:48:13:8d:e6:31:af:88:2e:af: 01:41:97:4c:63:2d:66:3b:73:6f:4c:2d:60:5b:85:48:26:36: 1a:42:fc:83:1c:cc:5b:f8:82:5b:aa:4b:bb:df:15:b7:64:31: 55:ca:e8:a7:ab:b9:70:92:c5:b6:1c:cf:bd:67:c7:40:f1:80: c0:00:1c:df -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0I1 REM5NTU5OUJFNERFNDU0QTk5QzBDMjU3NTNEMUUwMEM3NDE0RjAeFw0yNDAzMzAx MjQ0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFGODI4RTQ2NzBFMTYz RTU0QUM2RTYxMzFFQkRFQjYwQjI5MDVBNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDfQugeK+zbB0uRSlFdEBI+yJ6rNFvf26Uwt6AA/5EGMmfqweTl uUmZGSbIfu/M4fDNuRGG7JdeKzGEwCVnDI6IjYLGUUiFTaop4IRiec14qwQoLIsS hcM1oMIuBNBKnFHy+HWAiQzZP86l/XXYqe2/z71Fxb/GXyuFrskw0OeRtCPQwTGL Xa2a3mTO7o3phRejpn9mGG21Chs+BbtCGJUgbeIB3Lhg+cHMUQ6jblsN11l1Jzkd IPPO+NlMUeIFmfcA40xSJ7KaHYMl3/TsprlTQupGG9KszaDOzyYJYW/abwOGt7Gj ArQi4CiqIViD1PmWrYHWiRUURUWxihgLkxN1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUH4KORnDhY+VKxuYTHr3rYLKQWnQwHwYDVR0jBBgwFoAUe13JVZm+TeRUqZwM JXU9HgDHQU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz Ny9lMTNKVlptLVRlUlVxWndNSlhVOUhnREhRVTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2UxM0pWWm0tVGVSVXFad01KWFU5SGdESFFVOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcvSDRLT1JuRGhZLVZL eHVZVEhyM3JZTEtRV25RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAnZ3vjBrzGt43n90Fl9dqBb4qSDwP 4SNZ5FKZLquwaYgLMZ63l7IsT2mXb0IazxIbjIVfGlDfqmOS+WcZpAMlDZX9Azs0 jL07Mw09qT8lKXCMDbWgyOji6cinwjw+r8w86w0+43Rze1omLekRp+O/vaBhbp7Z 0kUP6RxYy48OE3xDSWfBUM1iVuGAQfHgZ2P/BeG0AfbRxJIjbJcpQ4dmsUhsdRkH nMyFaHGHX3CkLJsOOWGJY8OKHujQA54GSBON5jGviC6vAUGXTGMtZjtzb0wtYFuF SCY2GkL8gxzMW/iCW6pLu98Vt2QxVcrop6u5cJLFthzPvWfHQPGAwAAc3w== -----END CERTIFICATE-----Generated at Fri Nov 22 05:50:41 2024 by rpki-client on console-fra.rpki-client.org