$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/ielmdqzudOhinh8eKxaKX8pOiFM.roa File: ielmdqzudOhinh8eKxaKX8pOiFM.roa (raw, json) Hash identifier: b1jFaNbCxCnTA5SNi3iulLcr/VBCv1DMCD/Oty6Pwms= Subject key identifier: 89:E9:66:76:AC:EE:74:E8:62:9E:1F:1E:2B:16:8A:5F:CA:4E:88:53 Certificate issuer: /CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F Certificate serial: 01EF Authority key identifier: 7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/ielmdqzudOhinh8eKxaKX8pOiFM.roa Signing time: Sun 31 Mar 2024 08:57:41 +0000 ROA not before: Sun 31 Mar 2024 08:57:41 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 137443 IP address blocks: 103.97.56.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 20:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 495 (0x1ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F Validity Not Before: Mar 31 08:57:41 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=89E96676ACEE74E8629E1F1E2B168A5FCA4E8853 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:c5:00:53:7f:70:e0:f5:5b:9b:93:c9:25:1c: f0:7a:07:17:ce:8a:71:0d:e2:c4:8a:77:a4:be:51: 5b:3a:33:61:e5:d6:d7:a0:5a:37:83:d9:52:92:fd: dd:37:2b:76:1c:58:16:29:2e:79:fc:2a:3b:04:22: 56:b9:a1:e1:17:2d:05:e3:77:93:63:4f:92:06:6d: 7d:e6:97:5a:6c:79:f2:1e:75:f0:e0:4c:44:d8:25: 6f:0d:e2:78:e6:08:9d:46:d6:09:78:39:65:5d:8b: 19:dc:71:be:ac:a1:75:e1:63:85:a2:ee:3d:19:8a: 71:c2:a8:33:2e:a4:29:10:89:f2:94:e3:05:f1:71: 98:f6:80:66:64:8f:69:28:10:ed:38:29:ed:0b:6e: f9:4e:7d:aa:06:2d:6b:9c:1b:f4:80:07:08:90:f3: 4d:52:4b:6d:24:1a:1d:8f:c6:21:d8:43:34:de:da: 87:2d:84:5a:75:8e:79:b7:45:6f:51:3d:24:b7:76: 17:8e:9b:de:5d:b1:18:e0:c1:1d:c7:e8:dd:57:fb: 79:1c:32:ea:c4:c4:0f:97:d1:1f:2e:69:e6:e4:82: c2:a7:87:10:b4:fe:f8:a1:65:2f:66:16:69:c4:75: fe:4f:06:30:03:a8:dc:c2:6a:8f:38:6e:bd:b5:75: e3:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E9:66:76:AC:EE:74:E8:62:9E:1F:1E:2B:16:8A:5F:CA:4E:88:53 X509v3 Authority Key Identifier: keyid:7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/ielmdqzudOhinh8eKxaKX8pOiFM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.97.56.0/22 Signature Algorithm: sha256WithRSAEncryption 55:13:93:b7:a5:4c:08:08:41:13:d4:9a:59:52:45:1f:67:3a: 17:f8:6d:ff:b1:9c:be:66:ff:dd:b7:ea:c9:74:4b:39:69:c6: 78:06:98:fd:0b:b2:7b:1d:58:1b:26:e8:d6:22:d3:65:21:81: b9:7b:81:05:85:8a:00:13:a5:a0:e2:8a:ba:91:84:dd:c9:39: 42:69:96:b1:a5:14:e5:57:bf:13:51:db:79:59:9a:90:32:ce: 94:d8:46:e8:1d:a3:e1:cf:09:5a:c9:46:9b:ce:ef:55:3f:59: bd:31:f2:b4:df:17:69:e6:fa:33:c6:c1:9a:bd:4b:07:41:d8: b7:b3:b2:f9:e4:e2:57:97:52:70:65:20:62:25:81:2e:ea:0c: 2c:1c:a8:26:fc:bd:5b:99:e1:78:3f:09:e8:03:d4:a1:85:36: f5:33:77:f8:0c:6b:8f:9d:7f:e4:ff:31:45:b1:1f:81:b2:3f: c2:65:51:1e:ba:a1:f8:8c:69:ac:c3:6c:ea:cb:c6:f2:0d:c3: ee:76:c0:4a:c6:34:58:0d:41:7c:1f:85:4b:9f:ae:db:86:7b: d4:02:ab:4b:ba:4e:c6:6f:3a:98:3b:cf:92:b3:db:ec:ad:06: 15:4a:b7:9d:e3:60:cc:34:fe:15:7e:ab:b7:f4:ae:d7:ba:c4: 8b:2c:91:09 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0I1 REM5NTU5OUJFNERFNDU0QTk5QzBDMjU3NTNEMUUwMEM3NDE0RjAeFw0yNDAzMzEw ODU3NDFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg5RTk2Njc2QUNFRTc0 RTg2MjlFMUYxRTJCMTY4QTVGQ0E0RTg4NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2xQBTf3Dg9Vubk8klHPB6BxfOinEN4sSKd6S+UVs6M2Hl1teg WjeD2VKS/d03K3YcWBYpLnn8KjsEIla5oeEXLQXjd5NjT5IGbX3ml1psefIedfDg TETYJW8N4njmCJ1G1gl4OWVdixnccb6soXXhY4Wi7j0ZinHCqDMupCkQifKU4wXx cZj2gGZkj2koEO04Ke0LbvlOfaoGLWucG/SABwiQ801SS20kGh2PxiHYQzTe2oct hFp1jnm3RW9RPSS3dheOm95dsRjgwR3H6N1X+3kcMurExA+X0R8uaebkgsKnhxC0 /vihZS9mFmnEdf5PBjADqNzCao84br21deNTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUielmdqzudOhinh8eKxaKX8pOiFMwHwYDVR0jBBgwFoAUe13JVZm+TeRUqZwM JXU9HgDHQU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz Ny9lMTNKVlptLVRlUlVxWndNSlhVOUhnREhRVTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2UxM0pWWm0tVGVSVXFad01KWFU5SGdESFFVOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcvaWVsbWRxenVkT2hp bmg4ZUt4YUtYOHBPaUZNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAVROTt6VMCAhBE9SaWVJFH2c6F/ht /7Gcvmb/3bfqyXRLOWnGeAaY/Quyex1YGybo1iLTZSGBuXuBBYWKABOloOKKupGE 3ck5QmmWsaUU5Ve/E1HbeVmakDLOlNhG6B2j4c8JWslGm87vVT9ZvTHytN8Xaeb6 M8bBmr1LB0HYt7Oy+eTiV5dScGUgYiWBLuoMLByoJvy9W5nheD8J6APUoYU29TN3 +Axrj51/5P8xRbEfgbI/wmVRHrqh+IxprMNs6svG8g3D7nbASsY0WA1BfB+FS5+u 24Z71AKrS7pOxm86mDvPkrPb7K0GFUq3neNgzDT+FX6rt/Su17rEiyyRCQ== -----END CERTIFICATE-----Generated at Thu May 2 18:05:16 2024 by rpki-client on console-fra.rpki-client.org