$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2537/rtLqb4gLaNofoaISUeU9kHQWtDU.roa File: rtLqb4gLaNofoaISUeU9kHQWtDU.roa (raw, json) Hash identifier: UjglH3914lXJyAJG/QXGAiW0Ird7Y8FuX01hcUXXay0= Subject key identifier: AE:D2:EA:6F:88:0B:68:DA:1F:A1:A2:12:51:E5:3D:90:74:16:B4:35 Certificate issuer: /CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F Certificate serial: 01E8 Authority key identifier: 7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/rtLqb4gLaNofoaISUeU9kHQWtDU.roa Signing time: Sat 30 Mar 2024 12:44:03 +0000 ROA not before: Sat 30 Mar 2024 12:44:03 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 152092 IP address blocks: 103.97.56.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Sep 2024 23:48:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 488 (0x1e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7B5DC95599BE4DE454A99C0C25753D1E00C7414F Validity Not Before: Mar 30 12:44:03 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=AED2EA6F880B68DA1FA1A21251E53D907416B435 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:a6:55:0a:91:d0:df:1e:d4:64:4e:fa:d9:e2: 0f:8c:f7:32:80:46:f9:dd:59:8d:5a:6b:8c:7e:86: 32:8a:5c:1a:9b:75:f2:70:68:26:ab:98:a2:de:73: 4f:6b:0c:18:3e:3d:83:ea:b5:3f:22:2d:1d:2c:7d: ad:64:03:aa:07:45:6e:42:d4:4a:5c:03:03:54:8e: 2b:13:e0:91:40:8b:53:95:33:36:6c:c5:bb:31:22: 7d:68:ed:ab:a7:e9:b5:29:30:2f:ba:36:be:8d:9b: 72:ee:60:58:a7:45:63:c0:fd:93:7f:31:d9:ea:01: 66:65:a0:a2:c8:cf:76:44:d4:c8:f8:e3:fa:7c:9f: b1:00:43:5b:32:92:d3:ab:c5:d2:cb:d3:fa:b5:4f: 18:da:be:40:c7:3e:d8:54:12:5d:c0:a1:2f:b2:ca: f2:68:77:1b:df:6b:2d:f9:ae:c9:1b:ab:99:af:90: 03:14:ea:b0:9f:5f:cc:a0:87:5d:89:8b:df:8b:64: 37:bb:d6:6c:03:55:04:20:47:7c:1d:2e:7a:79:a3: 36:03:dc:07:06:ac:06:6b:36:4d:6b:e2:82:21:26: 3f:3f:79:4c:2b:38:d4:0b:6c:4e:90:98:05:d2:c5: 78:a3:a6:d7:93:a3:a8:8b:06:6e:78:4f:95:57:ec: b2:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:D2:EA:6F:88:0B:68:DA:1F:A1:A2:12:51:E5:3D:90:74:16:B4:35 X509v3 Authority Key Identifier: keyid:7B:5D:C9:55:99:BE:4D:E4:54:A9:9C:0C:25:75:3D:1E:00:C7:41:4F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/e13JVZm-TeRUqZwMJXU9HgDHQU8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/e13JVZm-TeRUqZwMJXU9HgDHQU8.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2537/rtLqb4gLaNofoaISUeU9kHQWtDU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.97.56.0/22 Signature Algorithm: sha256WithRSAEncryption 5f:41:ac:13:58:5b:7e:24:89:53:7f:8f:d8:ac:a2:3c:93:4f: 6c:77:c7:a4:37:6e:5b:b0:c1:6e:84:f0:1d:68:a4:35:87:cc: 2d:47:8c:e3:6f:d1:b6:c1:16:d0:48:cd:03:06:8a:cd:93:fe: a1:40:e7:c5:25:4f:10:c5:7a:f8:73:3c:ba:29:13:06:b1:66: 8a:66:e1:48:70:72:78:97:4b:f8:17:90:be:b5:49:96:cd:63: c3:a4:7c:f3:c3:f3:01:f8:ba:bc:9a:13:df:1a:2d:75:11:a9: 40:25:f5:e6:e4:1d:b1:4f:88:62:f8:0e:36:d4:6d:ae:68:7e: 8d:dd:9c:a7:b9:32:5f:e5:88:88:50:69:5f:94:f6:33:3c:28: 4a:64:ac:95:ca:ea:ce:01:8f:6a:b1:01:c4:d7:08:5d:17:e8: 88:34:cb:38:4c:92:27:5c:be:94:d9:9f:92:82:55:e0:32:04: 9f:15:93:99:24:e4:82:04:bd:99:3e:fc:9c:5c:27:c8:14:e5: 6e:04:5f:11:b6:ae:66:78:47:c8:5a:b2:b5:bc:aa:0b:39:6f: e7:16:de:85:f0:40:54:17:0e:06:f1:f2:cf:fb:af:1e:ab:4d: 48:bb:4a:eb:d2:ea:98:01:70:32:b0:7f:8a:b0:2f:ea:cf:25: 09:dd:08:51 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICAegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0I1 REM5NTU5OUJFNERFNDU0QTk5QzBDMjU3NTNEMUUwMEM3NDE0RjAeFw0yNDAzMzAx MjQ0MDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFFRDJFQTZGODgwQjY4 REExRkExQTIxMjUxRTUzRDkwNzQxNkI0MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDeplUKkdDfHtRkTvrZ4g+M9zKARvndWY1aa4x+hjKKXBqbdfJw aCarmKLec09rDBg+PYPqtT8iLR0sfa1kA6oHRW5C1EpcAwNUjisT4JFAi1OVMzZs xbsxIn1o7aun6bUpMC+6Nr6Nm3LuYFinRWPA/ZN/MdnqAWZloKLIz3ZE1Mj44/p8 n7EAQ1syktOrxdLL0/q1TxjavkDHPthUEl3AoS+yyvJodxvfay35rskbq5mvkAMU 6rCfX8ygh12Ji9+LZDe71mwDVQQgR3wdLnp5ozYD3AcGrAZrNk1r4oIhJj8/eUwr ONQLbE6QmAXSxXijpteTo6iLBm54T5VX7LILAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUrtLqb4gLaNofoaISUeU9kHQWtDUwHwYDVR0jBBgwFoAUe13JVZm+TeRUqZwM JXU9HgDHQU8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUz Ny9lMTNKVlptLVRlUlVxWndNSlhVOUhnREhRVTguY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2UxM0pWWm0tVGVSVXFad01KWFU5SGdESFFVOC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MzcvcnRMcWI0Z0xhTm9m b2FJU1VlVTlrSFFXdERVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdhODANBgkqhkiG9w0BAQsFAAOCAQEAX0GsE1hbfiSJU3+P2KyiPJNPbHfH pDduW7DBboTwHWikNYfMLUeM42/RtsEW0EjNAwaKzZP+oUDnxSVPEMV6+HM8uikT BrFmimbhSHByeJdL+BeQvrVJls1jw6R888PzAfi6vJoT3xotdRGpQCX15uQdsU+I YvgONtRtrmh+jd2cp7kyX+WIiFBpX5T2MzwoSmSslcrqzgGParEBxNcIXRfoiDTL OEySJ1y+lNmfkoJV4DIEnxWTmSTkggS9mT78nFwnyBTlbgRfEbauZnhHyFqytbyq Czlv5xbehfBAVBcOBvHyz/uvHqtNSLtK69LqmAFwMrB/irAv6s8lCd0IUQ== -----END CERTIFICATE-----Generated at Sat Sep 28 20:52:57 2024 by rpki-client on console-fra.rpki-client.org