$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/hmTjJUvNw3wuGg-pbNwpvSBYH7c.roa File: hmTjJUvNw3wuGg-pbNwpvSBYH7c.roa (raw, json) Hash identifier: hoQs8vHBviCE3iS1lwqR/DfzUoqvkUs0AIZDuYoSld8= Subject key identifier: 86:64:E3:25:4B:CD:C3:7C:2E:1A:0F:A9:6C:DC:29:BD:20:58:1F:B7 Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Certificate serial: 15D5 Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/hmTjJUvNw3wuGg-pbNwpvSBYH7c.roa Signing time: Wed 13 Mar 2024 01:21:32 +0000 ROA not before: Wed 13 Mar 2024 01:21:32 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 131530 IP address blocks: 103.98.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:23:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5589 (0x15d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Validity Not Before: Mar 13 01:21:32 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=8664E3254BCDC37C2E1A0FA96CDC29BD20581FB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a7:46:c0:41:88:54:72:de:a8:d1:f6:3f:a1: 01:bc:d2:89:5b:13:78:c2:15:59:9b:e4:19:76:ad: b4:c9:3e:e1:1b:c3:39:1e:98:c0:cb:ca:eb:c9:6b: 47:6e:2b:19:3d:b5:34:a0:12:1a:13:72:5f:70:18: a1:46:cd:d0:45:4c:58:8f:1a:d2:9b:77:29:70:09: 31:e5:94:18:9a:b5:50:8d:1b:49:fb:03:20:9c:2e: 5e:72:fd:f8:95:28:07:c4:2b:20:4d:73:78:42:77: eb:d4:7e:2e:e0:dc:f6:94:fc:a2:24:8e:a1:76:e1: 51:ce:e6:70:f1:7f:0f:ab:88:f3:5a:8f:99:11:60: 79:ff:e6:14:2e:b1:33:ef:9b:70:a3:10:15:f0:26: 27:e0:4a:fc:8b:11:91:dc:d9:a8:65:b1:32:40:2f: 38:b9:e6:34:70:14:42:18:ba:4d:6e:c6:45:5d:ee: 4d:ca:11:f4:7c:6c:4d:b4:f7:02:9f:8d:42:31:65: de:8a:6f:dd:3d:f4:76:8e:83:5d:e1:7d:3f:dd:8b: 90:10:63:cb:af:a1:5b:fc:db:03:70:08:88:6d:d9: 98:33:a5:a3:36:49:74:70:8a:22:25:bd:06:e3:8c: 90:7e:84:62:a5:7b:a6:c1:d1:a2:a9:48:7a:54:15: 9d:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:64:E3:25:4B:CD:C3:7C:2E:1A:0F:A9:6C:DC:29:BD:20:58:1F:B7 X509v3 Authority Key Identifier: keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/hmTjJUvNw3wuGg-pbNwpvSBYH7c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.164.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:ea:82:a3:4e:f3:0f:2f:f0:8f:c4:31:12:da:31:61:af:d5: 0b:01:f1:da:b5:21:78:b6:e3:58:e1:80:57:b3:b1:4c:e0:9f: 81:72:0e:de:3e:9f:0e:37:6b:64:75:16:3d:36:b4:fe:ef:40: 49:35:48:39:35:a9:73:62:64:07:3a:d6:51:54:b6:10:36:e7: 8f:70:ee:ad:ea:8d:69:91:8b:64:af:9f:e8:dd:6d:d3:4d:6e: 58:31:84:80:36:d3:5d:cd:ba:59:64:96:0b:29:47:98:3f:65: 1a:dc:de:a2:a1:44:41:12:a6:3f:68:92:e3:c9:37:47:ea:55: 1f:71:ef:2e:2a:3c:c1:2b:fe:84:b6:d3:9f:40:5c:98:cb:9b: a3:72:4e:13:79:39:3d:c6:86:5c:51:eb:9a:79:2d:55:82:89: ba:91:6b:58:2e:86:0c:b2:95:53:bb:a4:49:0c:51:cc:33:5d: fc:71:71:b5:7f:b6:bb:8b:a4:fe:09:98:4e:ce:fd:49:7f:ac: 8f:2e:87:9b:d6:ca:72:92:51:0b:1f:fe:92:c3:04:cf:0c:c5: ad:fb:9e:b2:9c:ae:6d:aa:6a:d0:3f:2d:17:fe:90:c8:4b:86: 98:be:24:f3:77:86:bb:1c:f7:ed:79:d0:fc:98:69:60:75:40: 24:84:35:d6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNDAzMTMw MTIxMzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2NjRFMzI1NEJDREMz N0MyRTFBMEZBOTZDREMyOUJEMjA1ODFGQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDXp0bAQYhUct6o0fY/oQG80olbE3jCFVmb5Bl2rbTJPuEbwzke mMDLyuvJa0duKxk9tTSgEhoTcl9wGKFGzdBFTFiPGtKbdylwCTHllBiatVCNG0n7 AyCcLl5y/fiVKAfEKyBNc3hCd+vUfi7g3PaU/KIkjqF24VHO5nDxfw+riPNaj5kR YHn/5hQusTPvm3CjEBXwJifgSvyLEZHc2ahlsTJALzi55jRwFEIYuk1uxkVd7k3K EfR8bE209wKfjUIxZd6Kb9099HaOg13hfT/di5AQY8uvoVv82wNwCIht2ZgzpaM2 SXRwiiIlvQbjjJB+hGKle6bB0aKpSHpUFZ3zAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUhmTjJUvNw3wuGg+pbNwpvSBYH7cwHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2 NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvaG1UakpVdk53M3d1 R2ctcGJOd3B2U0JZSDdjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdipDANBgkqhkiG9w0BAQsFAAOCAQEAD+qCo07zDy/wj8QxEtoxYa/VCwHx 2rUheLbjWOGAV7OxTOCfgXIO3j6fDjdrZHUWPTa0/u9ASTVIOTWpc2JkBzrWUVS2 EDbnj3DureqNaZGLZK+f6N1t001uWDGEgDbTXc26WWSWCylHmD9lGtzeoqFEQRKm P2iS48k3R+pVH3HvLio8wSv+hLbTn0BcmMubo3JOE3k5PcaGXFHrmnktVYKJupFr WC6GDLKVU7ukSQxRzDNd/HFxtX+2u4uk/gmYTs79SX+sjy6Hm9bKcpJRCx/+ksME zwzFrfuespyubapq0D8tF/6QyEuGmL4k83eGuxz37XnQ/JhpYHVAJIQ11g== -----END CERTIFICATE-----Generated at Fri Nov 22 19:50:24 2024 by rpki-client on console-fra.rpki-client.org