$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/rQeD5aIfwhPc1jkGp4Vn5TOqPjU.roa File: rQeD5aIfwhPc1jkGp4Vn5TOqPjU.roa (raw, json) Hash identifier: 2PgKkpj/RTIJ8bcARgVtnBEucbVN3UrPq7NddlP+ofM= Subject key identifier: AD:07:83:E5:A2:1F:C2:13:DC:D6:39:06:A7:85:67:E5:33:AA:3E:35 Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Certificate serial: 15D3 Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/rQeD5aIfwhPc1jkGp4Vn5TOqPjU.roa Signing time: Wed 13 Mar 2024 01:21:31 +0000 ROA not before: Wed 13 Mar 2024 01:21:31 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 131482 IP address blocks: 103.98.164.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:23:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5587 (0x15d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177 Validity Not Before: Mar 13 01:21:31 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=AD0783E5A21FC213DCD63906A78567E533AA3E35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:29:a1:e2:3a:4e:46:5c:01:b2:60:01:78:70: 6b:53:69:b9:fd:cc:b4:01:70:b4:c4:b5:89:85:55: 70:2b:af:26:9b:74:91:d2:42:e3:54:30:c2:c6:18: d9:89:12:31:dd:ee:1d:95:f8:76:32:8f:59:c5:95: 40:23:8f:9e:8e:5d:d3:fa:82:36:be:36:15:7e:e9: a9:c3:c1:be:e5:90:2e:af:1a:c7:f1:e0:27:6e:d9: e1:f6:9c:0d:78:8f:a9:b3:49:bd:4c:ec:de:ae:63: b8:75:7e:93:43:d1:ff:2b:d1:d0:75:8b:e9:55:4f: 9f:8c:ba:65:02:56:fe:41:8c:77:04:3d:ba:cd:cb: 3e:f2:6a:25:0c:7d:19:73:22:bf:02:2a:7d:54:50: 89:b9:d9:d2:00:1e:57:df:cb:be:bc:cf:ab:3e:49: d9:8e:a3:fa:a9:58:6b:6c:81:68:ac:02:63:38:41: f6:fa:e4:f3:1f:ac:0f:ef:11:7b:99:62:d9:e8:29: a1:30:b0:a0:f1:f4:f6:3e:8a:9d:af:65:5f:71:d8: f4:56:70:fb:1f:0b:9b:90:a5:69:a6:32:cc:40:95: 3c:fa:ff:fe:d3:4c:40:50:b3:7b:30:dc:27:71:3c: e7:35:8e:80:a3:1e:40:5f:c4:33:bd:31:1d:02:8e: 2b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:07:83:E5:A2:1F:C2:13:DC:D6:39:06:A7:85:67:E5:33:AA:3E:35 X509v3 Authority Key Identifier: keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/rQeD5aIfwhPc1jkGp4Vn5TOqPjU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.98.164.0/22 Signature Algorithm: sha256WithRSAEncryption 49:bd:76:4a:7f:b7:31:3e:fd:6b:44:50:06:f3:c5:b3:f4:a0: 6a:d8:f3:4f:59:20:c2:a2:e4:14:ed:b3:c5:e1:31:5f:71:ef: fa:a5:db:b5:88:cb:de:12:c0:21:8e:01:4d:ac:8c:1d:4d:68: 35:f8:b9:1c:f5:a9:21:73:6c:81:76:7e:c2:79:b3:d8:50:dc: 5b:ff:e5:f2:de:36:e7:cf:66:fe:c6:3e:42:d5:0b:f0:7e:15: 1d:f8:b0:6d:fe:5b:75:3a:e7:ab:ff:b0:81:48:56:dc:87:b1: 47:ba:34:2e:e8:b5:9c:8b:6b:a8:35:24:53:0c:c8:ee:6b:e8: 83:e4:8e:f4:63:b7:3c:76:25:dd:bd:e0:07:e1:df:10:d1:a7: bf:1b:11:1d:b7:41:a6:2f:d0:c2:8a:96:8a:f7:ae:57:7f:b6: 7c:0e:01:b4:83:b4:9e:74:8c:4f:fe:b1:eb:6e:1c:08:99:a4: 57:78:1f:44:6c:2c:28:41:e7:1c:56:ff:f5:42:0d:4e:d1:eb: 88:59:bc:7c:bd:a2:7c:27:f5:71:61:4b:0e:dd:5a:11:f9:9d: 22:d2:06:03:4f:58:45:ee:dd:9c:a1:36:b1:a8:2e:6a:04:9a: b0:90:b2:ad:1e:93:e1:55:70:5a:44:10:27:6e:71:dc:8b:c6: 90:20:bb:f5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNDAzMTMw MTIxMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFEMDc4M0U1QTIxRkMy MTNEQ0Q2MzkwNkE3ODU2N0U1MzNBQTNFMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGKaHiOk5GXAGyYAF4cGtTabn9zLQBcLTEtYmFVXArryabdJHS QuNUMMLGGNmJEjHd7h2V+HYyj1nFlUAjj56OXdP6gja+NhV+6anDwb7lkC6vGsfx 4Cdu2eH2nA14j6mzSb1M7N6uY7h1fpND0f8r0dB1i+lVT5+MumUCVv5BjHcEPbrN yz7yaiUMfRlzIr8CKn1UUIm52dIAHlffy768z6s+SdmOo/qpWGtsgWisAmM4Qfb6 5PMfrA/vEXuZYtnoKaEwsKDx9PY+ip2vZV9x2PRWcPsfC5uQpWmmMsxAlTz6//7T TEBQs3sw3CdxPOc1joCjHkBfxDO9MR0CjisLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUrQeD5aIfwhPc1jkGp4Vn5TOqPjUwHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2 NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvclFlRDVhSWZ3aFBj MWprR3A0Vm41VE9xUGpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdipDANBgkqhkiG9w0BAQsFAAOCAQEASb12Sn+3MT79a0RQBvPFs/Sgatjz T1kgwqLkFO2zxeExX3Hv+qXbtYjL3hLAIY4BTayMHU1oNfi5HPWpIXNsgXZ+wnmz 2FDcW//l8t42589m/sY+QtUL8H4VHfiwbf5bdTrnq/+wgUhW3IexR7o0Lui1nItr qDUkUwzI7mvog+SO9GO3PHYl3b3gB+HfENGnvxsRHbdBpi/QwoqWiveuV3+2fA4B tIO0nnSMT/6x624cCJmkV3gfRGwsKEHnHFb/9UINTtHriFm8fL2ifCf1cWFLDt1a EfmdItIGA09YRe7dnKE2saguagSasJCyrR6T4VVwWkQQJ25x3IvGkCC79Q== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org