$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2639/3iLU6mOeHfqFncqKop_aHhNlRds.roa File: 3iLU6mOeHfqFncqKop_aHhNlRds.roa (raw, json) Hash identifier: XwByMLR/iICWU3nxPJV8IELGZgDPmb3eWDiAl0p9VsU= Subject key identifier: DE:22:D4:EA:63:9E:1D:FA:85:9D:CA:8A:A2:9F:DA:1E:13:65:45:DB Certificate issuer: /CN=D1EA9A8B512505907299DA38CEA5BCCE610987CB Certificate serial: 19CB Authority key identifier: D1:EA:9A:8B:51:25:05:90:72:99:DA:38:CE:A5:BC:CE:61:09:87:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0eqai1ElBZBymdo4zqW8zmEJh8s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2639/3iLU6mOeHfqFncqKop_aHhNlRds.roa Signing time: Wed 13 Mar 2024 01:22:10 +0000 ROA not before: Wed 13 Mar 2024 01:22:10 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24424 IP address blocks: 103.104.152.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2639/0eqai1ElBZBymdo4zqW8zmEJh8s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2639/0eqai1ElBZBymdo4zqW8zmEJh8s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0eqai1ElBZBymdo4zqW8zmEJh8s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6603 (0x19cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D1EA9A8B512505907299DA38CEA5BCCE610987CB Validity Not Before: Mar 13 01:22:10 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DE22D4EA639E1DFA859DCA8AA29FDA1E136545DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c2:47:08:ef:57:43:10:13:42:40:1b:13:76: e0:33:48:cf:24:65:b9:ee:b8:eb:06:aa:6c:49:2a: 6c:8f:9d:64:04:6f:d2:c6:5a:28:cd:b5:51:ec:f1: 6d:7d:a8:f0:06:da:30:8d:9a:2e:f6:f4:5f:86:33: 9e:14:5f:6a:65:a7:97:e1:c1:cf:a4:84:d0:fe:1a: 19:fa:c3:87:ad:63:ec:19:d7:b1:fd:e0:52:db:33: bf:23:9b:7a:eb:f1:46:0a:5b:db:ce:83:57:73:72: 58:4a:9d:9e:cf:b2:04:02:97:01:00:60:01:16:86: 4a:0f:e9:a4:e4:72:46:f1:33:91:0a:e1:9f:79:f9: cc:d3:c0:e3:2d:0c:20:dd:f2:21:84:72:41:04:54: 7b:07:37:a6:b4:9b:f8:f6:02:4e:f6:50:ee:9d:67: 6d:d2:56:d1:95:c1:96:5e:b8:4c:de:d6:64:9e:09: df:a4:e3:bf:bb:5b:72:ed:ae:a8:3e:82:01:42:0c: 64:4e:50:75:60:ed:f3:ad:c5:67:16:b8:a5:bb:a5: 9a:36:71:99:87:bf:66:f7:4f:38:38:8a:4e:47:9d: d5:00:d2:a0:86:47:09:aa:8c:bc:12:c3:c2:9a:8d: a2:47:c9:01:5d:0b:f9:03:50:a0:97:ff:0b:ac:be: d5:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:22:D4:EA:63:9E:1D:FA:85:9D:CA:8A:A2:9F:DA:1E:13:65:45:DB X509v3 Authority Key Identifier: keyid:D1:EA:9A:8B:51:25:05:90:72:99:DA:38:CE:A5:BC:CE:61:09:87:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2639/0eqai1ElBZBymdo4zqW8zmEJh8s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0eqai1ElBZBymdo4zqW8zmEJh8s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2639/3iLU6mOeHfqFncqKop_aHhNlRds.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.104.152.0/22 Signature Algorithm: sha256WithRSAEncryption 80:88:8a:9b:a1:c5:5d:ed:8a:e6:3a:4d:6f:4c:b4:fa:23:7c: 95:bb:ca:20:b5:fe:24:87:cb:d6:3d:bb:b9:5e:d8:96:8c:63: 7f:b3:7e:58:cd:e6:aa:8d:78:4d:39:c5:00:2e:1e:88:3c:92: 15:85:ef:4b:8e:22:66:3e:80:f4:55:83:50:ef:16:c1:4f:57: 0b:ab:f9:1a:d9:62:8e:0b:e5:40:94:42:af:72:97:09:fb:0f: e7:50:c2:2f:b5:91:07:2c:2d:fe:f1:f4:b7:84:4c:38:1c:62: c0:09:be:f9:5e:8e:9b:c7:51:07:7a:68:d1:7d:9d:8a:18:1c: 28:2d:49:59:43:07:a2:58:e4:2d:58:e2:b4:ec:9c:72:ab:be: 85:4c:11:d9:f8:64:57:be:11:28:fd:d8:77:96:d8:56:bc:b7: 3e:e5:74:a0:32:10:2f:8b:c8:16:7f:49:11:f0:31:7c:1d:77: de:69:61:9e:7e:26:c5:09:09:de:38:21:55:9a:8f:28:dc:a2: bd:33:57:9f:cd:d5:6b:57:80:de:39:f4:a7:37:f0:dc:fa:3f: e9:3b:75:a8:2f:77:d0:72:00:b9:b6:dd:5f:26:41:ac:86:e9: 55:0f:77:1b:73:8e:0c:aa:16:a3:03:f7:f8:7c:9f:0a:e2:db: 98:dc:1c:fd -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDFF QTlBOEI1MTI1MDU5MDcyOTlEQTM4Q0VBNUJDQ0U2MTA5ODdDQjAeFw0yNDAzMTMw MTIyMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFMjJENEVBNjM5RTFE RkE4NTlEQ0E4QUEyOUZEQTFFMTM2NTQ1REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC4wkcI71dDEBNCQBsTduAzSM8kZbnuuOsGqmxJKmyPnWQEb9LG WijNtVHs8W19qPAG2jCNmi729F+GM54UX2plp5fhwc+khND+Ghn6w4etY+wZ17H9 4FLbM78jm3rr8UYKW9vOg1dzclhKnZ7PsgQClwEAYAEWhkoP6aTkckbxM5EK4Z95 +czTwOMtDCDd8iGEckEEVHsHN6a0m/j2Ak72UO6dZ23SVtGVwZZeuEze1mSeCd+k 47+7W3Ltrqg+ggFCDGROUHVg7fOtxWcWuKW7pZo2cZmHv2b3Tzg4ik5HndUA0qCG RwmqjLwSw8KajaJHyQFdC/kDUKCX/wusvtWFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3iLU6mOeHfqFncqKop/aHhNlRdswHwYDVR0jBBgwFoAU0eqai1ElBZBymdo4 zqW8zmEJh8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYz OS8wZXFhaTFFbEJaQnltZG80enFXOHptRUpoOHMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBlcWFpMUVsQlpCeW1kbzR6cVc4em1FSmg4cy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MzkvM2lMVTZtT2VIZnFG bmNxS29wX2FIaE5sUmRzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmdomDANBgkqhkiG9w0BAQsFAAOCAQEAgIiKm6HFXe2K5jpNb0y0+iN8lbvK ILX+JIfL1j27uV7Yloxjf7N+WM3mqo14TTnFAC4eiDySFYXvS44iZj6A9FWDUO8W wU9XC6v5GtlijgvlQJRCr3KXCfsP51DCL7WRBywt/vH0t4RMOBxiwAm++V6Om8dR B3po0X2dihgcKC1JWUMHoljkLVjitOyccqu+hUwR2fhkV74RKP3Yd5bYVry3PuV0 oDIQL4vIFn9JEfAxfB133mlhnn4mxQkJ3jghVZqPKNyivTNXn83Va1eA3jn0pzfw 3Po/6Tt1qC930HIAubbdXyZBrIbpVQ93G3OODKoWowP3+HyfCuLbmNwc/Q== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org