$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2739/L3J-Ozzbv0bVXm0ZoLiQbsMXLX0.roa File: L3J-Ozzbv0bVXm0ZoLiQbsMXLX0.roa (raw, json) Hash identifier: nqUDhWOlvW/uNH8zbyHGfUFi+r+d8f8JhE2S7VPYhmw= Subject key identifier: 2F:72:7E:3B:3C:DB:BF:46:D5:5E:6D:19:A0:B8:90:6E:C3:17:2D:7D Certificate issuer: /CN=65DA61BDCA2CC0F8CA95D24D3942BC087D8C92A6 Certificate serial: 1593 Authority key identifier: 65:DA:61:BD:CA:2C:C0:F8:CA:95:D2:4D:39:42:BC:08:7D:8C:92:A6 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/L3J-Ozzbv0bVXm0ZoLiQbsMXLX0.roa Signing time: Wed 13 Mar 2024 01:22:04 +0000 ROA not before: Wed 13 Mar 2024 01:22:04 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 131482 IP address blocks: 103.116.120.0/22 maxlen: 24 103.116.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ZdphvcoswPjKldJNOUK8CH2MkqY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ZdphvcoswPjKldJNOUK8CH2MkqY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5523 (0x1593) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65DA61BDCA2CC0F8CA95D24D3942BC087D8C92A6 Validity Not Before: Mar 13 01:22:04 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=2F727E3B3CDBBF46D55E6D19A0B8906EC3172D7D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:09:6b:9f:0e:ab:06:49:94:be:b0:08:33:ec: 8d:81:02:b6:06:b8:75:0d:3d:a3:b5:f7:3f:9f:1d: f8:e5:1a:ae:71:25:0f:f8:1a:20:f7:cc:01:d5:8e: 92:08:d3:f6:cd:3f:02:70:8e:b3:76:b5:c4:45:0e: d8:a4:d0:1d:20:f7:c8:74:44:60:6c:fb:4e:2d:3d: 50:bd:d9:98:b4:51:f5:db:e4:95:59:d5:48:86:a5: 56:d9:9e:df:dc:59:22:03:06:d9:b4:b9:95:92:9b: a3:ff:33:94:08:14:5a:22:ba:3f:8f:25:dd:b9:21: 2d:f6:d6:50:67:93:d4:7a:07:c2:be:bf:e4:bd:1e: e1:58:7b:d7:c7:81:ef:90:87:3b:c5:ba:2e:ce:c8: 2f:84:cd:b5:2c:5e:53:b3:ca:32:3f:48:7b:b9:bf: 2d:8d:c3:d0:83:c0:fd:b6:a1:18:e1:c0:dc:4a:10: 99:75:eb:7f:af:2e:4e:de:63:69:5e:51:08:21:a1: 4c:aa:38:01:15:f2:99:b7:16:b1:d5:3f:ca:e6:0c: ac:af:22:a7:96:bc:62:33:3b:44:9d:80:7d:e3:7f: 3b:51:2a:97:a8:df:df:63:80:e9:43:a0:e3:75:09: 3f:e1:90:2f:58:73:b3:08:d1:0e:16:cb:c5:07:f4: 49:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:72:7E:3B:3C:DB:BF:46:D5:5E:6D:19:A0:B8:90:6E:C3:17:2D:7D X509v3 Authority Key Identifier: keyid:65:DA:61:BD:CA:2C:C0:F8:CA:95:D2:4D:39:42:BC:08:7D:8C:92:A6 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/ZdphvcoswPjKldJNOUK8CH2MkqY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZdphvcoswPjKldJNOUK8CH2MkqY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2739/L3J-Ozzbv0bVXm0ZoLiQbsMXLX0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.116.120.0/22 Signature Algorithm: sha256WithRSAEncryption 7a:d5:b3:c1:3a:be:62:3d:95:30:a2:97:90:73:4c:96:6d:0f: 11:c4:66:2c:c7:02:fe:d1:8a:0c:64:55:39:3a:0a:14:98:86: ad:8e:98:01:9d:46:3d:20:0d:82:51:2b:48:8b:6c:76:68:5d: 36:d6:92:9d:f3:22:8f:29:53:74:54:1f:f4:ef:e5:6d:57:f3: 53:6e:4a:fe:39:e5:00:d5:90:61:84:c9:d9:04:20:7c:cd:56: c4:c7:97:9d:9a:b0:48:81:54:83:30:bf:6c:64:d3:79:ca:28: 94:c6:c6:b8:82:d6:1b:13:1a:99:22:f4:e0:19:c4:62:1e:f5: fd:0e:45:f0:2b:19:ec:80:4c:40:86:56:67:98:18:97:9d:df: c5:23:f9:67:fb:29:d5:f8:17:6f:44:69:8e:6e:34:eb:0c:29: 2b:2f:0e:b9:09:5b:a3:ac:b2:e5:b0:3e:2e:48:77:9a:cb:5c: 57:50:a7:0c:48:fa:a1:20:ae:6d:f9:76:5b:1a:30:92:6d:1b: cb:83:45:f7:84:7a:48:d0:48:26:5d:12:bf:3d:45:e0:83:68: 28:fe:5b:cd:7f:82:0d:05:48:15:62:9c:e3:84:36:ab:19:90: 35:f2:95:a3:09:dd:bd:c3:59:47:fa:07:f4:9c:45:08:47:30: f7:a3:cb:c3 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFZMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjVE QTYxQkRDQTJDQzBGOENBOTVEMjREMzk0MkJDMDg3RDhDOTJBNjAeFw0yNDAzMTMw MTIyMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJGNzI3RTNCM0NEQkJG NDZENTVFNkQxOUEwQjg5MDZFQzMxNzJEN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBCWufDqsGSZS+sAgz7I2BArYGuHUNPaO19z+fHfjlGq5xJQ/4 GiD3zAHVjpII0/bNPwJwjrN2tcRFDtik0B0g98h0RGBs+04tPVC92Zi0UfXb5JVZ 1UiGpVbZnt/cWSIDBtm0uZWSm6P/M5QIFFoiuj+PJd25IS321lBnk9R6B8K+v+S9 HuFYe9fHge+QhzvFui7OyC+EzbUsXlOzyjI/SHu5vy2Nw9CDwP22oRjhwNxKEJl1 63+vLk7eY2leUQghoUyqOAEV8pm3FrHVP8rmDKyvIqeWvGIzO0SdgH3jfztRKpeo 399jgOlDoON1CT/hkC9Yc7MI0Q4Wy8UH9EkLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUL3J+Ozzbv0bVXm0ZoLiQbsMXLX0wHwYDVR0jBBgwFoAUZdphvcoswPjKldJN OUK8CH2MkqYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcz OS9aZHBodmNvc3dQaktsZEpOT1VLOENIMk1rcVkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1pkcGh2Y29zd1BqS2xkSk5PVUs4Q0gyTWtxWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3MzkvTDNKLU96emJ2MGJW WG0wWm9MaVFic01YTFgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd0eDANBgkqhkiG9w0BAQsFAAOCAQEAetWzwTq+Yj2VMKKXkHNMlm0PEcRm LMcC/tGKDGRVOToKFJiGrY6YAZ1GPSANglErSItsdmhdNtaSnfMijylTdFQf9O/l bVfzU25K/jnlANWQYYTJ2QQgfM1WxMeXnZqwSIFUgzC/bGTTecoolMbGuILWGxMa mSL04BnEYh71/Q5F8CsZ7IBMQIZWZ5gYl53fxSP5Z/sp1fgXb0Rpjm406wwpKy8O uQlbo6yy5bA+Lkh3mstcV1CnDEj6oSCubfl2Wxowkm0by4NF94R6SNBIJl0Svz1F 4INoKP5bzX+CDQVIFWKc44Q2qxmQNfKVowndvcNZR/oH9JxFCEcw96PLww== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org