$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/oNx-2622tESiWCt9JkvnNZDXVFE.roa File: oNx-2622tESiWCt9JkvnNZDXVFE.roa (raw, json) Hash identifier: AqzUw5v02HW+kpBq/ImcwWJ9YIWHcvConEAWor/jLtE= Subject key identifier: A0:DC:7E:DB:AD:B6:B4:44:A2:58:2B:7D:26:4B:E7:35:90:D7:54:51 Certificate issuer: /CN=3C8625BACA079911E2B28299B4BD44FDCBFFF60C Certificate serial: 06CE Authority key identifier: 3C:86:25:BA:CA:07:99:11:E2:B2:82:99:B4:BD:44:FD:CB:FF:F6:0C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/oNx-2622tESiWCt9JkvnNZDXVFE.roa Signing time: Sat 30 Mar 2024 07:21:40 +0000 ROA not before: Sat 30 Mar 2024 07:21:40 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 41717 IP address blocks: 103.116.149.0/24 maxlen: 24 103.116.150.0/24 maxlen: 24 103.116.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PIYlusoHmRHisoKZtL1E_cv_9gw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PIYlusoHmRHisoKZtL1E_cv_9gw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:50:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1742 (0x6ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3C8625BACA079911E2B28299B4BD44FDCBFFF60C Validity Not Before: Mar 30 07:21:40 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A0DC7EDBADB6B444A2582B7D264BE73590D75451 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ba:3d:66:76:b8:77:40:c6:7f:8c:94:3b:20: 12:c2:57:1b:03:77:f0:f0:af:74:a9:3f:cf:f4:77: e9:56:33:9b:08:c2:c6:b5:93:0c:24:d0:0c:a4:93: 6f:97:a9:94:da:e9:67:2c:b3:02:bd:c0:d4:da:83: bb:c5:f9:d9:5d:dc:ce:e8:7c:7d:97:55:78:a1:00: b9:f6:09:ea:6b:a4:97:48:c6:16:17:95:66:82:85: a3:5d:e5:02:24:c6:8b:db:c2:83:91:ee:8d:19:75: 02:aa:e8:4a:2e:d8:51:8d:36:e5:77:c5:6d:8e:c8: d1:78:e9:4c:55:36:b7:01:22:13:b4:a5:3e:af:e8: 02:21:6e:a9:92:5e:d6:ef:76:6b:23:ce:6a:73:15: 50:73:8b:d7:28:b0:22:68:42:4f:94:44:78:1c:dc: 31:bd:61:1b:10:23:66:78:9f:0b:d9:0a:55:00:d7: ef:4e:6f:33:20:66:1e:1e:42:b6:94:59:f1:11:c5: 5d:b0:66:45:a5:bb:81:88:b0:26:f0:98:2d:56:03: 6b:8c:de:51:3e:a2:9f:20:16:13:f9:53:49:e7:aa: 19:8e:59:a3:fd:ed:eb:fd:2d:b2:80:ac:d6:0f:e5: 98:25:ec:51:74:1d:6e:19:72:1e:d0:95:05:89:dc: cf:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:DC:7E:DB:AD:B6:B4:44:A2:58:2B:7D:26:4B:E7:35:90:D7:54:51 X509v3 Authority Key Identifier: keyid:3C:86:25:BA:CA:07:99:11:E2:B2:82:99:B4:BD:44:FD:CB:FF:F6:0C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PIYlusoHmRHisoKZtL1E_cv_9gw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/oNx-2622tESiWCt9JkvnNZDXVFE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.116.149.0-103.116.151.255 Signature Algorithm: sha256WithRSAEncryption 49:c2:5f:56:f4:2a:68:51:02:5e:af:e5:b1:23:ab:8f:85:d9: 49:cd:8b:ef:e5:f6:12:fe:51:c9:bc:02:a1:24:46:eb:60:b1: 72:41:3d:6f:d4:fd:17:26:7f:b5:a5:73:21:38:cb:89:26:76: 81:86:79:cb:b8:1d:cc:7d:0f:8c:ce:6d:be:be:b6:8b:40:ec: f2:58:8a:aa:84:56:7d:ca:c8:cd:e4:83:17:ec:bc:96:b2:29: 40:85:28:ce:fb:03:c0:c4:11:32:4e:93:bf:47:eb:a4:67:01: ac:af:38:1a:db:39:d8:05:1e:5c:cf:65:f1:4b:e3:f5:fc:bb: 5d:58:c2:d2:d6:fb:0d:82:a8:bb:8c:2d:f5:24:2b:35:61:1f: 61:4b:1c:7f:7d:03:ce:07:d6:b2:d9:70:b8:43:44:12:1c:b6: fc:5d:43:cd:01:64:d7:57:4a:f5:3c:7e:8b:db:ce:cc:7e:fe: e8:d1:3d:4f:23:d4:9b:e9:fd:fb:ec:29:d8:be:5c:06:47:7a: 25:d3:f1:95:6a:10:47:b0:bd:01:bf:80:ca:17:bb:ba:e9:29: cb:dd:47:0f:01:23:1a:63:00:84:93:dd:6c:f8:8d:15:27:70: 43:44:5b:92:a5:78:bf:cb:2f:15:74:31:70:53:84:01:2f:4d: 74:ed:01:20 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgICBs4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0M4 NjI1QkFDQTA3OTkxMUUyQjI4Mjk5QjRCRDQ0RkRDQkZGRjYwQzAeFw0yNDAzMzAw NzIxNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwREM3RURCQURCNkI0 NDRBMjU4MkI3RDI2NEJFNzM1OTBENzU0NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBuj1mdrh3QMZ/jJQ7IBLCVxsDd/Dwr3SpP8/0d+lWM5sIwsa1 kwwk0Aykk2+XqZTa6WcsswK9wNTag7vF+dld3M7ofH2XVXihALn2CeprpJdIxhYX lWaChaNd5QIkxovbwoOR7o0ZdQKq6Eou2FGNNuV3xW2OyNF46UxVNrcBIhO0pT6v 6AIhbqmSXtbvdmsjzmpzFVBzi9cosCJoQk+URHgc3DG9YRsQI2Z4nwvZClUA1+9O bzMgZh4eQraUWfERxV2wZkWlu4GIsCbwmC1WA2uM3lE+op8gFhP5U0nnqhmOWaP9 7ev9LbKArNYP5Zgl7FF0HW4Zch7QlQWJ3M8/AgMBAAGjggH7MIIB9zAdBgNVHQ4E FgQUoNx+2622tESiWCt9JkvnNZDXVFEwHwYDVR0jBBgwFoAUPIYlusoHmRHisoKZ tL1E/cv/9gwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS9QSVlsdXNvSG1SSGlzb0tadEwxRV9jdl85Z3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1BJWWx1c29IbVJIaXNvS1p0TDFFX2N2Xzlndy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvb054LTI2MjJ0RVNp V0N0OUprdm5OWkRYVkZFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw DjAMAwQAZ3SVAwQDZ3SQMA0GCSqGSIb3DQEBCwUAA4IBAQBJwl9W9CpoUQJer+Wx I6uPhdlJzYvv5fYS/lHJvAKhJEbrYLFyQT1v1P0XJn+1pXMhOMuJJnaBhnnLuB3M fQ+Mzm2+vraLQOzyWIqqhFZ9ysjN5IMX7LyWsilAhSjO+wPAxBEyTpO/R+ukZwGs rzga2znYBR5cz2XxS+P1/LtdWMLS1vsNgqi7jC31JCs1YR9hSxx/fQPOB9ay2XC4 Q0QSHLb8XUPNAWTXV0r1PH6L287Mfv7o0T1PI9Sb6f377CnYvlwGR3ol0/GVahBH sL0Bv4DKF7u66SnL3UcPASMaYwCEk91s+I0VJ3BDRFuSpXi/yy8VdDFwU4QBL010 7QEg -----END CERTIFICATE-----Generated at Fri Nov 22 09:32:43 2024 by rpki-client on console-fra.rpki-client.org