$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/on-b8f788nGSMHvTWYPBnwzDYPg.roa File: on-b8f788nGSMHvTWYPBnwzDYPg.roa (raw, json) Hash identifier: WWldnJzndnqwOqhpl1CZe4jravnw7e2aGa2/dfTBa7o= Subject key identifier: A2:7F:9B:F1:FE:FC:F2:71:92:30:7B:D3:59:83:C1:9F:0C:C3:60:F8 Certificate issuer: /CN=3C8625BACA079911E2B28299B4BD44FDCBFFF60C Certificate serial: 06CD Authority key identifier: 3C:86:25:BA:CA:07:99:11:E2:B2:82:99:B4:BD:44:FD:CB:FF:F6:0C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/on-b8f788nGSMHvTWYPBnwzDYPg.roa Signing time: Sat 30 Mar 2024 07:21:40 +0000 ROA not before: Sat 30 Mar 2024 07:21:40 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 21859 IP address blocks: 103.116.148.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PIYlusoHmRHisoKZtL1E_cv_9gw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PIYlusoHmRHisoKZtL1E_cv_9gw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 21 Nov 2024 23:50:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1741 (0x6cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3C8625BACA079911E2B28299B4BD44FDCBFFF60C Validity Not Before: Mar 30 07:21:40 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A27F9BF1FEFCF27192307BD35983C19F0CC360F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:48:df:7b:f5:88:35:93:bb:0c:e0:5d:fc:8f: fd:e6:24:9b:69:eb:d9:8f:17:a8:5b:5a:1f:15:a6: 78:32:a7:4c:96:ae:07:42:b6:7c:18:0f:43:e6:6e: 47:09:5d:37:06:f5:63:5b:c4:32:93:de:63:d6:12: fc:94:c8:bf:63:29:ff:15:14:34:f1:a3:ff:3f:69: 46:c6:d3:fc:a9:b0:2f:88:d1:17:4c:13:a1:93:01: 5e:cc:f4:5e:04:3e:ef:0b:be:c4:6e:6c:6b:03:c3: 94:a5:00:16:2a:7d:3e:9f:aa:5b:47:74:39:59:09: 28:b8:4f:3f:d4:4a:ce:66:b0:06:f3:83:6f:39:db: 1e:a4:59:6a:5d:a6:c2:67:5f:66:c2:ba:02:bd:e7: 90:70:3d:81:63:5a:db:2b:13:65:e9:cd:83:cc:23: bd:a3:41:e1:1d:92:82:24:4d:c3:63:81:8e:88:36: 8c:05:ed:3e:cc:15:71:be:82:31:63:fb:87:24:1e: e0:5e:39:74:4a:04:13:e4:53:b8:2e:e9:95:4a:88: 1e:54:8f:0f:ea:a7:da:46:6d:2b:41:a5:69:a3:e6: 0a:75:e8:f1:dd:92:c4:ea:1d:8a:8e:0e:a2:41:36: be:8e:1b:26:79:f9:55:12:52:9a:68:3b:67:23:bf: 84:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:7F:9B:F1:FE:FC:F2:71:92:30:7B:D3:59:83:C1:9F:0C:C3:60:F8 X509v3 Authority Key Identifier: keyid:3C:86:25:BA:CA:07:99:11:E2:B2:82:99:B4:BD:44:FD:CB:FF:F6:0C X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/PIYlusoHmRHisoKZtL1E_cv_9gw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/PIYlusoHmRHisoKZtL1E_cv_9gw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/on-b8f788nGSMHvTWYPBnwzDYPg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.116.148.0/24 Signature Algorithm: sha256WithRSAEncryption cb:9a:19:c4:0d:62:ae:b6:6a:0c:6d:cb:b8:c4:2b:29:dc:93: 57:de:a1:57:74:ec:8c:ba:16:25:ee:e5:21:3a:eb:ea:bb:cf: ca:c9:5e:52:1e:ff:d2:56:ad:03:ff:d3:ae:d9:39:66:3a:ea: 94:f5:da:dc:e8:51:0f:fe:1a:1a:c6:a8:9b:c8:43:9d:a7:8d: 33:aa:ae:ef:eb:1f:6a:ba:41:30:2f:56:eb:1e:af:6b:75:d1: 93:66:35:8a:59:87:d6:4c:c3:cc:2c:92:b3:f6:6d:3f:e0:74: f8:aa:ad:ad:33:1c:48:ab:8c:82:05:e5:73:be:7d:4f:14:fe: 1d:e0:e6:21:77:c0:96:8a:4b:fd:d4:04:a0:fd:b0:42:74:06: 22:d4:93:35:d8:d0:bc:97:07:9c:13:a1:2d:6a:7d:b7:66:8b: 76:0c:13:3e:d4:0b:4a:8a:26:a6:a3:89:ea:fd:df:ee:62:76: d2:a7:c5:21:8d:c8:59:7e:50:6b:55:07:45:ea:fa:cb:65:51: dd:f6:11:c0:77:e0:6d:32:66:51:dc:77:f3:e3:15:66:ae:c7: 7f:50:3e:5b:27:a2:d3:de:3f:28:75:75:40:c5:0a:4a:36:03: 91:c6:49:41:2f:78:37:51:1d:f6:4d:fd:f6:a5:ba:19:5b:b8: e5:99:3a:96 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBs0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0M4 NjI1QkFDQTA3OTkxMUUyQjI4Mjk5QjRCRDQ0RkRDQkZGRjYwQzAeFw0yNDAzMzAw NzIxNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEyN0Y5QkYxRkVGQ0Yy NzE5MjMwN0JEMzU5ODNDMTlGMENDMzYwRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCcSN979Yg1k7sM4F38j/3mJJtp69mPF6hbWh8Vpngyp0yWrgdC tnwYD0PmbkcJXTcG9WNbxDKT3mPWEvyUyL9jKf8VFDTxo/8/aUbG0/ypsC+I0RdM E6GTAV7M9F4EPu8LvsRubGsDw5SlABYqfT6fqltHdDlZCSi4Tz/USs5msAbzg285 2x6kWWpdpsJnX2bCugK955BwPYFjWtsrE2XpzYPMI72jQeEdkoIkTcNjgY6INowF 7T7MFXG+gjFj+4ckHuBeOXRKBBPkU7gu6ZVKiB5Ujw/qp9pGbStBpWmj5gp16PHd ksTqHYqODqJBNr6OGyZ5+VUSUppoO2cjv4ThAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUon+b8f788nGSMHvTWYPBnwzDYPgwHwYDVR0jBBgwFoAUPIYlusoHmRHisoKZ tL1E/cv/9gwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0 MS9QSVlsdXNvSG1SSGlzb0tadEwxRV9jdl85Z3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1BJWWx1c29IbVJIaXNvS1p0TDFFX2N2Xzlndy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvb24tYjhmNzg4bkdT TUh2VFdZUEJud3pEWVBnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd0lDANBgkqhkiG9w0BAQsFAAOCAQEAy5oZxA1irrZqDG3LuMQrKdyTV96h V3TsjLoWJe7lITrr6rvPysleUh7/0latA//Trtk5ZjrqlPXa3OhRD/4aGsaom8hD naeNM6qu7+sfarpBMC9W6x6va3XRk2Y1ilmH1kzDzCySs/ZtP+B0+KqtrTMcSKuM ggXlc759TxT+HeDmIXfAlopL/dQEoP2wQnQGItSTNdjQvJcHnBOhLWp9t2aLdgwT PtQLSoompqOJ6v3f7mJ20qfFIY3IWX5Qa1UHRer6y2VR3fYRwHfgbTJmUdx38+MV Zq7Hf1A+Wyei094/KHV1QMUKSjYDkcZJQS94N1Ed9k399qW6GVu45Zk6lg== -----END CERTIFICATE-----Generated at Thu Nov 21 23:42:59 2024 by rpki-client on console-ams.rpki-client.org