$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2802/AhgDCGeqpl9hz_IACpamisngjg8.roa File: AhgDCGeqpl9hz_IACpamisngjg8.roa (raw, json) Hash identifier: zdktkZjxQadjNyTrVzGWDcZVpnDfRTaKYxSUOhx96SM= Subject key identifier: 02:18:03:08:67:AA:A6:5F:61:CF:F2:00:0A:96:A6:8A:C9:E0:8E:0F Certificate issuer: /CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Certificate serial: 49A4 Authority key identifier: 4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/AhgDCGeqpl9hz_IACpamisngjg8.roa Signing time: Sun 29 Sep 2024 02:43:21 +0000 ROA not before: Sun 29 Sep 2024 02:43:21 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 9392 IP address blocks: 103.122.242.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18852 (0x49a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Validity Not Before: Sep 29 02:43:21 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0218030867AAA65F61CFF2000A96A68AC9E08E0F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6a:92:5c:b6:4b:dd:9b:69:f6:34:75:29:8e: 48:ba:2d:3b:ec:56:9b:00:81:71:07:3a:d4:b8:aa: 02:a9:b5:16:2f:a1:d2:0b:c4:0b:8e:76:e0:0a:be: eb:c9:41:65:19:30:b5:f3:40:84:04:fe:8a:33:13: 05:41:3a:52:4a:e6:10:82:0a:2c:3d:62:b2:a8:d8: ec:b1:bf:a1:f6:71:71:23:01:fc:c9:1d:ee:a0:57: 3d:2c:57:d6:1c:73:ef:bb:57:8d:07:5e:f9:f0:7d: b7:e1:16:9c:31:7d:69:4f:cb:99:e6:f1:ea:c7:53: 4b:4e:e4:36:4e:ac:a4:c4:49:18:0a:da:1c:83:9f: 74:33:af:e0:95:76:cd:67:66:2d:42:3d:a6:c4:e9: 2e:4f:49:db:1d:a3:3b:11:e3:1e:5f:29:34:a7:11: 0f:ae:fe:ed:f7:ae:4d:4b:b5:9c:d4:e0:bd:8b:91: b3:6e:5d:4f:e0:e5:ca:e6:52:52:71:24:e1:34:1c: f0:31:e6:98:f8:72:8b:d6:6d:92:b1:90:31:1c:f6: d2:29:35:64:97:03:5e:d7:20:57:95:61:98:6a:ce: 3e:71:b0:f7:df:71:60:25:5f:ef:bd:47:61:30:2a: 33:4d:64:73:32:e5:9a:c6:b7:ee:48:0f:47:10:db: 23:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:18:03:08:67:AA:A6:5F:61:CF:F2:00:0A:96:A6:8A:C9:E0:8E:0F X509v3 Authority Key Identifier: keyid:4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/AhgDCGeqpl9hz_IACpamisngjg8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.242.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:78:6b:5c:58:df:d9:04:32:25:40:46:d9:58:19:32:93:ae: aa:a6:3d:ef:ae:ac:c0:75:53:e4:8d:70:e9:93:ba:1f:5f:8d: 52:6e:85:8b:42:14:9c:2a:40:ad:db:69:b7:89:5b:79:e3:39: 12:16:43:0b:01:f9:64:38:66:2a:cc:23:7e:b4:64:8c:a2:53: 1a:fa:86:fd:91:78:5c:cc:8f:3d:83:30:a1:b7:ec:3f:fb:46: c2:9a:a4:88:e7:81:e6:4d:73:5c:96:cd:29:f7:d4:62:a0:86: 86:58:88:8e:cf:af:92:23:83:6f:71:4d:6f:87:82:6b:1d:dc: 13:27:29:4f:99:6f:6e:94:56:a9:22:75:bc:d4:0a:0a:f7:77: 3a:4b:df:f1:fd:d6:50:d5:c5:32:8f:0e:1d:18:f4:b4:25:9a: cd:be:24:cd:5f:fd:ac:b8:21:7e:4e:01:ee:6b:05:34:af:6a: c3:82:d4:c9:a1:ec:c2:8e:0d:ce:01:a3:4d:13:aa:c4:ed:6f: e8:3d:7b:e9:84:90:e9:22:f3:42:98:01:01:75:77:a1:74:8c: 7f:d6:55:86:89:29:fd:5f:c1:20:4b:2b:00:d0:71:69:c5:b7: ba:a6:f2:d5:92:32:db:ad:04:c7:6c:14:6b:f0:e8:64:f1:03: 6c:6f:55:c8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICSaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZD QThCQ0I2RUIzRUM2MTAzMkY4OEQyNkZDMDJCMDUyMjRENDcxODAeFw0yNDA5Mjkw MjQzMjFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDAyMTgwMzA4NjdBQUE2 NUY2MUNGRjIwMDBBOTZBNjhBQzlFMDhFMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiapJctkvdm2n2NHUpjki6LTvsVpsAgXEHOtS4qgKptRYvodIL xAuOduAKvuvJQWUZMLXzQIQE/oozEwVBOlJK5hCCCiw9YrKo2Oyxv6H2cXEjAfzJ He6gVz0sV9Ycc++7V40HXvnwfbfhFpwxfWlPy5nm8erHU0tO5DZOrKTESRgK2hyD n3Qzr+CVds1nZi1CPabE6S5PSdsdozsR4x5fKTSnEQ+u/u33rk1LtZzU4L2LkbNu XU/g5crmUlJxJOE0HPAx5pj4covWbZKxkDEc9tIpNWSXA17XIFeVYZhqzj5xsPff cWAlX++9R2EwKjNNZHMy5ZrGt+5ID0cQ2yNnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUAhgDCGeqpl9hz/IACpamisngjg8wHwYDVR0jBBgwFoAUT8qLy26z7GEDL4jS b8ArBSJNRxgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgw Mi9UOHFMeTI2ejdHRURMNGpTYjhBckJTSk5SeGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1Q4cUx5MjZ6N0dFREw0alNiOEFyQlNKTlJ4Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MDIvQWhnRENHZXFwbDlo el9JQUNwYW1pc25namc4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd68jANBgkqhkiG9w0BAQsFAAOCAQEAjnhrXFjf2QQyJUBG2VgZMpOuqqY9 766swHVT5I1w6ZO6H1+NUm6Fi0IUnCpArdtpt4lbeeM5EhZDCwH5ZDhmKswjfrRk jKJTGvqG/ZF4XMyPPYMwobfsP/tGwpqkiOeB5k1zXJbNKffUYqCGhliIjs+vkiOD b3FNb4eCax3cEycpT5lvbpRWqSJ1vNQKCvd3Okvf8f3WUNXFMo8OHRj0tCWazb4k zV/9rLghfk4B7msFNK9qw4LUyaHswo4NzgGjTROqxO1v6D176YSQ6SLzQpgBAXV3 oXSMf9ZVhokp/V/BIEsrANBxacW3uqby1ZIy260Ex2wUa/DoZPEDbG9VyA== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org