$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2802/S-ol3KVlzbsm1A4D7PXGjeC8hwE.roa File: S-ol3KVlzbsm1A4D7PXGjeC8hwE.roa (raw, json) Hash identifier: 1aR8L9h6Fwq7ydECXiJjJfnTb7VLVuuKm7q6euddVnI= Subject key identifier: 4B:EA:25:DC:A5:65:CD:BB:26:D4:0E:03:EC:F5:C6:8D:E0:BC:87:01 Certificate issuer: /CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Certificate serial: 4995 Authority key identifier: 4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/S-ol3KVlzbsm1A4D7PXGjeC8hwE.roa Signing time: Fri 27 Sep 2024 02:33:07 +0000 ROA not before: Fri 27 Sep 2024 02:33:07 +0000 ROA not after: Sat 27 Sep 2025 02:22:57 +0000 asID: 9392 IP address blocks: 103.122.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18837 (0x4995) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Validity Not Before: Sep 27 02:33:07 2024 GMT Not After : Sep 27 02:22:57 2025 GMT Subject: CN=4BEA25DCA565CDBB26D40E03ECF5C68DE0BC8701 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:4a:f3:d1:ce:b5:a6:17:fe:d2:f6:b4:c1:2b: 8e:f2:9f:3a:a7:f5:58:17:a4:1b:b3:73:82:cd:f7: 60:ff:e3:69:7d:0f:40:f6:27:62:ba:db:8f:5d:8f: b8:3f:8f:be:b9:17:a7:6e:ce:0a:2f:d4:38:7d:cf: 2c:76:e5:fe:d1:71:04:99:94:17:b0:15:d6:ed:ef: c0:83:06:d8:ee:de:ff:07:d0:13:ef:2f:a3:25:42: d1:51:23:0f:f0:b1:b8:8a:58:2f:d7:2f:1b:7e:14: 23:4e:13:8b:a7:0e:d4:f5:05:11:1c:ce:e2:62:df: ed:af:24:43:ff:df:79:60:85:b6:d2:63:21:d6:02: 56:d3:3a:22:b2:28:65:b0:a3:52:8c:fc:22:5e:54: c1:9e:7a:95:79:ae:cc:64:50:99:22:30:1e:a0:ae: 08:08:3d:78:78:ee:7b:97:85:7e:7c:fc:5c:bc:85: 6b:42:8d:b4:52:25:01:a1:c4:1e:62:a4:c7:bd:0b: 1f:e9:63:b6:35:e2:47:69:84:fa:5a:65:e7:2f:3f: b9:21:5a:62:0b:77:6f:9d:72:74:fe:80:e2:28:61: bc:0b:58:77:54:37:79:bc:8c:01:4a:ce:bf:f6:d2: 84:1b:14:dd:71:98:df:56:34:b2:38:a1:00:21:d1: 20:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:EA:25:DC:A5:65:CD:BB:26:D4:0E:03:EC:F5:C6:8D:E0:BC:87:01 X509v3 Authority Key Identifier: keyid:4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/S-ol3KVlzbsm1A4D7PXGjeC8hwE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.241.0/24 Signature Algorithm: sha256WithRSAEncryption 98:49:14:a2:ea:a6:7e:63:de:a0:90:92:7f:fc:cf:91:ea:88: 4d:10:73:fd:3c:19:be:7c:54:7c:a2:9a:16:45:a5:83:4f:49: 43:10:d2:7d:7d:59:01:5a:b5:2b:9e:28:2a:fb:9d:9e:ab:0a: 17:5b:87:3a:da:35:cf:8e:e4:a0:4a:42:e1:3c:0a:14:be:5b: 6a:54:1c:75:b4:26:9f:cd:42:fd:65:eb:08:d6:fc:e0:2a:de: 83:f3:4a:a9:ab:99:1e:fc:33:2d:6d:63:29:64:bd:05:0d:d2: eb:e4:48:a2:61:dc:49:61:d5:2a:2f:02:eb:d9:5a:0e:9f:bb: 5c:ab:7b:0f:f9:d2:45:80:79:fb:24:cd:9d:fa:a3:91:7a:d6: f1:09:bb:fd:7f:09:98:a5:87:a6:7e:98:76:0d:29:82:57:d1: bb:0b:29:7c:bb:69:f1:0a:83:c7:fa:20:59:88:12:85:4e:96: 05:80:fa:97:90:22:78:38:cb:3e:af:6c:60:4c:55:f0:07:aa: cc:a6:58:51:e0:46:68:f9:85:f5:8d:19:b4:24:34:14:26:58: ae:3f:8b:ea:86:02:aa:f6:ab:04:a1:99:d9:7e:02:48:9a:4c: c8:7f:7d:df:88:eb:93:e7:4f:7b:63:e3:59:32:54:db:91:57: 00:3e:21:b8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICSZUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZD QThCQ0I2RUIzRUM2MTAzMkY4OEQyNkZDMDJCMDUyMjRENDcxODAeFw0yNDA5Mjcw MjMzMDdaFw0yNTA5MjcwMjIyNTdaMDMxMTAvBgNVBAMTKDRCRUEyNURDQTU2NUNE QkIyNkQ0MEUwM0VDRjVDNjhERTBCQzg3MDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCSvPRzrWmF/7S9rTBK47ynzqn9VgXpBuzc4LN92D/42l9D0D2 J2K6249dj7g/j765F6duzgov1Dh9zyx25f7RcQSZlBewFdbt78CDBtju3v8H0BPv L6MlQtFRIw/wsbiKWC/XLxt+FCNOE4unDtT1BREczuJi3+2vJEP/33lghbbSYyHW AlbTOiKyKGWwo1KM/CJeVMGeepV5rsxkUJkiMB6grggIPXh47nuXhX58/Fy8hWtC jbRSJQGhxB5ipMe9Cx/pY7Y14kdphPpaZecvP7khWmILd2+dcnT+gOIoYbwLWHdU N3m8jAFKzr/20oQbFN1xmN9WNLI4oQAh0SBLAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUS+ol3KVlzbsm1A4D7PXGjeC8hwEwHwYDVR0jBBgwFoAUT8qLy26z7GEDL4jS b8ArBSJNRxgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgw Mi9UOHFMeTI2ejdHRURMNGpTYjhBckJTSk5SeGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1Q4cUx5MjZ6N0dFREw0alNiOEFyQlNKTlJ4Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MDIvUy1vbDNLVmx6YnNt MUE0RDdQWEdqZUM4aHdFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd68TANBgkqhkiG9w0BAQsFAAOCAQEAmEkUouqmfmPeoJCSf/zPkeqITRBz /TwZvnxUfKKaFkWlg09JQxDSfX1ZAVq1K54oKvudnqsKF1uHOto1z47koEpC4TwK FL5balQcdbQmn81C/WXrCNb84Creg/NKqauZHvwzLW1jKWS9BQ3S6+RIomHcSWHV Ki8C69laDp+7XKt7D/nSRYB5+yTNnfqjkXrW8Qm7/X8JmKWHpn6Ydg0pglfRuwsp fLtp8QqDx/ogWYgShU6WBYD6l5AieDjLPq9sYExV8AeqzKZYUeBGaPmF9Y0ZtCQ0 FCZYrj+L6oYCqvarBKGZ2X4CSJpMyH9934jrk+dPe2PjWTJU25FXAD4huA== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org