$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2802/gtoFzo0V45aQxwjtlLzpmXMa4ug.roa File: gtoFzo0V45aQxwjtlLzpmXMa4ug.roa (raw, json) Hash identifier: tXqHGru9k13XuIyAiPj44xJ7unku2DYwiUEPQgPJ68w= Subject key identifier: 82:DA:05:CE:8D:15:E3:96:90:C7:08:ED:94:BC:E9:99:73:1A:E2:E8 Certificate issuer: /CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Certificate serial: 49A2 Authority key identifier: 4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/gtoFzo0V45aQxwjtlLzpmXMa4ug.roa Signing time: Sun 29 Sep 2024 02:42:55 +0000 ROA not before: Sun 29 Sep 2024 02:42:55 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 9392 IP address blocks: 103.122.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18850 (0x49a2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4FCA8BCB6EB3EC61032F88D26FC02B05224D4718 Validity Not Before: Sep 29 02:42:55 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=82DA05CE8D15E39690C708ED94BCE999731AE2E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:36:21:46:e8:91:ad:ca:fb:8f:fa:c3:be:52: 2f:bf:7d:34:ec:4f:07:d9:91:d0:49:8c:ba:a1:04: d4:b5:68:68:94:fd:88:cc:78:6f:c9:52:eb:8d:df: 00:87:55:ce:af:79:ae:31:f0:03:d5:99:ab:50:5b: 92:e8:a8:5b:5c:b4:66:a9:3c:fa:c5:bc:4f:db:70: 1b:77:56:63:16:c8:47:89:85:18:b0:72:9e:f1:7e: 04:3b:b6:f9:9e:ea:04:90:c6:56:e5:18:1f:30:31: 03:b8:f8:46:70:56:33:4c:9f:9a:ef:36:c5:73:b4: 5b:57:15:7d:e4:c0:47:9c:a6:3a:88:3c:95:81:ca: 3f:50:39:a3:32:b7:88:0b:b1:18:c0:e5:ea:c7:3f: 5c:d1:8a:8f:27:69:55:c5:bc:3b:60:01:9f:25:46: ab:59:d8:08:e9:85:76:82:3f:d5:6e:19:12:17:ec: c9:f5:43:ef:c1:08:e8:70:6b:58:57:1a:e2:bf:90: d7:d4:79:a2:e3:1a:f9:33:0b:d7:2e:ca:40:62:d4: 21:43:c4:8c:cb:c2:45:4f:c5:2b:40:fc:24:3c:9f: 8a:65:d5:43:70:ca:eb:3b:8c:b7:42:3c:d0:8b:d9: e7:b5:4c:99:6a:ce:e3:05:b7:a4:59:1b:f7:3d:2a: ad:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:DA:05:CE:8D:15:E3:96:90:C7:08:ED:94:BC:E9:99:73:1A:E2:E8 X509v3 Authority Key Identifier: keyid:4F:CA:8B:CB:6E:B3:EC:61:03:2F:88:D2:6F:C0:2B:05:22:4D:47:18 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/T8qLy26z7GEDL4jSb8ArBSJNRxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/T8qLy26z7GEDL4jSb8ArBSJNRxg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2802/gtoFzo0V45aQxwjtlLzpmXMa4ug.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.122.243.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:76:e2:16:7a:4c:39:8c:fb:75:2b:be:d7:52:0d:ae:9f:54: 61:8d:1c:a1:c5:22:17:a6:73:a4:85:7f:40:50:98:65:a2:26: 19:a9:84:18:62:88:56:03:34:be:7f:67:5f:2f:8c:f8:c3:9f: 23:2e:82:d4:a5:26:93:7f:d1:94:d0:ff:27:e6:20:cf:6f:01: 7e:ec:ce:83:59:ca:75:8a:dd:00:e9:7d:31:11:8e:7a:34:88: d1:cc:dd:93:80:d2:4a:aa:9d:f3:17:39:d2:41:c7:95:bd:54: ff:a1:3c:4a:12:85:46:85:db:1d:07:94:9e:5e:ce:d0:7e:e7: 77:84:67:3d:ca:a1:ad:23:3f:d3:4e:0f:ea:d9:c7:81:63:59: dd:1f:74:72:6f:be:44:40:a3:df:47:7d:91:7d:5a:cd:f4:2b: b8:b4:b5:6d:06:0c:a9:17:59:62:ee:95:0f:3d:81:7c:ae:66: b2:f6:3b:06:b2:95:fc:5f:b0:96:9b:db:42:42:52:b6:15:06: 0c:ff:1d:47:e2:a5:5c:9d:99:b6:c1:83:45:29:55:f4:9e:bf: 85:fe:a2:75:41:39:7a:e3:ab:c2:c7:6b:e5:be:61:75:50:73: fc:63:8d:b5:6b:05:71:5c:8b:53:0c:39:ac:10:2e:ae:31:fb: 12:ea:f3:2f -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICSaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZD QThCQ0I2RUIzRUM2MTAzMkY4OEQyNkZDMDJCMDUyMjRENDcxODAeFw0yNDA5Mjkw MjQyNTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDgyREEwNUNFOEQxNUUz OTY5MEM3MDhFRDk0QkNFOTk5NzMxQUUyRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDaNiFG6JGtyvuP+sO+Ui+/fTTsTwfZkdBJjLqhBNS1aGiU/YjM eG/JUuuN3wCHVc6vea4x8APVmatQW5LoqFtctGapPPrFvE/bcBt3VmMWyEeJhRiw cp7xfgQ7tvme6gSQxlblGB8wMQO4+EZwVjNMn5rvNsVztFtXFX3kwEecpjqIPJWB yj9QOaMyt4gLsRjA5erHP1zRio8naVXFvDtgAZ8lRqtZ2AjphXaCP9VuGRIX7Mn1 Q+/BCOhwa1hXGuK/kNfUeaLjGvkzC9cuykBi1CFDxIzLwkVPxStA/CQ8n4pl1UNw yus7jLdCPNCL2ee1TJlqzuMFt6RZG/c9Kq3xAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUgtoFzo0V45aQxwjtlLzpmXMa4ugwHwYDVR0jBBgwFoAUT8qLy26z7GEDL4jS b8ArBSJNRxgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgw Mi9UOHFMeTI2ejdHRURMNGpTYjhBckJTSk5SeGcuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1Q4cUx5MjZ6N0dFREw0alNiOEFyQlNKTlJ4Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MDIvZ3RvRnpvMFY0NWFR eHdqdGxMenBtWE1hNHVnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd68zANBgkqhkiG9w0BAQsFAAOCAQEAT3biFnpMOYz7dSu+11INrp9UYY0c ocUiF6ZzpIV/QFCYZaImGamEGGKIVgM0vn9nXy+M+MOfIy6C1KUmk3/RlND/J+Yg z28BfuzOg1nKdYrdAOl9MRGOejSI0czdk4DSSqqd8xc50kHHlb1U/6E8ShKFRoXb HQeUnl7O0H7nd4RnPcqhrSM/004P6tnHgWNZ3R90cm++RECj30d9kX1azfQruLS1 bQYMqRdZYu6VDz2BfK5msvY7BrKV/F+wlpvbQkJSthUGDP8dR+KlXJ2ZtsGDRSlV 9J6/hf6idUE5euOrwsdr5b5hdVBz/GONtWsFcVyLUww5rBAurjH7EurzLw== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org