$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2823/zvqXOSbdtsv7hCUcmFnyjlRIOig.roa File: zvqXOSbdtsv7hCUcmFnyjlRIOig.roa (raw, json) Hash identifier: 4lyxdCMJftXtMBw/MUejR/1sv4VVSzaOYW/+Kgsl7oU= Subject key identifier: CE:FA:97:39:26:DD:B6:CB:FB:84:25:1C:98:59:F2:8E:54:48:3A:28 Certificate issuer: /CN=6647DAB6455116964FAC00012CCC83174D4E46E1 Certificate serial: 0CA5 Authority key identifier: 66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/zvqXOSbdtsv7hCUcmFnyjlRIOig.roa Signing time: Wed 13 Mar 2024 01:22:06 +0000 ROA not before: Wed 13 Mar 2024 01:22:06 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 137730 IP address blocks: 103.124.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:22:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3237 (0xca5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6647DAB6455116964FAC00012CCC83174D4E46E1 Validity Not Before: Mar 13 01:22:06 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CEFA973926DDB6CBFB84251C9859F28E54483A28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:f5:47:40:e5:66:d5:4d:e9:dd:2f:cf:84:8a: c2:1d:26:ae:7a:4b:e0:3e:c7:2e:1b:32:3f:23:e2: 5b:ba:6c:e3:3c:df:cf:bb:12:e0:93:56:11:72:93: e6:f1:dc:3d:93:88:63:f8:52:39:df:d6:c1:6c:4b: 58:1b:79:e4:39:8e:2a:c4:11:42:fa:8d:bd:9f:40: 32:32:3d:d2:95:94:a4:7d:72:95:0d:94:0a:c3:6b: dd:57:14:d1:eb:87:8c:63:3e:f9:02:47:9e:f4:d1: ca:54:65:2b:5c:fb:96:47:f1:bf:a1:3d:b3:ed:06: 48:31:fd:f0:c8:5e:97:76:6a:49:7c:84:d6:8d:d9: 22:3e:15:ae:20:0f:f4:7f:79:8d:af:2b:65:9c:28: 63:b9:d6:5c:40:53:1e:33:22:1e:a6:93:6c:bf:54: 0d:a7:58:ab:54:5d:43:46:bd:67:ea:b5:a7:7c:12: 61:7c:cd:31:90:d7:00:ca:b7:5d:f7:54:c8:9e:14: e8:5a:55:0d:e6:fc:62:5d:96:b7:49:be:16:a5:5e: a9:18:33:16:70:40:50:4b:da:35:6f:29:88:30:d1: 82:ec:81:c0:15:f4:0d:cc:80:23:f3:4f:c3:42:95: c4:6f:86:1c:69:be:1a:6e:99:fa:dd:ec:4f:4e:06: b8:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:FA:97:39:26:DD:B6:CB:FB:84:25:1C:98:59:F2:8E:54:48:3A:28 X509v3 Authority Key Identifier: keyid:66:47:DA:B6:45:51:16:96:4F:AC:00:01:2C:CC:83:17:4D:4E:46:E1 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/ZkfatkVRFpZPrAABLMyDF01ORuE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ZkfatkVRFpZPrAABLMyDF01ORuE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2823/zvqXOSbdtsv7hCUcmFnyjlRIOig.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.124.48.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:89:51:e2:55:b1:60:ce:4d:79:8c:cf:aa:b5:03:c9:37:0a: 3a:ad:e4:06:3a:98:df:2a:b9:1b:80:ae:df:f9:bf:0c:6c:bf: a6:8c:35:12:d5:ef:a4:2d:05:e0:e9:f5:31:4a:75:15:3d:a4: fa:bd:34:b6:e7:29:40:4f:30:65:97:21:27:a5:69:31:bb:f7: 20:21:56:74:36:a4:3f:ce:dc:80:c0:6e:ef:f6:9d:ca:e2:14: 90:38:24:6e:3d:4b:d7:5f:b0:8e:a1:5d:66:9f:78:6d:4b:19: b2:22:ab:24:d8:7f:85:a4:8b:21:98:1f:41:4d:d2:20:3e:a3: 4d:84:6e:f7:bd:13:6b:2d:bf:33:92:f3:eb:45:5b:fc:3b:26: 58:3b:d3:5f:9b:bc:04:13:e1:ba:b5:6f:cb:49:86:58:ca:7f: 76:9a:a7:d5:28:d2:83:c7:bb:55:cf:cd:02:98:22:8e:10:87: db:3d:e1:40:5a:98:45:1d:79:ce:2e:08:f3:8d:5d:be:cb:82: 5f:21:6f:4f:37:e3:de:bf:b5:b9:ef:1a:87:32:87:90:db:c4: b9:31:d7:2a:09:2d:8b:3b:ce:3e:aa:50:0d:58:d7:26:97:9e: ce:7b:a7:ca:bc:a0:3e:70:3f:22:9a:0a:d7:00:d7:6f:25:77: 2a:5f:dd:b4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjY0 N0RBQjY0NTUxMTY5NjRGQUMwMDAxMkNDQzgzMTc0RDRFNDZFMTAeFw0yNDAzMTMw MTIyMDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENFRkE5NzM5MjZEREI2 Q0JGQjg0MjUxQzk4NTlGMjhFNTQ0ODNBMjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDy9UdA5WbVTendL8+EisIdJq56S+A+xy4bMj8j4lu6bOM838+7 EuCTVhFyk+bx3D2TiGP4Ujnf1sFsS1gbeeQ5jirEEUL6jb2fQDIyPdKVlKR9cpUN lArDa91XFNHrh4xjPvkCR5700cpUZStc+5ZH8b+hPbPtBkgx/fDIXpd2akl8hNaN 2SI+Fa4gD/R/eY2vK2WcKGO51lxAUx4zIh6mk2y/VA2nWKtUXUNGvWfqtad8EmF8 zTGQ1wDKt133VMieFOhaVQ3m/GJdlrdJvhalXqkYMxZwQFBL2jVvKYgw0YLsgcAV 9A3MgCPzT8NClcRvhhxpvhpumfrd7E9OBriVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUzvqXOSbdtsv7hCUcmFnyjlRIOigwHwYDVR0jBBgwFoAUZkfatkVRFpZPrAAB LMyDF01ORuEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgy My9aa2ZhdGtWUkZwWlByQUFCTE15REYwMU9SdUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1prZmF0a1ZSRnBaUHJBQUJMTXlERjAxT1J1RS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MjMvenZxWE9TYmR0c3Y3 aENVY21GbnlqbFJJT2lnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGd8MDANBgkqhkiG9w0BAQsFAAOCAQEAGolR4lWxYM5NeYzPqrUDyTcKOq3k BjqY3yq5G4Cu3/m/DGy/pow1EtXvpC0F4On1MUp1FT2k+r00tucpQE8wZZchJ6Vp Mbv3ICFWdDakP87cgMBu7/adyuIUkDgkbj1L11+wjqFdZp94bUsZsiKrJNh/haSL IZgfQU3SID6jTYRu970Tay2/M5Lz60Vb/DsmWDvTX5u8BBPhurVvy0mGWMp/dpqn 1SjSg8e7Vc/NApgijhCH2z3hQFqYRR15zi4I841dvsuCXyFvTzfj3r+1ue8ahzKH kNvEuTHXKgktizvOPqpQDVjXJpeeznunyrygPnA/IpoK1wDXbyV3Kl/dtA== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org