$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2841/3kjNtkidAoErsrBp5gKOIPHuGfw.roa File: 3kjNtkidAoErsrBp5gKOIPHuGfw.roa (raw, json) Hash identifier: ar4H+pcKNVE/3xIg92G71Vz4h92JE1lp2PquBtHf+LY= Subject key identifier: DE:48:CD:B6:48:9D:02:81:2B:B2:B0:69:E6:02:8E:20:F1:EE:19:FC Certificate issuer: /CN=51A5666D323BF842F6044CE71059773E2271B013 Certificate serial: 15CB Authority key identifier: 51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/3kjNtkidAoErsrBp5gKOIPHuGfw.roa Signing time: Wed 13 Mar 2024 01:22:43 +0000 ROA not before: Wed 13 Mar 2024 01:22:43 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 54600 IP address blocks: 103.126.100.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 15:25:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5579 (0x15cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=51A5666D323BF842F6044CE71059773E2271B013 Validity Not Before: Mar 13 01:22:43 2024 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=DE48CDB6489D02812BB2B069E6028E20F1EE19FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:b5:d9:6f:31:fe:df:b0:d3:05:61:fd:3b:de: 88:42:78:36:ab:91:d0:65:7d:8e:0d:f5:0f:f1:24: 17:08:5f:f8:16:d3:60:fc:16:0d:9c:37:2d:4e:ce: 07:e2:60:52:c1:e7:78:88:2e:3d:52:c5:1f:8b:29: e1:0d:56:3e:85:d9:42:db:80:63:6f:df:80:54:ae: 80:ad:47:4f:08:a2:91:28:11:f3:34:1f:c9:c9:eb: 2c:cf:2c:c7:d4:07:83:e1:d2:e8:e9:a5:e1:93:1f: e0:24:b7:c6:f2:95:eb:45:7e:5d:63:c9:57:18:8b: a5:6e:58:ce:9f:e3:b0:ed:71:6d:34:9b:f8:ee:0a: d3:13:ae:c0:65:e5:24:51:ef:18:f4:af:da:fe:99: f7:1b:33:e9:dc:d7:66:ba:45:39:19:ac:96:8e:42: 9f:f0:fc:77:b3:f4:f8:35:28:19:c0:38:f2:43:da: 73:29:39:cd:a3:82:0d:49:23:8e:13:6b:7b:92:0b: 98:f7:00:83:aa:fa:3a:6d:c4:17:50:46:42:f2:13: 99:d0:00:cd:fe:9c:d5:82:d0:9f:df:ef:7f:c6:9b: c0:2e:fc:67:78:5f:70:56:87:9b:3a:10:e2:b3:4e: 48:98:49:cb:e8:28:78:aa:23:54:76:25:a8:82:b4: c8:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:48:CD:B6:48:9D:02:81:2B:B2:B0:69:E6:02:8E:20:F1:EE:19:FC X509v3 Authority Key Identifier: keyid:51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/3kjNtkidAoErsrBp5gKOIPHuGfw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.126.100.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:dd:9d:9e:15:f2:66:85:20:52:58:ab:a0:15:a2:c3:c1:ec: 87:67:b0:0d:6e:6c:eb:5b:f0:77:c1:78:92:ea:5a:e7:03:85: bd:ce:bf:0b:55:1c:bf:93:aa:7f:52:d8:3a:70:76:c5:49:c6: 25:db:d5:bb:d2:53:83:18:66:a1:86:6e:c2:36:e7:00:03:fa: d6:c1:19:70:49:54:31:db:a8:ba:d9:af:7d:08:c8:c2:eb:43: bc:76:6b:77:16:0c:52:ea:5b:f8:8a:c4:3d:08:1b:e9:ff:df: 33:d9:e6:19:a0:41:3b:c1:93:a6:8d:05:bd:b2:42:48:a7:88: 3b:ef:14:80:3c:05:ca:67:93:c2:8c:21:b1:2e:c0:91:06:0f: 30:c2:c7:f1:66:4c:94:72:7b:2c:76:c0:09:b7:f5:05:ce:8d: 00:a3:8d:f3:9d:e0:23:5e:46:ef:5f:a5:ff:4e:e7:bb:3f:42: d0:b0:33:46:86:f6:cd:cd:d6:73:7b:a1:97:79:c9:32:e7:9d: b5:f1:83:4d:73:52:69:0a:6b:52:c4:33:cd:e0:8b:9d:49:53: d5:5e:ed:a2:a9:34:86:69:b3:1e:11:95:99:8a:f8:ae:30:4f: 65:bb:ea:d6:39:a1:89:9c:52:9a:69:47:6a:09:0e:0d:d8:8d: 50:99:d7:53 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFB NTY2NkQzMjNCRjg0MkY2MDQ0Q0U3MTA1OTc3M0UyMjcxQjAxMzAeFw0yNDAzMTMw MTIyNDNaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKERFNDhDREI2NDg5RDAy ODEyQkIyQjA2OUU2MDI4RTIwRjFFRTE5RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDttdlvMf7fsNMFYf073ohCeDarkdBlfY4N9Q/xJBcIX/gW02D8 Fg2cNy1OzgfiYFLB53iILj1SxR+LKeENVj6F2ULbgGNv34BUroCtR08IopEoEfM0 H8nJ6yzPLMfUB4Ph0ujppeGTH+Akt8byletFfl1jyVcYi6VuWM6f47DtcW00m/ju CtMTrsBl5SRR7xj0r9r+mfcbM+nc12a6RTkZrJaOQp/w/Hez9Pg1KBnAOPJD2nMp Oc2jgg1JI44Ta3uSC5j3AIOq+jptxBdQRkLyE5nQAM3+nNWC0J/f73/Gm8Au/Gd4 X3BWh5s6EOKzTkiYScvoKHiqI1R2JaiCtMiTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3kjNtkidAoErsrBp5gKOIPHuGfwwHwYDVR0jBBgwFoAUUaVmbTI7+EL2BEzn EFl3PiJxsBMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg0 MS9VYVZtYlRJNy1FTDJCRXpuRUZsM1BpSnhzQk0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1VhVm1iVEk3LUVMMkJFem5FRmwzUGlKeHNCTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4NDEvM2tqTnRraWRBb0Vy c3JCcDVnS09JUEh1R2Z3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd+ZDANBgkqhkiG9w0BAQsFAAOCAQEAT92dnhXyZoUgUliroBWiw8Hsh2ew DW5s61vwd8F4kupa5wOFvc6/C1Ucv5Oqf1LYOnB2xUnGJdvVu9JTgxhmoYZuwjbn AAP61sEZcElUMduoutmvfQjIwutDvHZrdxYMUupb+IrEPQgb6f/fM9nmGaBBO8GT po0FvbJCSKeIO+8UgDwFymeTwowhsS7AkQYPMMLH8WZMlHJ7LHbACbf1Bc6NAKON 853gI15G71+l/07nuz9C0LAzRob2zc3Wc3uhl3nJMuedtfGDTXNSaQprUsQzzeCL nUlT1V7toqk0hmmzHhGVmYr4rjBPZbvq1jmhiZxSmmlHagkODdiNUJnXUw== -----END CERTIFICATE-----Generated at Thu May 2 10:20:45 2024 by rpki-client on console-ams.rpki-client.org