$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2841/AzWqyd4MlDc-A6cBa6jKSClmnSs.roa File: AzWqyd4MlDc-A6cBa6jKSClmnSs.roa (raw, json) Hash identifier: WhQHFaoeV907FbvPKSpJJd8U14sI8Y3aHrh4RfjcgYM= Subject key identifier: 03:35:AA:C9:DE:0C:94:37:3E:03:A7:01:6B:A8:CA:48:29:66:9D:2B Certificate issuer: /CN=51A5666D323BF842F6044CE71059773E2271B013 Certificate serial: 198D Authority key identifier: 51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/AzWqyd4MlDc-A6cBa6jKSClmnSs.roa Signing time: Tue 24 Sep 2024 00:19:48 +0000 ROA not before: Tue 24 Sep 2024 00:19:48 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 54600 IP address blocks: 103.126.100.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 13:22:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6541 (0x198d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=51A5666D323BF842F6044CE71059773E2271B013 Validity Not Before: Sep 24 00:19:48 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=0335AAC9DE0C94373E03A7016BA8CA4829669D2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ee:21:c6:c7:f2:cb:e2:3e:df:ff:5a:54:d2: fe:22:40:ce:81:dd:c8:e2:9f:c2:b4:2a:3a:c2:d0: da:e3:57:18:ff:b7:40:c1:64:3b:02:1f:a6:ac:0a: 83:1b:53:46:0a:d1:cd:99:82:01:4b:38:87:66:37: 05:9b:92:3f:a4:a7:b4:c7:e6:dc:9d:59:53:81:49: db:8b:08:b3:27:6b:89:22:2e:32:ff:74:88:1c:46: 06:d5:ce:da:17:ca:46:b0:99:a1:93:5d:88:88:de: 85:cb:57:d5:db:2c:2d:15:c3:32:68:b2:25:f3:c7: 4b:8f:8e:71:9b:6c:61:6e:3d:41:b8:0f:a4:a7:bb: b2:c5:ba:b2:cc:9a:39:32:60:47:35:47:ec:a5:36: d7:6a:ab:8b:75:df:6c:b3:6c:e0:f0:ff:1a:d8:22: 97:4c:0b:a3:d3:ea:1c:5a:48:cf:53:0d:3c:28:56: 03:0e:1c:39:6b:c0:88:49:5b:b7:93:db:ce:5c:0e: e2:28:45:1c:2e:19:a8:56:66:b5:be:e2:7c:53:fd: cf:f0:d7:7a:56:e7:a6:3a:ae:cd:b5:6b:33:96:aa: a3:e6:93:73:dd:66:1f:17:27:eb:b4:93:de:32:1d: 74:6f:c2:cf:ab:29:a8:3a:59:41:3c:fe:fa:a0:2f: aa:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:35:AA:C9:DE:0C:94:37:3E:03:A7:01:6B:A8:CA:48:29:66:9D:2B X509v3 Authority Key Identifier: keyid:51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/AzWqyd4MlDc-A6cBa6jKSClmnSs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.126.100.0/22 Signature Algorithm: sha256WithRSAEncryption 05:7f:1d:6a:fb:07:e2:1c:c8:22:8a:55:dc:af:f3:cf:50:d9: 03:4b:db:5b:5c:bc:d1:72:96:f8:e0:7b:1f:dd:dc:0b:bb:92: e0:82:7c:2e:1b:6b:e9:ba:41:35:7e:d9:8c:7f:ba:d1:21:2c: a5:09:53:b4:4d:79:78:93:fd:3e:e1:d3:9f:20:14:f6:2e:86: 18:56:d3:4a:3c:63:c0:ea:90:d6:fb:37:a6:00:7b:37:80:e4: b3:e2:c4:55:2a:b5:03:c0:4f:95:bf:3a:20:1b:77:b2:63:58: 61:dc:41:90:26:73:b4:b8:99:e3:e7:04:c1:05:6f:6d:cb:e2: 47:78:db:ad:33:8e:d7:8c:8a:9a:ac:d8:a3:ec:73:6f:e3:da: 70:d2:75:e3:10:a5:72:2e:c6:e9:b0:eb:13:3b:31:39:8d:ea: 25:fb:c0:b2:c3:1e:28:95:dd:8f:62:20:32:3d:b0:15:5b:a0: 63:56:bf:77:84:05:3f:43:d6:17:15:70:3d:97:99:dd:9b:eb: 82:80:1f:be:f4:92:d6:ca:a2:81:e9:97:de:8e:1c:f4:0f:aa: fc:42:80:42:f9:ad:f9:21:0c:65:a3:ca:73:06:a5:31:87:31: 1b:42:e9:c3:9c:75:54:f2:1d:b4:94:6f:a6:d9:cd:ba:6a:eb: 7c:cc:68:91 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGY0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFB NTY2NkQzMjNCRjg0MkY2MDQ0Q0U3MTA1OTc3M0UyMjcxQjAxMzAeFw0yNDA5MjQw MDE5NDhaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDAzMzVBQUM5REUwQzk0 MzczRTAzQTcwMTZCQThDQTQ4Mjk2NjlEMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDQ7iHGx/LL4j7f/1pU0v4iQM6B3cjin8K0KjrC0NrjVxj/t0DB ZDsCH6asCoMbU0YK0c2ZggFLOIdmNwWbkj+kp7TH5tydWVOBSduLCLMna4kiLjL/ dIgcRgbVztoXykawmaGTXYiI3oXLV9XbLC0VwzJosiXzx0uPjnGbbGFuPUG4D6Sn u7LFurLMmjkyYEc1R+ylNtdqq4t132yzbODw/xrYIpdMC6PT6hxaSM9TDTwoVgMO HDlrwIhJW7eT285cDuIoRRwuGahWZrW+4nxT/c/w13pW56Y6rs21azOWqqPmk3Pd Zh8XJ+u0k94yHXRvws+rKag6WUE8/vqgL6oxAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUAzWqyd4MlDc+A6cBa6jKSClmnSswHwYDVR0jBBgwFoAUUaVmbTI7+EL2BEzn EFl3PiJxsBMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg0 MS9VYVZtYlRJNy1FTDJCRXpuRUZsM1BpSnhzQk0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1VhVm1iVEk3LUVMMkJFem5FRmwzUGlKeHNCTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4NDEvQXpXcXlkNE1sRGMt QTZjQmE2aktTQ2xtblNzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAmd+ZDANBgkqhkiG9w0BAQsFAAOCAQEABX8davsH4hzIIopV3K/zz1DZA0vb W1y80XKW+OB7H93cC7uS4IJ8Lhtr6bpBNX7ZjH+60SEspQlTtE15eJP9PuHTnyAU 9i6GGFbTSjxjwOqQ1vs3pgB7N4Dks+LEVSq1A8BPlb86IBt3smNYYdxBkCZztLiZ 4+cEwQVvbcviR3jbrTOO14yKmqzYo+xzb+PacNJ14xClci7G6bDrEzsxOY3qJfvA ssMeKJXdj2IgMj2wFVugY1a/d4QFP0PWFxVwPZeZ3ZvrgoAfvvSS1sqigemX3o4c 9A+q/EKAQvmt+SEMZaPKcwalMYcxG0Lpw5x1VPIdtJRvptnNumrrfMxokQ== -----END CERTIFICATE-----Generated at Mon Nov 25 09:08:48 2024 by rpki-client on console-ams.rpki-client.org