$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2889/uLl9tf16e7y8aZ3U5ALhXolfrZQ.roa File: uLl9tf16e7y8aZ3U5ALhXolfrZQ.roa (raw, json) Hash identifier: c+U9W5b5DtFUAJJHBPcxrLMu67ozyjfFmii0yG6Otq8= Subject key identifier: B8:B9:7D:B5:FD:7A:7B:BC:BC:69:9D:D4:E4:02:E1:5E:89:5F:AD:94 Certificate issuer: /CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Certificate serial: 1730 Authority key identifier: A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/uLl9tf16e7y8aZ3U5ALhXolfrZQ.roa Signing time: Fri 24 May 2024 02:25:28 +0000 ROA not before: Fri 24 May 2024 02:25:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139021 IP address blocks: 103.139.0.0/23 maxlen: 23 218.247.84.0/23 maxlen: 23 218.247.86.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:53:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5936 (0x1730) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A93A86712684A72E5DF41F00AFA04C5F01A97735 Validity Not Before: May 24 02:25:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B8B97DB5FD7A7BBCBC699DD4E402E15E895FAD94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:60:fb:df:38:2d:f9:b2:2d:e4:87:39:1c:26: 79:12:6f:fe:da:f5:26:a4:5c:30:63:cd:5c:47:58: 2c:03:de:5b:02:b6:59:73:5b:e0:63:6a:e5:7f:fd: 0d:04:b3:ec:16:c4:29:0f:cf:34:d1:b2:e4:88:db: e6:b0:60:c5:b2:0e:2f:d6:01:93:71:e9:a9:ae:99: 8d:d1:7c:e6:00:3d:8b:15:18:ca:63:71:19:a3:b1: 8c:2d:80:58:89:15:4a:e5:a4:48:3b:46:9e:be:1e: c4:ef:ac:fd:10:44:56:4d:c1:e7:b3:8a:23:74:91: c1:42:01:1a:2f:87:40:97:b7:06:75:b7:c3:bd:22: 8e:22:d2:21:18:57:28:07:91:ea:16:52:d9:0e:f9: 00:3c:13:fd:8f:f9:f2:f4:e7:4c:ef:51:0c:69:98: 79:f7:93:8a:f1:05:6e:bb:b3:51:34:da:0e:5a:cc: b5:2e:14:32:f3:b6:8e:37:38:81:f6:4b:2b:b5:49: d6:51:04:a3:4c:30:f4:1e:22:cc:80:ed:20:ad:ed: 1b:62:9d:61:7d:ee:a5:5d:1c:3b:ff:0f:df:77:9f: ef:37:fe:6c:73:84:02:ea:52:f8:78:11:e2:b1:c0: 19:f3:c4:35:fe:08:a8:d6:36:bf:68:6e:a4:94:9d: 2d:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:B9:7D:B5:FD:7A:7B:BC:BC:69:9D:D4:E4:02:E1:5E:89:5F:AD:94 X509v3 Authority Key Identifier: keyid:A9:3A:86:71:26:84:A7:2E:5D:F4:1F:00:AF:A0:4C:5F:01:A9:77:35 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/qTqGcSaEpy5d9B8Ar6BMXwGpdzU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2889/uLl9tf16e7y8aZ3U5ALhXolfrZQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.0.0/23 218.247.84.0/22 Signature Algorithm: sha256WithRSAEncryption 9c:a3:30:4b:08:26:14:ec:c2:02:99:b2:aa:ab:5e:50:6a:5c: 0a:9e:bd:e5:78:bf:24:0c:ee:69:64:5d:17:24:a8:20:cb:10: 88:4b:fb:b7:6f:9c:d9:77:21:db:78:32:e7:49:b3:51:6a:ca: 47:cc:1d:ba:4d:3e:92:4c:7c:29:c0:2c:ca:46:ff:c3:85:6e: 11:b7:e3:c5:ac:b1:c2:6f:ff:af:44:58:a2:a1:9a:0a:6c:7d: 7d:26:ec:7a:ed:d6:57:fe:37:fa:ed:f5:f2:c9:0f:04:7a:e0: 07:44:99:29:21:c9:87:b0:1a:37:d4:1a:76:62:e6:ea:be:59: d5:ff:fe:21:23:8d:39:ba:14:76:62:8f:16:e4:03:0c:c2:c0: b4:86:23:4b:30:97:7c:0f:85:44:e7:c2:97:24:5d:18:c5:55: 18:b6:cd:ad:5f:33:4d:be:79:7e:08:a6:bc:1e:2c:9c:35:8b: 13:37:a6:ee:9d:2d:c0:61:02:b1:3b:b3:b7:86:22:6a:b6:34: 87:8b:91:17:0d:f3:de:91:c9:67:35:d9:b9:77:a9:c1:92:79: 20:a9:ac:84:30:03:60:91:9f:72:98:33:d4:26:52:30:00:4a: 13:9b:50:f2:80:fe:f8:de:02:c5:f7:67:a9:81:df:5b:d3:20: dc:db:92:73 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICFzAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTkz QTg2NzEyNjg0QTcyRTVERjQxRjAwQUZBMDRDNUYwMUE5NzczNTAeFw0yNDA1MjQw MjI1MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI4Qjk3REI1RkQ3QTdC QkNCQzY5OURENEU0MDJFMTVFODk1RkFEOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCzYPvfOC35si3khzkcJnkSb/7a9SakXDBjzVxHWCwD3lsCtllz W+BjauV//Q0Es+wWxCkPzzTRsuSI2+awYMWyDi/WAZNx6amumY3RfOYAPYsVGMpj cRmjsYwtgFiJFUrlpEg7Rp6+HsTvrP0QRFZNweeziiN0kcFCARovh0CXtwZ1t8O9 Io4i0iEYVygHkeoWUtkO+QA8E/2P+fL050zvUQxpmHn3k4rxBW67s1E02g5azLUu FDLzto43OIH2Syu1SdZRBKNMMPQeIsyA7SCt7RtinWF97qVdHDv/D993n+83/mxz hALqUvh4EeKxwBnzxDX+CKjWNr9obqSUnS1VAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUuLl9tf16e7y8aZ3U5ALhXolfrZQwHwYDVR0jBBgwFoAUqTqGcSaEpy5d9B8A r6BMXwGpdzUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg4 OS9xVHFHY1NhRXB5NWQ5QjhBcjZCTVh3R3BkelUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3FUcUdjU2FFcHk1ZDlCOEFyNkJNWHdHcGR6VS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4ODkvdUxsOXRmMTZlN3k4 YVozVTVBTGhYb2xmclpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEw DAMEAWeLAAMEAtr3VDANBgkqhkiG9w0BAQsFAAOCAQEAnKMwSwgmFOzCApmyqqte UGpcCp695Xi/JAzuaWRdFySoIMsQiEv7t2+c2Xch23gy50mzUWrKR8wduk0+kkx8 KcAsykb/w4VuEbfjxayxwm//r0RYoqGaCmx9fSbseu3WV/43+u318skPBHrgB0SZ KSHJh7AaN9QadmLm6r5Z1f/+ISONOboUdmKPFuQDDMLAtIYjSzCXfA+FROfClyRd GMVVGLbNrV8zTb55fgimvB4snDWLEzem7p0twGECsTuzt4YiarY0h4uRFw3z3pHJ ZzXZuXepwZJ5IKmshDADYJGfcpgz1CZSMABKE5tQ8oD++N4CxfdnqYHfW9Mg3NuS cw== -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:39 2024 by rpki-client on console-fra.rpki-client.org