$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2890/tvwDmzWHcZNqivWzwOmu1lYIB9A.roa File: tvwDmzWHcZNqivWzwOmu1lYIB9A.roa (raw, json) Hash identifier: D6DySpLtWk4r//jBvuapPpDjJfCF9Xs0XH8T50WabV4= Subject key identifier: B6:FC:03:9B:35:87:71:93:6A:8A:F5:B3:C0:E9:AE:D6:56:08:07:D0 Certificate issuer: /CN=400353880B478D5B972A1204CF0651DE295F8ECA Certificate serial: 0F41 Authority key identifier: 40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/tvwDmzWHcZNqivWzwOmu1lYIB9A.roa Signing time: Sat 27 Jul 2024 07:45:28 +0000 ROA not before: Sat 27 Jul 2024 07:45:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139021 IP address blocks: 103.139.2.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:21:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3905 (0xf41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=400353880B478D5B972A1204CF0651DE295F8ECA Validity Not Before: Jul 27 07:45:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B6FC039B358771936A8AF5B3C0E9AED6560807D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:72:29:ce:46:6d:60:bb:bc:bb:eb:1b:e3:06: 1a:85:89:f9:a8:0f:44:e1:09:bd:e4:57:82:59:cd: b0:7e:98:e7:4b:32:04:fb:cb:8f:22:23:68:6c:72: 4d:cb:cd:80:71:22:bf:f9:a2:2a:38:97:04:c6:84: a4:59:0d:e8:5f:3b:65:c1:bc:16:e3:75:4d:85:ed: 9b:09:99:21:ec:13:e3:46:b9:12:81:bd:52:c5:b5: 2b:3c:f7:5b:44:8d:c8:44:c2:47:de:ad:98:d3:79: 54:57:2c:96:f0:de:ad:58:9b:dc:60:dd:5f:cd:cf: 10:33:8a:33:5c:2b:e6:a0:bb:22:38:94:b9:5f:6a: 20:82:88:18:31:31:ae:75:04:0e:84:9c:4e:c8:21: 21:61:66:6c:4a:13:89:2b:f0:33:ca:53:3a:60:05: 4c:95:34:42:de:96:a7:f5:8c:f6:43:b9:2d:28:b8: 57:95:4d:16:82:cf:ff:68:24:3f:ba:80:b3:82:d6: 71:35:fe:48:31:6a:63:c7:99:e2:18:82:23:16:36: f1:2d:dc:ed:e9:3a:24:a0:a5:5c:de:a6:f3:32:21: 6c:78:de:0c:c4:be:21:12:5f:9a:0d:fe:1d:c1:ce: e0:54:5f:a0:2b:28:ba:21:ad:6b:9a:5c:d0:b1:8d: 08:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:FC:03:9B:35:87:71:93:6A:8A:F5:B3:C0:E9:AE:D6:56:08:07:D0 X509v3 Authority Key Identifier: keyid:40:03:53:88:0B:47:8D:5B:97:2A:12:04:CF:06:51:DE:29:5F:8E:CA X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/QANTiAtHjVuXKhIEzwZR3ilfjso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/QANTiAtHjVuXKhIEzwZR3ilfjso.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2890/tvwDmzWHcZNqivWzwOmu1lYIB9A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.2.0/23 Signature Algorithm: sha256WithRSAEncryption 73:91:72:98:97:8d:a9:06:5d:bd:d7:6f:0c:21:a7:26:2b:af: 68:a5:b4:01:69:93:40:fd:18:93:fb:e5:55:1e:1b:11:a2:1a: ed:ea:53:0e:60:b1:2e:de:59:c8:e2:a2:f7:1d:d2:2b:a7:1a: 44:2e:19:8d:ab:39:44:19:64:c8:b7:4e:a2:95:5c:a5:cc:c8: fd:8c:0c:0c:94:1c:cd:95:85:ee:6f:4a:7b:fe:79:16:fc:1a: 1e:3d:da:d3:0b:2e:fb:3d:3f:d8:24:9e:b0:e6:e8:f4:c2:6a: 57:66:3c:b9:fa:01:14:2d:34:b4:6b:ce:c3:36:26:ef:99:fa: d5:b4:0d:59:14:81:09:90:63:6f:b1:7b:47:3a:e6:b7:57:44: 16:c4:08:ad:d9:5c:16:e6:65:ea:94:8d:f8:23:5e:69:da:c2: a0:53:97:7d:20:b5:c3:5c:9a:52:2d:85:07:32:d5:75:a6:60: 44:72:51:ea:a7:76:c1:37:db:ce:2a:0c:92:ae:e3:c6:fe:e9: 48:22:d4:73:c4:ac:3e:84:f2:0b:c7:85:a9:c7:94:fc:b8:76: 69:9e:f4:76:57:51:f2:25:f0:a1:3b:42:a9:51:33:fa:6d:40: 64:4c:85:4a:67:83:3c:cf:29:49:72:87:98:7a:6d:3c:c6:8f: 60:c3:45:e9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD0EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDAw MzUzODgwQjQ3OEQ1Qjk3MkExMjA0Q0YwNjUxREUyOTVGOEVDQTAeFw0yNDA3Mjcw NzQ1MjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI2RkMwMzlCMzU4Nzcx OTM2QThBRjVCM0MwRTlBRUQ2NTYwODA3RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgcinORm1gu7y76xvjBhqFifmoD0ThCb3kV4JZzbB+mOdLMgT7 y48iI2hsck3LzYBxIr/5oio4lwTGhKRZDehfO2XBvBbjdU2F7ZsJmSHsE+NGuRKB vVLFtSs891tEjchEwkferZjTeVRXLJbw3q1Ym9xg3V/NzxAzijNcK+aguyI4lLlf aiCCiBgxMa51BA6EnE7IISFhZmxKE4kr8DPKUzpgBUyVNELelqf1jPZDuS0ouFeV TRaCz/9oJD+6gLOC1nE1/kgxamPHmeIYgiMWNvEt3O3pOiSgpVzepvMyIWx43gzE viESX5oN/h3BzuBUX6ArKLohrWuaXNCxjQitAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUtvwDmzWHcZNqivWzwOmu1lYIB9AwHwYDVR0jBBgwFoAUQANTiAtHjVuXKhIE zwZR3ilfjsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg5 MC9RQU5UaUF0SGpWdVhLaElFendaUjNpbGZqc28uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1FBTlRpQXRIalZ1WEtoSUV6d1pSM2lsZmpzby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4OTAvdHZ3RG16V0hjWk5x aXZXendPbXUxbFlJQjlBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeLAjANBgkqhkiG9w0BAQsFAAOCAQEAc5FymJeNqQZdvddvDCGnJiuvaKW0 AWmTQP0Yk/vlVR4bEaIa7epTDmCxLt5ZyOKi9x3SK6caRC4Zjas5RBlkyLdOopVc pczI/YwMDJQczZWF7m9Ke/55FvwaHj3a0wsu+z0/2CSesObo9MJqV2Y8ufoBFC00 tGvOwzYm75n61bQNWRSBCZBjb7F7Rzrmt1dEFsQIrdlcFuZl6pSN+CNeadrCoFOX fSC1w1yaUi2FBzLVdaZgRHJR6qd2wTfbzioMkq7jxv7pSCLUc8SsPoTyC8eFqceU /Lh2aZ70dldR8iXwoTtCqVEz+m1AZEyFSmeDPM8pSXKHmHptPMaPYMNF6Q== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org