$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2967/3ty5UioVWXOTcrEeZGAa-VqhlMk.roa File: 3ty5UioVWXOTcrEeZGAa-VqhlMk.roa (raw, json) Hash identifier: c2aHvPO5hUA2DRVqj9ky+a5ym0654koh40ncv1OBdB0= Subject key identifier: DE:DC:B9:52:2A:15:59:73:93:72:B1:1E:64:60:1A:F9:5A:A1:94:C9 Certificate issuer: /CN=0AB6F528865292E198F98B68B72D98D130AF532E Certificate serial: 0CA6 Authority key identifier: 0A:B6:F5:28:86:52:92:E1:98:F9:8B:68:B7:2D:98:D1:30:AF:53:2E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/3ty5UioVWXOTcrEeZGAa-VqhlMk.roa Signing time: Wed 13 Mar 2024 01:22:20 +0000 ROA not before: Wed 13 Mar 2024 01:22:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 131530 IP address blocks: 103.150.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:22:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3238 (0xca6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0AB6F528865292E198F98B68B72D98D130AF532E Validity Not Before: Mar 13 01:22:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DEDCB9522A1559739372B11E64601AF95AA194C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:0f:39:43:33:20:58:13:55:76:2f:29:1f:b9: bd:a4:23:d3:fa:2b:5c:29:53:eb:75:05:a5:10:33: 61:65:51:90:e6:6c:55:e8:08:b2:e2:47:e3:9d:99: f6:cb:20:c0:10:c9:ff:b3:ae:fe:1d:56:a3:7f:31: a2:aa:b5:c3:19:a4:27:7c:7a:64:33:c6:9a:ad:a2: 14:41:d8:c0:7c:1a:5f:6f:ab:cd:a7:9e:fc:af:07: ca:32:ad:9e:41:ac:fc:29:1b:17:0e:10:cf:7a:b5: 8b:71:a2:81:8b:2d:fd:2c:a4:5b:44:e7:4e:f1:63: c9:1b:63:64:a2:6e:78:8d:1b:65:5f:6e:2f:fe:81: ff:70:31:b2:d9:9d:26:6d:ae:8f:10:78:9a:3b:25: e3:07:00:99:3b:4c:7c:4a:dd:5c:31:49:1e:68:2e: ef:95:6b:cf:b9:cc:bd:77:01:df:d9:5e:ba:14:ad: ac:04:28:1e:55:22:5a:c5:15:4f:98:42:3e:ff:b0: 91:63:47:d6:30:cf:fb:54:38:c8:2f:e3:d9:5b:19: d6:48:e9:9f:48:4c:be:2d:93:e8:c1:9a:48:25:a8: 49:d3:d8:9a:2d:4c:4b:3b:9e:24:e7:be:08:64:86: 73:99:46:cc:59:23:b2:ef:86:84:9b:1c:64:a1:8b: 60:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:DC:B9:52:2A:15:59:73:93:72:B1:1E:64:60:1A:F9:5A:A1:94:C9 X509v3 Authority Key Identifier: keyid:0A:B6:F5:28:86:52:92:E1:98:F9:8B:68:B7:2D:98:D1:30:AF:53:2E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/3ty5UioVWXOTcrEeZGAa-VqhlMk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.150.130.0/23 Signature Algorithm: sha256WithRSAEncryption 0c:cc:8f:4a:a2:9a:cf:ee:da:c8:00:df:47:32:e8:1e:16:77: 70:5c:41:8a:80:8b:b6:f5:a7:4d:07:83:1e:6a:a6:4d:e2:96: 5e:c6:f6:82:b6:72:32:c2:ee:62:af:25:14:7f:29:11:c8:c3: 79:ab:ef:ac:df:4e:ad:68:90:a9:59:91:b2:c1:fb:d1:77:fb: 99:32:53:ae:65:56:f2:8e:d3:2e:70:9e:72:2c:e4:4a:71:1e: 37:a7:7e:50:57:14:8a:f0:01:33:d5:46:be:ea:30:2f:e7:07: b4:b5:3d:82:26:e4:49:d1:3c:e4:d2:31:a9:92:a1:dc:b5:a8: b1:6c:7a:6c:f0:e6:e5:01:20:11:47:60:84:54:f6:5f:d1:0e: 50:d3:fd:d7:00:7d:5a:55:15:8b:af:4e:d3:ef:32:c1:9b:4b: 6c:b1:a2:e2:a2:33:56:a9:68:7a:ed:b2:3c:5f:a3:ed:12:e0: b2:d8:54:51:c7:9e:6b:ca:b5:1a:3a:2f:ab:9c:ef:71:f8:06: 69:91:83:fe:30:dc:ca:c4:cf:61:a8:93:12:b9:62:d4:93:26: 77:1c:fe:d5:e0:4a:e8:03:2f:48:8e:5b:96:11:08:c9:27:98: ff:21:b3:ce:ae:cd:14:04:c7:23:11:ea:06:74:4f:69:02:a2: 21:84:6d:e8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEFC NkY1Mjg4NjUyOTJFMTk4Rjk4QjY4QjcyRDk4RDEzMEFGNTMyRTAeFw0yNDAzMTMw MTIyMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERFRENCOTUyMkExNTU5 NzM5MzcyQjExRTY0NjAxQUY5NUFBMTk0QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDtDzlDMyBYE1V2Lykfub2kI9P6K1wpU+t1BaUQM2FlUZDmbFXo CLLiR+OdmfbLIMAQyf+zrv4dVqN/MaKqtcMZpCd8emQzxpqtohRB2MB8Gl9vq82n nvyvB8oyrZ5BrPwpGxcOEM96tYtxooGLLf0spFtE507xY8kbY2SibniNG2Vfbi/+ gf9wMbLZnSZtro8QeJo7JeMHAJk7THxK3VwxSR5oLu+Va8+5zL13Ad/ZXroUrawE KB5VIlrFFU+YQj7/sJFjR9Ywz/tUOMgv49lbGdZI6Z9ITL4tk+jBmkglqEnT2Jot TEs7niTnvghkhnOZRsxZI7LvhoSbHGShi2DHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU3ty5UioVWXOTcrEeZGAa+VqhlMkwHwYDVR0jBBgwFoAUCrb1KIZSkuGY+Yto ty2Y0TCvUy4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk2 Ny9DcmIxS0laU2t1R1ktWXRvdHkyWTBUQ3ZVeTQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0NyYjFLSVpTa3VHWS1ZdG90eTJZMFRDdlV5NC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5NjcvM3R5NVVpb1ZXWE9U Y3JFZVpHQWEtVnFobE1rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeWgjANBgkqhkiG9w0BAQsFAAOCAQEADMyPSqKaz+7ayADfRzLoHhZ3cFxB ioCLtvWnTQeDHmqmTeKWXsb2grZyMsLuYq8lFH8pEcjDeavvrN9OrWiQqVmRssH7 0Xf7mTJTrmVW8o7TLnCecizkSnEeN6d+UFcUivABM9VGvuowL+cHtLU9gibkSdE8 5NIxqZKh3LWosWx6bPDm5QEgEUdghFT2X9EOUNP91wB9WlUVi69O0+8ywZtLbLGi 4qIzVqloeu2yPF+j7RLgsthUUceea8q1Gjovq5zvcfgGaZGD/jDcysTPYaiTErli 1JMmdxz+1eBK6AMvSI5blhEIySeY/yGzzq7NFATHIxHqBnRPaQKiIYRt6A== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org