$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2967/42kVhFF8wxOBue5NJFO1l_iHa2Q.roa File: 42kVhFF8wxOBue5NJFO1l_iHa2Q.roa (raw, json) Hash identifier: r3pnhQ8+ygKG3h22zKzU8+0gWCzpAL2/Z4AZticGRE4= Subject key identifier: E3:69:15:84:51:7C:C3:13:81:B9:EE:4D:24:53:B5:97:F8:87:6B:64 Certificate issuer: /CN=0AB6F528865292E198F98B68B72D98D130AF532E Certificate serial: 0CA5 Authority key identifier: 0A:B6:F5:28:86:52:92:E1:98:F9:8B:68:B7:2D:98:D1:30:AF:53:2E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/42kVhFF8wxOBue5NJFO1l_iHa2Q.roa Signing time: Wed 13 Mar 2024 01:22:19 +0000 ROA not before: Wed 13 Mar 2024 01:22:19 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 398704 IP address blocks: 103.150.130.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 04 May 2024 23:55:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3237 (0xca5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0AB6F528865292E198F98B68B72D98D130AF532E Validity Not Before: Mar 13 01:22:19 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=E3691584517CC31381B9EE4D2453B597F8876B64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6e:a8:8c:ca:5d:71:e9:10:68:29:56:f5:9a: 62:31:2c:03:9f:0c:66:09:98:71:4b:15:c8:84:c4: 55:10:aa:bb:6d:ee:b8:de:35:4b:1c:1c:dc:df:be: 43:f0:75:2f:43:4c:6f:03:6d:83:41:4f:6f:ae:66: 73:82:c7:2f:5d:e9:6f:95:86:dd:9b:af:9f:dc:40: 9a:80:96:3b:17:d2:85:3d:13:26:0f:fc:53:25:12: 55:da:1c:11:f7:5d:7b:0c:7f:1f:43:f2:27:1c:90: 43:14:57:6f:fe:0b:ad:31:51:b5:c8:43:08:e0:e1: a3:af:19:21:6d:77:77:f4:90:b3:04:d1:b5:17:20: fd:05:d1:4a:c7:1b:36:f7:f0:f9:ed:90:68:4a:fd: 80:4c:14:d0:d9:ec:57:71:4e:ca:c9:4c:63:25:a6: 45:bc:88:d4:e8:88:f9:7d:49:fa:70:9b:47:3f:8a: 01:aa:d1:33:38:2e:25:59:e7:ce:ca:bc:fe:25:b3: f1:ca:17:c6:95:39:37:a7:7c:2a:df:dc:80:e3:eb: b1:99:5a:51:5c:48:7d:2e:17:46:cb:25:96:47:66: 5f:b4:0c:d2:56:72:42:e0:cd:e0:73:28:64:7e:e2: b5:d9:80:e6:fb:14:56:dc:7c:b0:14:fe:d9:23:fe: 63:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:69:15:84:51:7C:C3:13:81:B9:EE:4D:24:53:B5:97:F8:87:6B:64 X509v3 Authority Key Identifier: keyid:0A:B6:F5:28:86:52:92:E1:98:F9:8B:68:B7:2D:98:D1:30:AF:53:2E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Crb1KIZSkuGY-Ytoty2Y0TCvUy4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2967/42kVhFF8wxOBue5NJFO1l_iHa2Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.150.130.0/23 Signature Algorithm: sha256WithRSAEncryption 7e:d8:99:06:db:db:ae:92:f0:cc:62:0e:a6:3e:e7:f2:52:df: 63:7a:ab:4a:0d:ad:4a:95:0e:8d:3e:32:26:3d:b7:dc:19:e5: b1:07:e7:73:fd:04:69:b8:60:7a:80:50:83:8c:e8:9f:ac:a3: f7:ef:fe:25:d3:b3:bf:77:d9:8f:56:ed:48:59:4a:26:69:d7: 07:17:73:98:a8:e8:ac:9a:9b:b7:b2:3b:51:d2:72:ac:8b:33: 37:8e:88:c5:54:21:3d:9e:bc:e8:19:8d:54:34:2b:2e:64:2c: 3b:c9:f3:52:84:4d:74:a0:44:0d:4e:52:63:57:59:9e:41:38: bb:8c:ec:a1:23:02:b3:cd:a2:4a:dc:15:d1:1f:29:44:36:0c: 9c:f7:67:49:2b:b8:dd:20:5c:86:17:52:8f:ac:02:97:40:de: e4:3d:7e:b5:d5:c6:94:96:99:55:0e:5f:0a:e0:e2:fa:85:b0: 38:c7:0f:9e:08:fe:19:a4:e9:65:d5:be:16:5e:02:25:4d:ce: 63:50:50:45:b6:e6:fe:a0:4e:f3:7d:d1:c0:11:73:d5:a0:64: 46:8f:a2:d8:0d:81:f6:65:4b:02:42:57:97:26:e1:01:ac:c9: f2:cc:55:a6:21:e7:a9:87:12:0e:0d:9e:56:12:07:03:9a:c1: 47:9c:7b:5a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEFC NkY1Mjg4NjUyOTJFMTk4Rjk4QjY4QjcyRDk4RDEzMEFGNTMyRTAeFw0yNDAzMTMw MTIyMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzNjkxNTg0NTE3Q0Mz MTM4MUI5RUU0RDI0NTNCNTk3Rjg4NzZCNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCrbqiMyl1x6RBoKVb1mmIxLAOfDGYJmHFLFciExFUQqrtt7rje NUscHNzfvkPwdS9DTG8DbYNBT2+uZnOCxy9d6W+Vht2br5/cQJqAljsX0oU9EyYP /FMlElXaHBH3XXsMfx9D8icckEMUV2/+C60xUbXIQwjg4aOvGSFtd3f0kLME0bUX IP0F0UrHGzb38PntkGhK/YBMFNDZ7FdxTsrJTGMlpkW8iNToiPl9Sfpwm0c/igGq 0TM4LiVZ587KvP4ls/HKF8aVOTenfCrf3IDj67GZWlFcSH0uF0bLJZZHZl+0DNJW ckLgzeBzKGR+4rXZgOb7FFbcfLAU/tkj/mO9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU42kVhFF8wxOBue5NJFO1l/iHa2QwHwYDVR0jBBgwFoAUCrb1KIZSkuGY+Yto ty2Y0TCvUy4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk2 Ny9DcmIxS0laU2t1R1ktWXRvdHkyWTBUQ3ZVeTQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0NyYjFLSVpTa3VHWS1ZdG90eTJZMFRDdlV5NC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5NjcvNDJrVmhGRjh3eE9C dWU1TkpGTzFsX2lIYTJRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeWgjANBgkqhkiG9w0BAQsFAAOCAQEAftiZBtvbrpLwzGIOpj7n8lLfY3qr Sg2tSpUOjT4yJj233BnlsQfnc/0EabhgeoBQg4zon6yj9+/+JdOzv3fZj1btSFlK JmnXBxdzmKjorJqbt7I7UdJyrIszN46IxVQhPZ686BmNVDQrLmQsO8nzUoRNdKBE DU5SY1dZnkE4u4zsoSMCs82iStwV0R8pRDYMnPdnSSu43SBchhdSj6wCl0De5D1+ tdXGlJaZVQ5fCuDi+oWwOMcPngj+GaTpZdW+Fl4CJU3OY1BQRbbm/qBO833RwBFz 1aBkRo+i2A2B9mVLAkJXlybhAazJ8sxVpiHnqYcSDg2eVhIHA5rBR5x7Wg== -----END CERTIFICATE-----Generated at Sat May 4 21:35:34 2024 by rpki-client on console-fra.rpki-client.org