$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/KUju08L-usP_Yr1lDh5ITxKH6eQ.roa File: KUju08L-usP_Yr1lDh5ITxKH6eQ.roa (raw, json) Hash identifier: e7zv3No7BKZ5I9Nr1Dt9jkNIhRWV0EIS6TMFEHeZTro= Subject key identifier: 29:48:EE:D3:C2:FE:BA:C3:FF:62:BD:65:0E:1E:48:4F:12:87:E9:E4 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 1BDD Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/KUju08L-usP_Yr1lDh5ITxKH6eQ.roa Signing time: Wed 13 Mar 2024 01:23:27 +0000 ROA not before: Wed 13 Mar 2024 01:23:27 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139139 IP address blocks: 103.152.186.0/24 maxlen: 24 103.152.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7133 (0x1bdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Mar 13 01:23:27 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=2948EED3C2FEBAC3FF62BD650E1E484F1287E9E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:cb:47:8c:be:80:25:ea:45:91:c9:10:b2:c1: 46:f6:2e:07:54:f9:8b:b4:cb:bd:89:c1:26:ed:5e: ce:c3:8b:1e:3d:72:bd:e7:23:cb:a1:86:50:b3:98: ce:23:59:98:c0:c5:e2:8c:f7:78:2d:2a:29:80:4f: bf:9f:4e:8b:ae:d2:23:05:bf:04:ff:ed:df:dc:10: 58:fb:3d:5a:d0:45:e3:b3:11:48:cd:fa:87:32:48: f8:16:57:c4:4f:65:6d:a4:af:23:c6:11:9d:0f:70: 07:82:46:77:ba:9a:44:35:5a:6c:42:7c:55:88:32: d4:2a:94:b1:7a:4f:de:67:79:87:d9:08:a6:fe:25: a3:48:30:75:1c:3b:bf:93:38:83:12:c5:a7:e8:1d: a7:9a:03:4e:d1:3e:c3:d4:4d:5c:77:54:02:fb:ac: 1c:47:e0:7a:91:cd:17:45:cb:29:27:f6:a4:cb:25: dd:ff:83:1a:cf:5e:4b:c4:42:b6:42:00:f9:3f:f3: 2a:f4:7c:1c:e5:43:fa:0f:6a:1a:9b:f8:02:76:66: ca:66:3e:ce:47:36:1d:35:32:fa:e6:66:e7:51:dc: 3c:cf:a9:10:2b:64:3d:e6:b6:ed:8f:9d:e2:dd:15: 10:37:d9:b8:2a:0d:59:20:cb:7e:f3:a5:69:e1:7b: 11:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:48:EE:D3:C2:FE:BA:C3:FF:62:BD:65:0E:1E:48:4F:12:87:E9:E4 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/KUju08L-usP_Yr1lDh5ITxKH6eQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.186.0/23 Signature Algorithm: sha256WithRSAEncryption 43:9d:0f:8a:cb:de:23:c8:4c:29:b8:e7:2b:e5:7b:05:e0:15: 67:04:b4:ca:58:90:5e:e4:e2:0e:a9:e1:8e:67:c5:a6:db:f0: 92:8b:83:8a:2b:3c:ce:81:11:23:6a:1f:8a:7b:d6:46:8d:65: 8c:fe:6b:e8:15:41:7a:9f:47:c1:30:e5:5d:24:4e:43:de:61: 4d:4b:31:d4:90:f3:a0:4f:63:5b:35:6f:ca:12:95:90:90:99: 65:51:70:39:a0:2a:93:e7:a9:be:77:2b:81:8c:ec:ff:60:09: ed:4f:d7:f5:5f:71:dd:18:26:9d:f6:6e:e9:35:a1:c2:76:87: e0:0a:82:31:e0:23:a7:d2:b0:8e:3c:9c:c5:a9:9f:af:f1:1c: 0f:87:76:e2:b9:66:35:63:35:3a:0d:41:37:00:bf:cc:53:8a: fb:6b:2c:45:a8:2f:c3:dd:0d:47:5f:96:5c:9e:bb:b9:e1:e9: e2:7e:3f:0e:12:fd:2a:2c:35:50:8b:10:f3:c8:20:3f:ff:ad: 7d:3a:a0:d4:f4:80:a0:6f:52:44:7a:18:c1:af:52:71:0b:7c: fa:2b:4f:b9:d9:e2:50:1d:27:2d:55:df:6a:bc:fb:98:83:b8: b6:67:79:05:24:58:f3:f4:e1:4f:53:cd:92:1b:3a:bb:be:89: c3:47:be:4b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICG90wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDAzMTMw MTIzMjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDI5NDhFRUQzQzJGRUJB QzNGRjYyQkQ2NTBFMUU0ODRGMTI4N0U5RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1y0eMvoAl6kWRyRCywUb2LgdU+Yu0y72JwSbtXs7Dix49cr3n I8uhhlCzmM4jWZjAxeKM93gtKimAT7+fTouu0iMFvwT/7d/cEFj7PVrQReOzEUjN +ocySPgWV8RPZW2kryPGEZ0PcAeCRne6mkQ1WmxCfFWIMtQqlLF6T95neYfZCKb+ JaNIMHUcO7+TOIMSxafoHaeaA07RPsPUTVx3VAL7rBxH4HqRzRdFyykn9qTLJd3/ gxrPXkvEQrZCAPk/8yr0fBzlQ/oPahqb+AJ2ZspmPs5HNh01MvrmZudR3DzPqRAr ZD3mtu2PneLdFRA32bgqDVkgy37zpWnhexFhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUKUju08L+usP/Yr1lDh5ITxKH6eQwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvS1VqdTA4TC11c1Bf WXIxbERoNUlUeEtINmVRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAQ50PisveI8hMKbjnK+V7BeAVZwS0 yliQXuTiDqnhjmfFptvwkouDiis8zoERI2ofinvWRo1ljP5r6BVBep9HwTDlXSRO Q95hTUsx1JDzoE9jWzVvyhKVkJCZZVFwOaAqk+epvncrgYzs/2AJ7U/X9V9x3Rgm nfZu6TWhwnaH4AqCMeAjp9Kwjjycxamfr/EcD4d24rlmNWM1Og1BNwC/zFOK+2ss Ragvw90NR1+WXJ67ueHp4n4/DhL9Kiw1UIsQ88ggP/+tfTqg1PSAoG9SRHoYwa9S cQt8+itPudniUB0nLVXfarz7mIO4tmd5BSRY8/ThT1PNkhs6u76Jw0e+Sw== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org