$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2988/YxFSqle41GMyJITKCjdPWjHnH0M.roa File: YxFSqle41GMyJITKCjdPWjHnH0M.roa (raw, json) Hash identifier: awTNs5ayoiAAs+vrlSqsjGB3zkXCqChWbBnObGOG/8Q= Subject key identifier: 63:11:52:AA:57:B8:D4:63:32:24:84:CA:0A:37:4F:5A:31:E7:1F:43 Certificate issuer: /CN=012D4317BCA1660F88066F890F8C04AF557000CB Certificate serial: 1C5E Authority key identifier: 01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/YxFSqle41GMyJITKCjdPWjHnH0M.roa Signing time: Sun 07 Apr 2024 11:10:04 +0000 ROA not before: Sun 07 Apr 2024 11:10:04 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4538 IP address blocks: 103.152.186.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7262 (0x1c5e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=012D4317BCA1660F88066F890F8C04AF557000CB Validity Not Before: Apr 7 11:10:04 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=631152AA57B8D463322484CA0A374F5A31E71F43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:24:b4:56:9d:d0:3d:b0:5b:b5:da:e5:f0:01: 29:b2:10:95:a0:d7:7c:c2:bf:87:cf:07:21:71:af: 34:af:0d:ae:23:3e:eb:56:dd:55:cf:92:02:40:a5: 5a:d5:32:71:ab:24:fd:3a:f7:4d:36:6f:f1:11:e3: ac:82:4e:ce:36:07:cd:cd:a5:81:8a:08:6d:73:0b: 64:34:84:9c:89:6f:b5:35:94:18:d8:df:38:2c:12: c8:cb:c7:cc:15:78:50:2d:78:0c:8a:17:3d:82:50: c3:15:08:6b:f0:8c:1c:33:0c:7a:65:36:02:11:f8: c7:b2:f3:8a:a6:ea:19:c5:63:e4:f7:93:b0:8f:0d: 88:8f:ef:61:83:5c:4e:d1:11:08:fb:da:7d:d8:9f: 4b:17:cd:27:71:47:fb:63:55:6c:90:e0:d0:81:d5: 60:f8:d2:cf:d5:e2:5c:32:16:f4:80:38:30:72:82: 76:c5:89:6e:6d:1f:57:90:ee:c0:af:ca:10:aa:ac: 1c:22:5e:c2:22:1e:a6:32:a5:8d:5c:c9:57:fd:57: 93:6d:1a:08:4f:46:c1:bb:83:90:31:71:f4:22:4f: 6d:59:34:a8:e0:ce:e6:90:32:51:10:3a:6a:02:89: f5:fc:b0:a1:7d:ec:18:6f:4e:cf:a6:04:92:68:77: 52:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:11:52:AA:57:B8:D4:63:32:24:84:CA:0A:37:4F:5A:31:E7:1F:43 X509v3 Authority Key Identifier: keyid:01:2D:43:17:BC:A1:66:0F:88:06:6F:89:0F:8C:04:AF:55:70:00:CB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/AS1DF7yhZg-IBm-JD4wEr1VwAMs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AS1DF7yhZg-IBm-JD4wEr1VwAMs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2988/YxFSqle41GMyJITKCjdPWjHnH0M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.186.0/23 Signature Algorithm: sha256WithRSAEncryption 91:f2:b0:33:0c:e7:fc:9c:87:fa:1e:cd:37:3d:0e:2e:8f:1b: e8:f1:da:df:13:25:fe:46:79:3f:a6:93:c4:29:f2:c4:53:18: 06:40:d4:90:95:0f:2f:ba:e9:11:59:11:22:bf:3c:94:06:90: 86:53:b1:6a:57:fe:c5:2b:9b:1f:7a:cd:c6:ed:b3:cf:3c:02: 5f:a4:d5:5a:93:20:a3:0e:09:89:d6:3f:92:51:8e:d9:85:cb: 10:1c:07:11:98:00:df:d8:ab:c8:71:0d:92:fc:f9:92:70:66: 5c:64:79:f3:bb:96:b6:70:e2:f5:38:e5:36:0a:22:a1:28:9c: a0:da:54:66:e7:8a:26:23:64:08:7c:95:d8:12:6a:6e:5f:7d: 2f:7b:e2:a9:5f:53:14:2d:b1:1a:cc:b7:54:8e:3f:c8:6a:d4: 3a:03:0e:cf:90:4a:e1:1d:7c:d1:bd:d6:c4:7a:51:e0:9f:03: cc:f2:f5:62:27:37:c1:e9:1a:69:ab:c5:ab:a6:88:8c:9a:5b: b8:ee:0c:94:88:9d:7b:d3:03:de:35:e9:fb:cf:c2:d5:55:68: 48:da:27:ba:a6:b5:d9:83:55:17:fc:03:df:fb:76:b5:12:91: 4b:de:e4:33:45:5e:51:f2:44:75:02:54:89:12:c3:d1:a1:ee: ab:c5:98:23 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDEy RDQzMTdCQ0ExNjYwRjg4MDY2Rjg5MEY4QzA0QUY1NTcwMDBDQjAeFw0yNDA0MDcx MTEwMDRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzMTE1MkFBNTdCOEQ0 NjMzMjI0ODRDQTBBMzc0RjVBMzFFNzFGNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDUJLRWndA9sFu12uXwASmyEJWg13zCv4fPByFxrzSvDa4jPutW 3VXPkgJApVrVMnGrJP069002b/ER46yCTs42B83NpYGKCG1zC2Q0hJyJb7U1lBjY 3zgsEsjLx8wVeFAteAyKFz2CUMMVCGvwjBwzDHplNgIR+Mey84qm6hnFY+T3k7CP DYiP72GDXE7REQj72n3Yn0sXzSdxR/tjVWyQ4NCB1WD40s/V4lwyFvSAODBygnbF iW5tH1eQ7sCvyhCqrBwiXsIiHqYypY1cyVf9V5NtGghPRsG7g5AxcfQiT21ZNKjg zuaQMlEQOmoCifX8sKF97BhvTs+mBJJod1KrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYxFSqle41GMyJITKCjdPWjHnH0MwHwYDVR0jBBgwFoAUAS1DF7yhZg+IBm+J D4wEr1VwAMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk4 OC9BUzFERjd5aFpnLUlCbS1KRDR3RXIxVndBTXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FTMURGN3loWmctSUJtLUpENHdFcjFWd0FNcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5ODgvWXhGU3FsZTQxR015 SklUS0NqZFBXakhuSDBNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeYujANBgkqhkiG9w0BAQsFAAOCAQEAkfKwMwzn/JyH+h7NNz0OLo8b6PHa 3xMl/kZ5P6aTxCnyxFMYBkDUkJUPL7rpEVkRIr88lAaQhlOxalf+xSubH3rNxu2z zzwCX6TVWpMgow4JidY/klGO2YXLEBwHEZgA39iryHENkvz5knBmXGR587uWtnDi 9TjlNgoioSicoNpUZueKJiNkCHyV2BJqbl99L3viqV9TFC2xGsy3VI4/yGrUOgMO z5BK4R180b3WxHpR4J8DzPL1Yic3wekaaavFq6aIjJpbuO4MlIide9MD3jXp+8/C 1VVoSNonuqa12YNVF/wD3/t2tRKRS97kM0VeUfJEdQJUiRLD0aHuq8WYIw== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org