$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2994/ObV1EwOf_xKxvkjyxZX3fPfjjhg.roa File: ObV1EwOf_xKxvkjyxZX3fPfjjhg.roa (raw, json) Hash identifier: aC/D4SGWKN5MpbX7jVbeUdllRiJHyjoSAnU78TKLKbs= Subject key identifier: 39:B5:75:13:03:9F:FF:12:B1:BE:48:F2:C5:95:F7:7C:F7:E3:8E:18 Certificate issuer: /CN=17AC375112A562461949A3660A23C7E71C06335F Certificate serial: 1F Authority key identifier: 17:AC:37:51:12:A5:62:46:19:49:A3:66:0A:23:C7:E7:1C:06:33:5F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F6w3URKlYkYZSaNmCiPH5xwGM18.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/ObV1EwOf_xKxvkjyxZX3fPfjjhg.roa Signing time: Thu 19 Sep 2024 04:20:08 +0000 ROA not before: Thu 19 Sep 2024 04:20:08 +0000 ROA not after: Sat 13 Sep 2025 09:30:43 +0000 asID: 152475 IP address blocks: 103.152.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F6w3URKlYkYZSaNmCiPH5xwGM18.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F6w3URKlYkYZSaNmCiPH5xwGM18.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F6w3URKlYkYZSaNmCiPH5xwGM18.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31 (0x1f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17AC375112A562461949A3660A23C7E71C06335F Validity Not Before: Sep 19 04:20:08 2024 GMT Not After : Sep 13 09:30:43 2025 GMT Subject: CN=39B57513039FFF12B1BE48F2C595F77CF7E38E18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:21:c7:fb:ba:bd:82:89:5f:6e:be:7d:4c:dd: 8e:e6:d8:1c:8a:cc:bd:b6:f5:ab:f9:11:94:87:51: 21:b2:40:bf:24:24:98:22:21:2a:0d:46:7c:0e:4d: af:da:31:13:c8:e1:e2:f3:b8:ce:33:a3:6e:d1:bc: f5:7c:f8:28:37:a5:8e:dd:2b:1f:89:70:62:16:9e: 1c:11:1a:f1:46:5c:9b:0e:2a:2a:ba:14:78:57:d7: 37:6a:24:6c:4c:7a:7d:a1:e2:0f:69:24:85:c2:ab: 43:e8:43:07:7d:bf:d8:d7:32:b1:58:a8:c8:70:2e: 9a:81:05:49:ac:aa:08:37:52:a7:03:c0:8f:de:24: cf:12:96:bd:0b:70:8e:93:fe:cd:77:9d:6a:47:05: 39:19:22:ef:fb:9d:b5:4d:53:f5:10:67:e7:46:11: 08:93:a4:0c:aa:97:2c:23:c8:c2:f7:fd:ff:16:e4: 7a:ed:18:ff:e7:8a:5b:3d:f5:15:63:8b:79:99:0a: 16:7f:17:eb:89:31:82:66:5e:cb:f9:94:5d:9e:ea: 6e:6d:07:20:37:c2:74:5f:19:b7:44:d3:05:e3:b2: 28:4c:80:78:78:31:0d:4c:01:13:c7:ab:ca:87:7a: 48:dd:b0:c6:b8:78:cb:2f:33:83:89:d4:d2:6c:24: b9:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:B5:75:13:03:9F:FF:12:B1:BE:48:F2:C5:95:F7:7C:F7:E3:8E:18 X509v3 Authority Key Identifier: keyid:17:AC:37:51:12:A5:62:46:19:49:A3:66:0A:23:C7:E7:1C:06:33:5F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F6w3URKlYkYZSaNmCiPH5xwGM18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F6w3URKlYkYZSaNmCiPH5xwGM18.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/ObV1EwOf_xKxvkjyxZX3fPfjjhg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.247.0/24 Signature Algorithm: sha256WithRSAEncryption 1f:e0:35:c3:52:ae:16:c2:1b:f7:b0:3e:2f:e7:29:e1:90:38: d5:21:d6:57:96:98:24:3b:4a:14:ba:e2:87:b0:c7:8a:c4:08: 79:b8:71:2c:3a:39:0c:b3:e2:bd:60:e8:39:a3:7b:c4:98:c0: fb:0f:e4:c2:63:45:d6:36:68:3d:d6:c7:70:76:64:9c:43:ba: 92:82:d5:28:a4:06:b5:37:81:1a:0e:e3:29:5e:49:0a:85:db: ea:6a:70:4b:52:9e:45:d1:c9:e2:c9:fc:a8:6c:b5:5f:b9:cc: a1:37:26:68:1f:5f:db:49:55:35:35:6d:ff:13:b4:86:33:64: ec:bf:81:d5:13:33:62:75:f8:9b:e6:4a:38:a1:28:6a:d9:f2: e2:3e:33:99:ab:ec:e3:17:77:89:de:31:f7:94:9a:2a:87:0e: 5c:3f:d4:84:49:26:6b:6a:76:7e:ba:5c:a5:46:ee:96:07:30: 12:c2:82:5e:3d:ab:5e:55:3e:7a:93:db:c4:aa:db:ce:94:c6: da:20:29:bd:1c:7f:cb:59:22:cd:74:6b:0d:63:e2:0d:f3:0f: c4:09:55:b6:19:f8:d9:6d:8e:f0:0c:5e:64:c8:04:26:f1:0d: a7:c0:09:4b:6c:27:9a:d5:dc:b6:97:cf:13:89:bb:27:8c:b6: 36:61:8d:f8 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxN0FD Mzc1MTEyQTU2MjQ2MTk0OUEzNjYwQTIzQzdFNzFDMDYzMzVGMB4XDTI0MDkxOTA0 MjAwOFoXDTI1MDkxMzA5MzA0M1owMzExMC8GA1UEAxMoMzlCNTc1MTMwMzlGRkYx MkIxQkU0OEYyQzU5NUY3N0NGN0UzOEUxODCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAKQhx/u6vYKJX26+fUzdjubYHIrMvbb1q/kRlIdRIbJAvyQkmCIh Kg1GfA5Nr9oxE8jh4vO4zjOjbtG89Xz4KDeljt0rH4lwYhaeHBEa8UZcmw4qKroU eFfXN2okbEx6faHiD2kkhcKrQ+hDB32/2NcysVioyHAumoEFSayqCDdSpwPAj94k zxKWvQtwjpP+zXedakcFORki7/udtU1T9RBn50YRCJOkDKqXLCPIwvf9/xbkeu0Y /+eKWz31FWOLeZkKFn8X64kxgmZey/mUXZ7qbm0HIDfCdF8Zt0TTBeOyKEyAeHgx DUwBE8eryod6SN2wxrh4yy8zg4nU0mwkuWkCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBQ5tXUTA5//ErG+SPLFlfd89+OOGDAfBgNVHSMEGDAWgBQXrDdREqViRhlJo2YK I8fnHAYzXzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTk0 L0Y2dzNVUktsWWtZWlNhTm1DaVBINXh3R00xOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRjZ3M1VSS2xZa1laU2FObUNpUEg1eHdHTTE4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk5NC9PYlYxRXdPZl94S3h2 a2p5eFpYM2ZQZmpqaGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ5j3MA0GCSqGSIb3DQEBCwUAA4IBAQAf4DXDUq4Wwhv3sD4v5ynhkDjVIdZX lpgkO0oUuuKHsMeKxAh5uHEsOjkMs+K9YOg5o3vEmMD7D+TCY0XWNmg91sdwdmSc Q7qSgtUopAa1N4EaDuMpXkkKhdvqanBLUp5F0cniyfyobLVfucyhNyZoH1/bSVU1 NW3/E7SGM2Tsv4HVEzNidfib5ko4oShq2fLiPjOZq+zjF3eJ3jH3lJoqhw5cP9SE SSZranZ+ulylRu6WBzASwoJePateVT56k9vEqtvOlMbaICm9HH/LWSLNdGsNY+IN 8w/ECVW2GfjZbY7wDF5kyAQm8Q2nwAlLbCea1dy2l88TibsnjLY2YY34 -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org