$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2994/Re3yW8Rn7krMvzvXMHzSrFM0l3c.roa File: Re3yW8Rn7krMvzvXMHzSrFM0l3c.roa (raw, json) Hash identifier: 9jToPHySwiK8ywp/3AJR01tYj4lltsAKY0S9/fPicX8= Subject key identifier: 45:ED:F2:5B:C4:67:EE:4A:CC:BF:3B:D7:30:7C:D2:AC:53:34:97:77 Certificate issuer: /CN=17AC375112A562461949A3660A23C7E71C06335F Certificate serial: 21 Authority key identifier: 17:AC:37:51:12:A5:62:46:19:49:A3:66:0A:23:C7:E7:1C:06:33:5F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F6w3URKlYkYZSaNmCiPH5xwGM18.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/Re3yW8Rn7krMvzvXMHzSrFM0l3c.roa Signing time: Thu 19 Sep 2024 07:50:56 +0000 ROA not before: Thu 19 Sep 2024 07:50:56 +0000 ROA not after: Sat 13 Sep 2025 09:30:43 +0000 asID: 135391 IP address blocks: 103.152.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F6w3URKlYkYZSaNmCiPH5xwGM18.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F6w3URKlYkYZSaNmCiPH5xwGM18.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F6w3URKlYkYZSaNmCiPH5xwGM18.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17AC375112A562461949A3660A23C7E71C06335F Validity Not Before: Sep 19 07:50:56 2024 GMT Not After : Sep 13 09:30:43 2025 GMT Subject: CN=45EDF25BC467EE4ACCBF3BD7307CD2AC53349777 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:87:9f:93:1c:13:de:1c:53:cf:2d:57:b5:3f: be:e9:a3:93:07:c5:22:84:ce:97:a2:ef:b7:16:90: dd:c4:74:dc:ce:92:d5:2f:d1:de:73:db:ee:6b:e1: 05:fc:ff:7b:e8:00:40:a0:fd:97:55:8c:30:02:8d: b6:a4:ad:e0:af:d9:26:0f:09:31:c7:d3:a7:0f:9a: 5e:7b:fa:09:d7:90:66:37:9f:12:33:34:93:63:24: 41:62:e1:0b:89:6d:c1:2e:4c:3f:79:1e:52:13:3a: 63:33:38:62:84:3e:95:9c:b2:e6:af:6f:e0:17:3b: 14:f0:4b:06:df:67:23:8e:4f:be:cf:7d:6d:f3:ad: 58:d6:d3:2e:d2:1a:91:19:06:9f:e0:62:a9:1d:fa: c4:c7:2e:f5:12:ea:71:17:74:82:7d:1a:5f:3b:4b: 89:c8:e2:a7:20:92:47:22:d1:99:7c:17:6c:ce:02: 6c:23:f2:43:14:cd:07:0b:72:39:cd:f9:33:ca:39: ef:64:fa:ee:78:3b:fb:cb:d2:83:8c:60:3c:42:2c: 4a:b5:7d:1e:0e:a7:c6:2f:95:bc:9a:a1:d7:00:e1: af:28:df:a0:47:a6:d5:a4:96:02:6b:b2:76:ef:b2: 95:b9:66:1b:38:32:22:9f:09:68:bb:e9:91:e1:e7: 22:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:ED:F2:5B:C4:67:EE:4A:CC:BF:3B:D7:30:7C:D2:AC:53:34:97:77 X509v3 Authority Key Identifier: keyid:17:AC:37:51:12:A5:62:46:19:49:A3:66:0A:23:C7:E7:1C:06:33:5F X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/F6w3URKlYkYZSaNmCiPH5xwGM18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/F6w3URKlYkYZSaNmCiPH5xwGM18.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2994/Re3yW8Rn7krMvzvXMHzSrFM0l3c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.152.247.0/24 Signature Algorithm: sha256WithRSAEncryption 83:04:e1:5c:e7:aa:31:f4:33:65:88:87:94:71:3f:95:22:8f: c2:20:21:d6:0e:86:69:8c:71:ec:63:48:a1:c2:1d:a7:d3:a4: f6:14:75:33:02:db:2f:f4:7f:4c:3d:a7:e6:a2:a1:bc:2b:1f: f8:a5:5f:0f:7d:19:7e:7e:13:33:95:49:36:e6:4e:21:39:e1: 27:7c:e4:4e:4f:64:bf:5d:ed:6a:b6:4b:ce:1e:5c:8d:3a:8c: 2a:5a:49:fa:ae:79:84:2c:d8:9c:35:cd:f5:c5:91:c0:b2:bb: d2:06:29:c2:44:0a:6a:08:1e:b2:11:a4:43:c9:02:64:c0:45: a2:99:bd:c7:a1:be:bd:af:bb:ba:31:1f:89:d9:67:6f:03:e4: 86:44:59:31:02:ec:38:69:7d:16:b2:26:6f:28:32:26:cc:02: 8b:4e:7f:ce:71:65:01:f6:5e:3b:2c:65:99:ff:7f:3b:1d:2b: f0:1a:10:85:ad:9e:96:37:52:19:fd:5a:28:c3:d6:a5:9e:f2: b0:65:3b:52:2f:48:33:55:c4:96:7c:6a:fe:b3:35:63:c4:7d: be:76:b9:f2:fb:1a:5c:3a:93:41:d0:aa:85:39:30:47:6b:ef: eb:c1:61:ca:06:95:63:4b:c8:8c:54:72:46:29:e2:8a:ce:f7: 45:e3:41:fe -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxN0FD Mzc1MTEyQTU2MjQ2MTk0OUEzNjYwQTIzQzdFNzFDMDYzMzVGMB4XDTI0MDkxOTA3 NTA1NloXDTI1MDkxMzA5MzA0M1owMzExMC8GA1UEAxMoNDVFREYyNUJDNDY3RUU0 QUNDQkYzQkQ3MzA3Q0QyQUM1MzM0OTc3NzCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAOuHn5McE94cU88tV7U/vumjkwfFIoTOl6LvtxaQ3cR03M6S1S/R 3nPb7mvhBfz/e+gAQKD9l1WMMAKNtqSt4K/ZJg8JMcfTpw+aXnv6CdeQZjefEjM0 k2MkQWLhC4ltwS5MP3keUhM6YzM4YoQ+lZyy5q9v4Bc7FPBLBt9nI45Pvs99bfOt WNbTLtIakRkGn+BiqR36xMcu9RLqcRd0gn0aXztLicjipyCSRyLRmXwXbM4CbCPy QxTNBwtyOc35M8o572T67ng7+8vSg4xgPEIsSrV9Hg6nxi+VvJqh1wDhryjfoEem 1aSWAmuydu+ylblmGzgyIp8JaLvpkeHnIq0CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRF7fJbxGfuSsy/O9cwfNKsUzSXdzAfBgNVHSMEGDAWgBQXrDdREqViRhlJo2YK I8fnHAYzXzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yOTk0 L0Y2dzNVUktsWWtZWlNhTm1DaVBINXh3R00xOC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRjZ3M1VSS2xZa1laU2FObUNpUEg1eHdHTTE4LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjk5NC9SZTN5VzhSbjdrck12 enZYTUh6U3JGTTBsM2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ5j3MA0GCSqGSIb3DQEBCwUAA4IBAQCDBOFc56ox9DNliIeUcT+VIo/CICHW DoZpjHHsY0ihwh2n06T2FHUzAtsv9H9MPafmoqG8Kx/4pV8PfRl+fhMzlUk25k4h OeEnfOROT2S/Xe1qtkvOHlyNOowqWkn6rnmELNicNc31xZHAsrvSBinCRApqCB6y EaRDyQJkwEWimb3Hob69r7u6MR+J2WdvA+SGRFkxAuw4aX0WsiZvKDImzAKLTn/O cWUB9l47LGWZ/387HSvwGhCFrZ6WN1IZ/Voow9alnvKwZTtSL0gzVcSWfGr+szVj xH2+drny+xpcOpNB0KqFOTBHa+/rwWHKBpVjS8iMVHJGKeKKzvdF40H+ -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org