$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3027/XBJpXS4XBFzeCwdH4PzcURWJ480.roa File: XBJpXS4XBFzeCwdH4PzcURWJ480.roa (raw, json) Hash identifier: c8yuPHLg7d5rhi9IUzhxigQ0t5pCjK7Y0Wg06e4Cg3U= Subject key identifier: 5C:12:69:5D:2E:17:04:5C:DE:0B:07:47:E0:FC:DC:51:15:89:E3:CD Certificate issuer: /CN=EED0E76665272FAF95C3104EAE182BD2D5A0800B Certificate serial: 0F5D Authority key identifier: EE:D0:E7:66:65:27:2F:AF:95:C3:10:4E:AE:18:2B:D2:D5:A0:80:0B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/XBJpXS4XBFzeCwdH4PzcURWJ480.roa Signing time: Sat 27 Jul 2024 07:45:42 +0000 ROA not before: Sat 27 Jul 2024 07:45:42 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139119 IP address blocks: 103.157.234.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:24:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3933 (0xf5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EED0E76665272FAF95C3104EAE182BD2D5A0800B Validity Not Before: Jul 27 07:45:42 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=5C12695D2E17045CDE0B0747E0FCDC511589E3CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:03:fb:3b:23:78:44:ce:e4:ae:a0:b2:d1:c1: 00:ca:21:75:c0:48:90:d2:f0:4e:35:e0:55:32:ad: 54:81:2e:3d:86:6c:8f:4f:bf:3f:50:d6:bd:b4:e0: 9e:b8:e9:2a:7a:cb:d9:70:15:b0:2f:d5:0b:9d:74: d5:cb:99:5b:04:28:8f:2c:1a:33:5a:c6:63:91:8a: 74:3f:10:f9:b1:91:2e:78:35:9d:10:0f:e1:ae:6d: 9e:01:06:c6:da:26:eb:05:e9:73:93:ed:50:1d:85: d2:48:eb:7f:86:68:25:be:0b:d2:49:e0:1e:d0:26: 70:f9:13:f4:f0:e0:67:dd:78:2d:1e:e0:b9:84:72: b0:74:97:56:25:19:03:cc:b6:a0:4d:2e:23:89:5f: d9:ee:ff:d6:ea:14:ec:83:d0:2c:8b:2b:a7:ee:0e: b7:41:0e:5e:90:c5:08:58:99:5b:c9:ec:13:69:57: cc:82:ae:6a:56:b2:c3:47:1d:30:2a:a3:ec:f2:e0: 49:b0:9b:e0:b8:73:95:f4:ff:f3:48:8a:b5:02:aa: fd:b1:51:23:cd:63:c7:9f:83:7a:22:98:86:f4:1d: 19:bc:de:8d:cc:b1:1b:18:02:fc:2c:ce:6e:9b:ba: db:f4:b7:d3:f9:74:62:83:65:39:e1:db:62:3e:c7: fb:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:12:69:5D:2E:17:04:5C:DE:0B:07:47:E0:FC:DC:51:15:89:E3:CD X509v3 Authority Key Identifier: keyid:EE:D0:E7:66:65:27:2F:AF:95:C3:10:4E:AE:18:2B:D2:D5:A0:80:0B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/7tDnZmUnL6-VwxBOrhgr0tWggAs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7tDnZmUnL6-VwxBOrhgr0tWggAs.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3027/XBJpXS4XBFzeCwdH4PzcURWJ480.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.157.234.0/24 Signature Algorithm: sha256WithRSAEncryption 02:77:5e:aa:57:3e:20:4a:3b:33:8c:23:a8:8f:4b:d3:80:70: 67:9b:1a:a4:3a:db:13:e4:04:01:8d:c1:c1:ad:78:d5:9e:c6: d6:b6:08:8a:be:e8:cc:d5:58:98:d8:88:82:72:ab:2b:2e:61: 8f:dc:b1:d3:08:89:d7:ce:bc:a2:cf:cc:b6:73:4d:53:55:98: 31:f5:7a:4b:7a:a9:a1:34:25:06:29:b0:dc:99:e8:e9:37:1b: 26:b0:54:e8:56:09:85:6e:7a:e1:b7:0f:da:c7:ea:c6:20:48: 8e:9b:be:61:fb:84:ed:ba:fe:df:e2:28:e4:6f:79:1c:db:07: 71:47:bb:45:23:d9:0d:18:59:77:5d:23:1d:01:b6:83:14:89: 72:c7:cc:6a:1e:bc:87:0a:aa:79:75:69:fe:7d:71:4a:7d:3e: 74:1b:6a:62:e0:16:3c:8f:d9:42:48:c1:9b:d3:27:95:fa:5a: c2:fb:f5:e3:83:9e:64:4c:45:eb:73:19:aa:c0:b2:32:f6:e1: a2:d8:e4:8c:2c:34:27:bc:1d:1a:63:83:d7:c7:9e:b3:e3:5d: 89:ee:66:9d:ad:9f:6c:9d:bb:91:18:7c:3c:02:d4:0d:e2:ba: 80:84:00:22:d3:55:f3:1c:1d:22:04:b3:28:13:01:84:bb:a8: 51:fb:46:a4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD10wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUVE MEU3NjY2NTI3MkZBRjk1QzMxMDRFQUUxODJCRDJENUEwODAwQjAeFw0yNDA3Mjcw NzQ1NDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDMTI2OTVEMkUxNzA0 NUNERTBCMDc0N0UwRkNEQzUxMTU4OUUzQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDrA/s7I3hEzuSuoLLRwQDKIXXASJDS8E414FUyrVSBLj2GbI9P vz9Q1r204J646Sp6y9lwFbAv1QuddNXLmVsEKI8sGjNaxmORinQ/EPmxkS54NZ0Q D+GubZ4BBsbaJusF6XOT7VAdhdJI63+GaCW+C9JJ4B7QJnD5E/Tw4GfdeC0e4LmE crB0l1YlGQPMtqBNLiOJX9nu/9bqFOyD0CyLK6fuDrdBDl6QxQhYmVvJ7BNpV8yC rmpWssNHHTAqo+zy4Emwm+C4c5X0//NIirUCqv2xUSPNY8efg3oimIb0HRm83o3M sRsYAvwszm6butv0t9P5dGKDZTnh22I+x/uHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUXBJpXS4XBFzeCwdH4PzcURWJ480wHwYDVR0jBBgwFoAU7tDnZmUnL6+VwxBO rhgr0tWggAswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzAy Ny83dERuWm1Vbkw2LVZ3eEJPcmhncjB0V2dnQXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzd0RG5abVVuTDYtVnd4Qk9yaGdyMHRXZ2dBcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwMjcvWEJKcFhTNFhCRnpl Q3dkSDRQemNVUldKNDgwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGed6jANBgkqhkiG9w0BAQsFAAOCAQEAAndeqlc+IEo7M4wjqI9L04BwZ5sa pDrbE+QEAY3Bwa141Z7G1rYIir7ozNVYmNiIgnKrKy5hj9yx0wiJ1868os/MtnNN U1WYMfV6S3qpoTQlBimw3Jno6TcbJrBU6FYJhW564bcP2sfqxiBIjpu+YfuE7br+ 3+Io5G95HNsHcUe7RSPZDRhZd10jHQG2gxSJcsfMah68hwqqeXVp/n1xSn0+dBtq YuAWPI/ZQkjBm9Mnlfpawvv144OeZExF63MZqsCyMvbhotjkjCw0J7wdGmOD18ee s+Ndie5mna2fbJ27kRh8PALUDeK6gIQAItNV8xwdIgSzKBMBhLuoUftGpA== -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:40 2024 by rpki-client on console-ams.rpki-client.org