$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3040/xR2C96bvNk7GXWw29Td2agLuQ1A.roa File: xR2C96bvNk7GXWw29Td2agLuQ1A.roa (raw, json) Hash identifier: zKV2H78OmRI+sjPja1J6Qo+Nwneba9e7gUmoW5YzdIE= Subject key identifier: C5:1D:82:F7:A6:EF:36:4E:C6:5D:6C:36:F5:37:76:6A:02:EE:43:50 Certificate issuer: /CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5 Certificate serial: 197B Authority key identifier: 03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/xR2C96bvNk7GXWw29Td2agLuQ1A.roa Signing time: Wed 13 Mar 2024 01:23:43 +0000 ROA not before: Wed 13 Mar 2024 01:23:43 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 131484 IP address blocks: 103.159.122.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6523 (0x197b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03F075D9C6F18DC09BDA62B7087EA80DC5B711C5 Validity Not Before: Mar 13 01:23:43 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=C51D82F7A6EF364EC65D6C36F537766A02EE4350 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:29:d7:cf:3d:de:8b:25:d0:0d:83:65:93:48: aa:4d:cf:c9:6c:e6:60:07:e8:0c:4c:ca:2e:db:40: ae:f8:8d:b1:77:23:b9:d7:1d:f2:21:4e:bd:5d:ff: bd:04:0a:62:ae:77:c3:3d:56:2d:a7:52:ca:26:ab: 4d:51:dc:fc:00:92:30:d1:43:a5:d8:f0:d2:99:55: 57:c1:c1:21:e0:5b:8c:7a:dc:19:00:bc:e1:c0:bc: c1:c1:19:5a:3d:2c:b0:6a:b5:84:7f:cf:e7:db:f3: 4b:01:0a:33:e1:de:ca:22:6a:2b:34:d8:e9:8e:84: 84:ae:42:77:2e:8f:56:54:d5:e7:d2:de:19:f4:3e: df:d2:e5:03:7a:cf:d3:12:9c:66:c7:e3:31:da:13: 82:39:ae:05:81:0f:90:08:27:70:56:97:13:70:77: e9:c6:95:7d:b5:ad:30:e3:ca:aa:bb:cc:20:14:e3: 13:51:83:d9:23:14:34:dc:6d:85:f6:07:03:10:f9: 5c:6d:54:b9:4c:65:24:af:40:0e:c3:b3:e6:5b:60: 95:a5:2d:73:26:69:0f:97:9f:e0:ca:b2:b9:bd:98: 54:19:1f:9b:e4:f2:ca:e5:e4:30:e1:14:41:00:ec: 48:be:27:33:f5:2d:89:a4:1a:d4:e9:13:ea:e3:76: 8b:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:1D:82:F7:A6:EF:36:4E:C6:5D:6C:36:F5:37:76:6A:02:EE:43:50 X509v3 Authority Key Identifier: keyid:03:F0:75:D9:C6:F1:8D:C0:9B:DA:62:B7:08:7E:A8:0D:C5:B7:11:C5 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/A_B12cbxjcCb2mK3CH6oDcW3EcU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/A_B12cbxjcCb2mK3CH6oDcW3EcU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3040/xR2C96bvNk7GXWw29Td2agLuQ1A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.159.122.0/23 Signature Algorithm: sha256WithRSAEncryption 56:11:0f:9d:21:d4:81:d7:2c:66:18:d5:a9:3e:04:fd:6f:3f: b1:97:d1:be:aa:a8:6f:14:f9:c9:05:e1:52:6d:2a:46:e4:4d: ca:24:d0:d1:9c:fc:8c:2b:f0:c7:a2:25:82:87:f1:17:ec:fa: 87:a8:78:19:52:52:4a:ad:7f:2c:fb:bd:35:fb:18:d4:a1:07: 3f:da:f3:ad:0f:e4:74:ad:f0:fb:14:dd:f1:8d:d8:99:8e:ec: 87:11:eb:d2:7d:a2:61:d0:ae:4b:3b:36:b9:b6:61:bf:dc:89: c3:b3:4a:bc:fb:b9:be:b9:2d:7a:0e:cd:c4:32:c1:28:7c:ba: cb:4f:7c:24:de:4a:e7:c2:72:47:1f:ab:26:fc:e6:4e:72:ad: e9:9c:06:d4:71:ae:22:5b:bd:10:2f:70:77:ae:14:90:82:b8: 64:6c:be:ad:d0:17:bd:4a:cc:da:bb:57:4a:7c:86:da:ca:33: bc:ae:7c:f1:e1:a4:c7:8f:11:cb:fb:ef:b1:dd:50:b3:85:42: b3:55:f7:e5:51:96:3b:43:95:f2:fc:81:24:0b:b7:98:2c:ff: 7d:55:55:e2:71:66:33:0f:0f:29:7f:2f:d9:cb:33:21:41:78: 02:bb:99:2a:d5:42:96:49:28:91:b1:07:d9:14:55:7b:3b:0d: 51:a5:dd:39 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGXswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDNG MDc1RDlDNkYxOERDMDlCREE2MkI3MDg3RUE4MERDNUI3MTFDNTAeFw0yNDAzMTMw MTIzNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM1MUQ4MkY3QTZFRjM2 NEVDNjVENkMzNkY1Mzc3NjZBMDJFRTQzNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHKdfPPd6LJdANg2WTSKpNz8ls5mAH6AxMyi7bQK74jbF3I7nX HfIhTr1d/70ECmKud8M9Vi2nUsomq01R3PwAkjDRQ6XY8NKZVVfBwSHgW4x63BkA vOHAvMHBGVo9LLBqtYR/z+fb80sBCjPh3soiais02OmOhISuQncuj1ZU1efS3hn0 Pt/S5QN6z9MSnGbH4zHaE4I5rgWBD5AIJ3BWlxNwd+nGlX21rTDjyqq7zCAU4xNR g9kjFDTcbYX2BwMQ+VxtVLlMZSSvQA7Ds+ZbYJWlLXMmaQ+Xn+DKsrm9mFQZH5vk 8srl5DDhFEEA7Ei+JzP1LYmkGtTpE+rjdos3AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUxR2C96bvNk7GXWw29Td2agLuQ1AwHwYDVR0jBBgwFoAUA/B12cbxjcCb2mK3 CH6oDcW3EcUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 MC9BX0IxMmNieGpjQ2IybUszQ0g2b0RjVzNFY1UuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0FfQjEyY2J4amNDYjJtSzNDSDZvRGNXM0VjVS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDAveFIyQzk2YnZOazdH WFd3MjlUZDJhZ0x1UTFBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWefejANBgkqhkiG9w0BAQsFAAOCAQEAVhEPnSHUgdcsZhjVqT4E/W8/sZfR vqqobxT5yQXhUm0qRuRNyiTQ0Zz8jCvwx6IlgofxF+z6h6h4GVJSSq1/LPu9NfsY 1KEHP9rzrQ/kdK3w+xTd8Y3YmY7shxHr0n2iYdCuSzs2ubZhv9yJw7NKvPu5vrkt eg7NxDLBKHy6y098JN5K58JyRx+rJvzmTnKt6ZwG1HGuIlu9EC9wd64UkIK4ZGy+ rdAXvUrM2rtXSnyG2sozvK588eGkx48Ry/vvsd1Qs4VCs1X35VGWO0OV8vyBJAu3 mCz/fVVV4nFmMw8PKX8v2cszIUF4AruZKtVClkkokbEH2RRVezsNUaXdOQ== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org