$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/YanYJVvxvZZiobO8z7vhSUbLyqM.roa File: YanYJVvxvZZiobO8z7vhSUbLyqM.roa (raw, json) Hash identifier: eTWqOY6D21EZhqnCdkSOD+YHlRX7HTPGBhL3Fb5fM5k= Subject key identifier: 61:A9:D8:25:5B:F1:BD:96:62:A1:B3:BC:CF:BB:E1:49:46:CB:CA:A3 Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 16B6 Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/YanYJVvxvZZiobO8z7vhSUbLyqM.roa Signing time: Tue 03 Sep 2024 08:16:45 +0000 ROA not before: Tue 03 Sep 2024 08:16:45 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 146845 IP address blocks: 103.169.50.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5814 (0x16b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Sep 3 08:16:45 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=61A9D8255BF1BD9662A1B3BCCFBBE14946CBCAA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ab:c8:15:e5:e7:1d:2b:b2:92:7e:0b:c4:cc: 85:bf:45:96:1a:64:0b:cd:c8:2a:78:53:3b:c4:1f: ed:f0:6f:5c:21:e2:54:06:d4:2e:95:52:51:e3:c5: 09:52:0e:b5:df:39:22:ff:46:19:db:bb:90:9b:42: 65:01:55:d3:1a:c5:06:69:f6:de:e0:14:ca:2d:a6: 9d:11:97:db:bc:4b:56:9f:9f:9c:da:ac:6b:75:a4: a9:c2:9f:77:88:21:24:45:c7:3d:ae:45:7c:98:a3: a8:11:9b:4a:16:0d:50:d1:02:f3:99:d1:89:06:e2: bb:6c:c1:0d:40:1d:54:0e:b7:b8:e1:2b:10:f8:30: 64:cc:e3:6a:a2:98:a1:be:ec:c9:6a:96:83:65:c9: c7:71:f3:44:59:50:24:20:dd:f7:72:7e:64:fb:f3: 31:01:7f:3a:f0:ff:4c:37:d7:17:26:00:c1:2e:df: 63:36:40:7e:0b:69:26:10:03:e0:51:b5:82:c0:37: 48:6f:82:9e:c4:86:13:6f:ac:38:08:e1:39:78:20: 39:23:ab:7e:8d:5b:29:6b:13:84:fc:55:a4:cb:77: cb:2c:2a:0f:68:33:54:7d:84:e9:6b:32:5e:72:67: ca:4b:df:cf:d0:0e:eb:7c:e0:f7:b0:5f:a0:d1:5d: ff:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:A9:D8:25:5B:F1:BD:96:62:A1:B3:BC:CF:BB:E1:49:46:CB:CA:A3 X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/YanYJVvxvZZiobO8z7vhSUbLyqM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.169.50.0/23 Signature Algorithm: sha256WithRSAEncryption 8e:9a:66:de:5d:b7:72:63:24:2b:d4:25:ae:ed:17:94:8a:16: c3:7e:24:b8:4e:bf:db:47:58:b6:b8:1d:3d:88:7f:a8:41:95: 17:f6:59:9f:14:49:08:b3:d3:a3:a1:4f:bc:43:a6:ac:da:de: ff:42:f0:12:4f:e1:89:41:86:3d:2a:56:58:64:66:10:92:99: 54:a6:be:d2:e4:13:79:fa:7d:21:fc:cd:6e:b9:17:c0:ff:10: 68:c6:2b:42:e0:b6:39:3d:79:f8:a3:7f:22:19:ef:7e:66:a4: cc:70:fe:05:66:11:96:71:83:98:68:6a:38:66:66:b3:8c:d3: c9:f1:c4:68:a2:91:94:9f:bc:a2:f8:08:8a:52:fd:04:ff:a7: eb:93:af:d0:bc:08:7e:71:fc:3a:68:48:2b:ad:32:d2:6a:42: 17:84:f6:64:ef:6b:a3:f2:ef:d6:4b:ff:c3:6c:b4:c1:99:3a: 61:36:b3:7e:3e:5f:1a:f6:a3:57:98:18:a6:29:5f:b7:3a:0f: 9a:d3:62:bb:da:65:dc:42:31:21:ac:a0:26:f4:b7:8d:1b:51: 33:dd:4f:0c:6a:40:dc:a1:35:b5:9c:be:99:64:8d:1a:74:92: 3d:74:b6:82:ac:b9:02:f2:08:00:6b:cf:de:37:a8:0e:91:8c: e9:c4:9d:d9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFrYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yNDA5MDMw ODE2NDVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxQTlEODI1NUJGMUJE OTY2MkExQjNCQ0NGQkJFMTQ5NDZDQkNBQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwq8gV5ecdK7KSfgvEzIW/RZYaZAvNyCp4UzvEH+3wb1wh4lQG 1C6VUlHjxQlSDrXfOSL/Rhnbu5CbQmUBVdMaxQZp9t7gFMotpp0Rl9u8S1afn5za rGt1pKnCn3eIISRFxz2uRXyYo6gRm0oWDVDRAvOZ0YkG4rtswQ1AHVQOt7jhKxD4 MGTM42qimKG+7MlqloNlycdx80RZUCQg3fdyfmT78zEBfzrw/0w31xcmAMEu32M2 QH4LaSYQA+BRtYLAN0hvgp7EhhNvrDgI4Tl4IDkjq36NWylrE4T8VaTLd8ssKg9o M1R9hOlrMl5yZ8pL38/QDut84PewX6DRXf8nAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYanYJVvxvZZiobO8z7vhSUbLyqMwHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvWWFuWUpWdnh2Wlpp b2JPOHo3dmhTVWJMeXFNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWepMjANBgkqhkiG9w0BAQsFAAOCAQEAjppm3l23cmMkK9Qlru0XlIoWw34k uE6/20dYtrgdPYh/qEGVF/ZZnxRJCLPTo6FPvEOmrNre/0LwEk/hiUGGPSpWWGRm EJKZVKa+0uQTefp9IfzNbrkXwP8QaMYrQuC2OT15+KN/IhnvfmakzHD+BWYRlnGD mGhqOGZms4zTyfHEaKKRlJ+8ovgIilL9BP+n65Ov0LwIfnH8OmhIK60y0mpCF4T2 ZO9ro/Lv1kv/w2y0wZk6YTazfj5fGvajV5gYpilftzoPmtNiu9pl3EIxIaygJvS3 jRtRM91PDGpA3KE1tZy+mWSNGnSSPXS2gqy5AvIIAGvP3jeoDpGM6cSd2Q== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:10 2024 by rpki-client on console-fra.rpki-client.org