$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3098/oMd-ARwd63yqJfIdC-RXHknawt8.roa File: oMd-ARwd63yqJfIdC-RXHknawt8.roa (raw, json) Hash identifier: WGaS3zKFGN7+2nTHk4xwOzr9f0weq4hrbvl+6gUf878= Subject key identifier: A0:C7:7E:01:1C:1D:EB:7C:AA:25:F2:1D:0B:E4:57:1E:49:DA:C2:DF Certificate issuer: /CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Certificate serial: 0FEC Authority key identifier: D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/oMd-ARwd63yqJfIdC-RXHknawt8.roa Signing time: Wed 20 Sep 2023 06:31:00 +0000 ROA not before: Wed 20 Sep 2023 06:31:00 +0000 ROA not after: Tue 17 Sep 2024 08:06:57 +0000 asID: 146845 IP address blocks: 103.169.50.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 16:27:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4076 (0xfec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D2AB6C9B6E165334C032D051D5FC7D1547E4E353 Validity Not Before: Sep 20 06:31:00 2023 GMT Not After : Sep 17 08:06:57 2024 GMT Subject: CN=A0C77E011C1DEB7CAA25F21D0BE4571E49DAC2DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:dc:3a:e6:66:c1:42:5a:2a:7f:8a:0d:12:41: 2b:e3:cc:28:67:04:b9:67:12:67:2d:86:03:9a:ac: 24:d8:65:b1:00:09:33:58:78:a9:64:aa:bc:a8:78: 23:da:8f:9a:f8:0f:7d:18:1e:70:3e:d5:2f:6c:db: f9:74:1d:b6:c1:76:6b:86:f0:58:72:95:22:73:b8: 9b:a0:5d:7c:bc:61:3b:9d:1f:65:d3:05:84:88:ed: c8:39:0c:92:7e:10:e4:88:ff:16:f3:c0:8d:ea:7b: 58:9a:ef:bd:ff:f5:e5:23:60:99:6d:d7:12:a6:f4: 4c:02:27:d2:51:9f:d9:a8:b6:61:61:3d:b4:90:d3: 39:d5:bf:c5:ab:6c:88:d2:9d:66:57:b2:3b:19:c7: 36:a8:9c:96:8c:c0:85:94:cc:87:2e:20:6d:c4:50: d5:2f:d3:b7:d2:96:30:8e:92:6b:7d:66:7f:57:2c: d9:10:7e:f2:fc:51:16:76:22:07:b4:da:2d:2a:eb: a9:45:68:e8:29:13:7a:a4:b9:99:54:a4:1b:dc:16: c8:68:6e:c1:30:4d:a4:56:74:57:fb:b8:c5:15:31: 2c:ab:94:d5:aa:e6:51:24:6b:3b:8b:9c:d7:a0:7d: d7:0a:39:83:2b:42:da:66:d9:1c:9c:f2:dd:cf:ad: 23:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:C7:7E:01:1C:1D:EB:7C:AA:25:F2:1D:0B:E4:57:1E:49:DA:C2:DF X509v3 Authority Key Identifier: keyid:D2:AB:6C:9B:6E:16:53:34:C0:32:D0:51:D5:FC:7D:15:47:E4:E3:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/0qtsm24WUzTAMtBR1fx9FUfk41M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/0qtsm24WUzTAMtBR1fx9FUfk41M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3098/oMd-ARwd63yqJfIdC-RXHknawt8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.169.50.0/23 Signature Algorithm: sha256WithRSAEncryption 51:a5:bd:eb:ef:97:4d:49:79:23:5c:71:f6:31:ce:a9:a1:39: 4a:0c:7a:ff:cf:01:e9:64:ad:88:36:3e:67:c5:2a:3c:71:13: b7:4c:ea:6a:1a:de:44:56:86:aa:d1:94:aa:e0:ab:b9:e1:1f: 13:25:fd:36:58:7c:b9:e8:24:55:bc:63:cc:04:d6:ea:69:b1: ca:34:82:36:24:d6:a1:e7:fa:c7:51:6f:8c:13:e1:14:26:a1: 2b:a2:f3:6e:0d:48:21:ba:23:51:fc:f7:5f:03:4f:c5:df:34: 44:d1:a1:d8:d3:ec:8c:a3:76:35:28:50:79:83:08:d0:1e:25: 33:92:76:f3:68:f8:8f:b6:6e:ab:00:d3:09:5b:94:d7:33:9f: 6d:46:01:67:e6:c9:79:23:88:af:09:e0:55:72:04:4f:95:cd: d1:a4:45:0c:a8:10:a6:57:32:84:d3:03:70:78:d8:eb:63:e7: 97:80:a4:5f:c1:71:17:95:de:4b:fb:22:af:e2:5c:cf:8f:db: 47:1c:70:35:5f:3b:7e:c4:12:f1:9f:00:e0:6a:0a:85:ac:4d: ed:a2:a3:02:ef:1d:b1:a9:82:2e:8f:1d:b6:e8:ac:d1:90:df: 41:5f:44:fe:2d:dc:ee:44:07:7d:3e:63:13:ba:ad:e3:70:0c: b7:3a:33:61 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD+wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB QjZDOUI2RTE2NTMzNEMwMzJEMDUxRDVGQzdEMTU0N0U0RTM1MzAeFw0yMzA5MjAw NjMxMDBaFw0yNDA5MTcwODA2NTdaMDMxMTAvBgNVBAMTKEEwQzc3RTAxMUMxREVC N0NBQTI1RjIxRDBCRTQ1NzFFNDlEQUMyREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC23DrmZsFCWip/ig0SQSvjzChnBLlnEmcthgOarCTYZbEACTNY eKlkqryoeCPaj5r4D30YHnA+1S9s2/l0HbbBdmuG8FhylSJzuJugXXy8YTudH2XT BYSI7cg5DJJ+EOSI/xbzwI3qe1ia773/9eUjYJlt1xKm9EwCJ9JRn9motmFhPbSQ 0znVv8WrbIjSnWZXsjsZxzaonJaMwIWUzIcuIG3EUNUv07fSljCOkmt9Zn9XLNkQ fvL8URZ2Ige02i0q66lFaOgpE3qkuZlUpBvcFshobsEwTaRWdFf7uMUVMSyrlNWq 5lEkazuLnNegfdcKOYMrQtpm2Ryc8t3PrSPJAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUoMd+ARwd63yqJfIdC+RXHknawt8wHwYDVR0jBBgwFoAU0qtsm24WUzTAMtBR 1fx9FUfk41MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA5 OC8wcXRzbTI0V1V6VEFNdEJSMWZ4OUZVZms0MU0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzBxdHNtMjRXVXpUQU10QlIxZng5RlVmazQxTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwOTgvb01kLUFSd2Q2M3lx SmZJZEMtUlhIa25hd3Q4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWepMjANBgkqhkiG9w0BAQsFAAOCAQEAUaW96++XTUl5I1xx9jHOqaE5Sgx6 /88B6WStiDY+Z8UqPHETt0zqahreRFaGqtGUquCrueEfEyX9Nlh8uegkVbxjzATW 6mmxyjSCNiTWoef6x1FvjBPhFCahK6Lzbg1IIbojUfz3XwNPxd80RNGh2NPsjKN2 NShQeYMI0B4lM5J282j4j7ZuqwDTCVuU1zOfbUYBZ+bJeSOIrwngVXIET5XN0aRF DKgQplcyhNMDcHjY62Pnl4CkX8FxF5XeS/sir+Jcz4/bRxxwNV87fsQS8Z8A4GoK haxN7aKjAu8dsamCLo8dtuis0ZDfQV9E/i3c7kQHfT5jE7qt43AMtzozYQ== -----END CERTIFICATE-----Generated at Sun Jun 2 11:54:52 2024 by rpki-client on console-fra.rpki-client.org