$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3142/4NUdw3kN8jP9dI6-_-rR9fGec98.roa File: 4NUdw3kN8jP9dI6-_-rR9fGec98.roa (raw, json) Hash identifier: hxxGlunNIZylSxprtLchWJQYLU6w4i0KCfkeNrK47MU= Subject key identifier: E0:D5:1D:C3:79:0D:F2:33:FD:74:8E:BE:FF:EA:D1:F5:F1:9E:73:DF Certificate issuer: /CN=61A0E1E43F9C59876AA42B1F8C1AE12C21CC6EA0 Certificate serial: 09 Authority key identifier: 61:A0:E1:E4:3F:9C:59:87:6A:A4:2B:1F:8C:1A:E1:2C:21:CC:6E:A0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YaDh5D-cWYdqpCsfjBrhLCHMbqA.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3142/4NUdw3kN8jP9dI6-_-rR9fGec98.roa Signing time: Thu 26 Sep 2024 02:00:34 +0000 ROA not before: Thu 26 Sep 2024 02:00:34 +0000 ROA not after: Thu 25 Sep 2025 07:10:27 +0000 asID: 4837 IP address blocks: 103.186.4.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3142/YaDh5D-cWYdqpCsfjBrhLCHMbqA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3142/YaDh5D-cWYdqpCsfjBrhLCHMbqA.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YaDh5D-cWYdqpCsfjBrhLCHMbqA.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 21:25:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9 (0x9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61A0E1E43F9C59876AA42B1F8C1AE12C21CC6EA0 Validity Not Before: Sep 26 02:00:34 2024 GMT Not After : Sep 25 07:10:27 2025 GMT Subject: CN=E0D51DC3790DF233FD748EBEFFEAD1F5F19E73DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:0e:40:a2:9f:f8:fb:71:35:b4:44:05:9e:22: 1e:2a:4e:3b:5c:a5:9c:28:5e:4e:2a:38:75:c8:89: 3f:53:51:6a:17:52:b0:5d:a1:93:46:a4:b2:05:69: a1:a4:67:3f:e2:e7:59:3f:5f:ff:d1:be:d9:8a:db: 7b:06:22:98:58:32:0d:26:60:78:9d:18:db:b3:fe: 0b:cc:02:62:92:8f:1f:a6:b7:fe:ac:4c:2e:98:79: 77:e3:20:60:1d:7b:48:06:73:d4:87:88:75:8a:20: fd:76:55:1d:2f:bc:48:9b:77:68:1f:6d:d3:c4:bd: 0e:5c:23:53:81:ca:2b:bc:03:72:66:40:56:b1:f0: e0:67:49:5e:a9:a3:bd:54:17:7e:bd:bf:49:3e:6d: b9:91:ae:bc:79:62:24:ca:d1:66:aa:96:15:f3:f4: 8d:a8:25:1d:eb:42:5a:94:08:4a:45:6e:39:97:c9: 1f:3a:1d:6f:6f:1a:2c:af:9a:55:28:4d:eb:55:49: 86:23:ff:56:39:e6:e5:72:fa:92:08:16:83:5e:64: 71:ea:ea:25:9d:b2:d1:40:cf:fe:e0:90:b0:5f:da: 5b:47:8a:bd:c8:12:f6:37:b7:a5:40:0c:23:f5:06: 36:23:5d:73:0a:f8:88:3b:ca:7b:c5:15:96:cf:1a: b7:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:D5:1D:C3:79:0D:F2:33:FD:74:8E:BE:FF:EA:D1:F5:F1:9E:73:DF X509v3 Authority Key Identifier: keyid:61:A0:E1:E4:3F:9C:59:87:6A:A4:2B:1F:8C:1A:E1:2C:21:CC:6E:A0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3142/YaDh5D-cWYdqpCsfjBrhLCHMbqA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/YaDh5D-cWYdqpCsfjBrhLCHMbqA.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3142/4NUdw3kN8jP9dI6-_-rR9fGec98.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.186.4.0/23 Signature Algorithm: sha256WithRSAEncryption 8b:bc:1a:1c:63:44:6c:43:5e:a7:32:b6:1c:f7:c8:47:96:a7: 9a:41:a6:8e:90:34:a4:b1:90:f8:49:f5:98:42:94:16:da:ba: 3c:68:fd:10:1a:e0:f5:94:0f:97:a1:4e:b8:ef:d4:a4:fd:e8: 42:11:5c:29:d2:40:da:e3:9b:fb:3a:08:51:e5:2c:4a:ef:d8: 07:fa:08:8c:33:52:7d:7d:8d:7b:b1:9f:b7:4d:6b:46:f2:f4: 79:a3:0e:0d:12:73:d7:98:cb:cc:37:b6:ae:b1:aa:6c:7f:93: 38:6e:7e:c2:e3:8f:2f:b5:7c:3d:78:be:e3:6c:64:3e:71:15: 2c:93:99:68:3b:40:30:0e:ca:a4:68:f9:60:b0:34:ee:1e:ed: 32:5c:3b:ab:4a:b0:5c:8d:c0:f2:04:2e:88:27:73:4d:f0:21: dc:a7:2c:b0:5e:da:31:41:e1:95:f5:e9:2f:78:d3:3b:b8:2d: 6c:90:85:f1:f3:c2:fd:4a:86:61:bb:6f:a3:85:34:c4:02:d6: 7c:32:ee:c2:13:fa:61:cc:10:04:90:28:bb:04:61:72:be:6e: fb:83:68:5b:4a:46:58:ce:37:a1:2d:8b:76:4d:20:d3:92:77: b4:a5:d2:0c:92:6d:42:1c:cd:35:b8:1d:52:74:bc:80:94:e0: 08:6f:dc:92 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2MUEw RTFFNDNGOUM1OTg3NkFBNDJCMUY4QzFBRTEyQzIxQ0M2RUEwMB4XDTI0MDkyNjAy MDAzNFoXDTI1MDkyNTA3MTAyN1owMzExMC8GA1UEAxMoRTBENTFEQzM3OTBERjIz M0ZENzQ4RUJFRkZFQUQxRjVGMTlFNzNERjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAM0OQKKf+PtxNbREBZ4iHipOO1ylnCheTio4dciJP1NRahdSsF2h k0aksgVpoaRnP+LnWT9f/9G+2YrbewYimFgyDSZgeJ0Y27P+C8wCYpKPH6a3/qxM Lph5d+MgYB17SAZz1IeIdYog/XZVHS+8SJt3aB9t08S9DlwjU4HKK7wDcmZAVrHw 4GdJXqmjvVQXfr2/ST5tuZGuvHliJMrRZqqWFfP0jaglHetCWpQISkVuOZfJHzod b28aLK+aVShN61VJhiP/Vjnm5XL6kggWg15kcerqJZ2y0UDP/uCQsF/aW0eKvcgS 9je3pUAMI/UGNiNdcwr4iDvKe8UVls8at7MCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBTg1R3DeQ3yM/10jr7/6tH18Z5z3zAfBgNVHSMEGDAWgBRhoOHkP5xZh2qkKx+M GuEsIcxuoDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTQy L1lhRGg1RC1jV1lkcXBDc2ZqQnJoTENITWJxQS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvWWFEaDVELWNXWWRxcENzZmpCcmhMQ0hNYnFBLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE0Mi80TlVkdzNrTjhqUDlk STYtXy1yUjlmR2VjOTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ7oEMA0GCSqGSIb3DQEBCwUAA4IBAQCLvBocY0RsQ16nMrYc98hHlqeaQaaO kDSksZD4SfWYQpQW2ro8aP0QGuD1lA+XoU6479Sk/ehCEVwp0kDa45v7OghR5SxK 79gH+giMM1J9fY17sZ+3TWtG8vR5ow4NEnPXmMvMN7ausapsf5M4bn7C448vtXw9 eL7jbGQ+cRUsk5loO0AwDsqkaPlgsDTuHu0yXDurSrBcjcDyBC6IJ3NN8CHcpyyw XtoxQeGV9ekveNM7uC1skIXx88L9SoZhu2+jhTTEAtZ8Mu7CE/phzBAEkCi7BGFy vm77g2hbSkZYzjehLYt2TSDTkne0pdIMkm1CHM01uB1SdLyAlOAIb9yS -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:41 2024 by rpki-client on console-ams.rpki-client.org