$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/DfmvJHHqo2_36cNk-0I4X70DpOQ.roa File: DfmvJHHqo2_36cNk-0I4X70DpOQ.roa (raw, json) Hash identifier: FPB9AyWhDC+67lUPEG/Hj5EAwWrfFGzGVGAGbR0G50c= Subject key identifier: 0D:F9:AF:24:71:EA:A3:6F:F7:E9:C3:64:FB:42:38:5F:BD:03:A4:E4 Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 0FF1 Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/DfmvJHHqo2_36cNk-0I4X70DpOQ.roa Signing time: Mon 28 Oct 2024 07:22:55 +0000 ROA not before: Mon 28 Oct 2024 07:22:55 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 211392 IP address blocks: 103.79.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4081 (0xff1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Oct 28 07:22:55 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=0DF9AF2471EAA36FF7E9C364FB42385FBD03A4E4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:eb:d1:3c:7e:00:da:86:bb:9f:24:0d:56:c7: 11:21:93:67:b7:42:29:7f:a5:55:da:f8:78:3e:2c: cf:88:13:5f:6c:1f:48:69:3d:d2:da:5b:e0:c8:27: b9:e1:85:33:0c:f8:82:27:a3:65:43:1a:36:6b:81: cd:a3:12:7d:a4:b8:5b:f7:4b:48:e8:0f:fd:32:5b: 33:b4:f8:86:d3:02:03:66:a7:db:43:0b:60:85:fc: 9d:8f:e8:ff:3e:a1:b4:32:d5:b8:af:bc:28:b5:fa: e7:1c:b1:65:2a:9f:fc:ab:80:cd:45:08:bf:c5:26: df:7b:c5:4f:aa:32:91:ad:f7:4b:c6:db:bd:c9:f9: 11:bc:d2:d6:d1:1c:b7:a4:88:ed:71:bf:be:bc:27: 75:ce:d6:17:90:c7:68:46:65:21:5b:86:b3:5a:66: 46:02:38:92:de:c0:dc:85:5f:93:f8:66:c2:ee:55: c7:27:1a:b6:b9:f1:a4:9e:17:ab:19:5e:4d:5d:62: a8:21:d3:e2:4a:7e:b3:34:ed:c5:95:f0:e3:7f:aa: 95:19:61:d2:3d:4f:48:83:72:4d:d0:b2:c2:96:26: e3:41:45:0e:de:c7:37:13:c8:b2:9c:e9:84:90:2c: cd:8d:8a:8a:9b:6a:2e:43:1d:89:d7:2d:e3:e6:0d: e1:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:F9:AF:24:71:EA:A3:6F:F7:E9:C3:64:FB:42:38:5F:BD:03:A4:E4 X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/DfmvJHHqo2_36cNk-0I4X70DpOQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.229.0/24 Signature Algorithm: sha256WithRSAEncryption 33:8f:64:f9:4b:80:b9:82:3a:f0:df:de:b7:82:bd:5d:8a:93: 59:10:c9:ee:58:54:09:47:86:1f:3b:65:4c:72:dd:b0:6c:e4: 29:08:bb:91:99:dd:97:a2:e7:7f:ff:58:48:ff:50:56:3c:9d: 78:ec:8f:1d:64:8b:61:79:7e:0c:3a:38:ab:5d:02:71:9f:bb: 32:9c:bb:cc:16:cc:b4:21:1f:06:2e:64:55:1a:a4:28:6e:ee: 78:82:d0:3d:53:9c:07:69:33:18:b0:b5:06:12:ff:be:52:ea: 2e:f4:ea:a5:41:24:4e:aa:95:0c:da:c9:06:14:37:10:8b:ab: 4e:58:80:a3:15:79:b4:18:64:09:31:b6:89:5d:fd:4a:71:89: b1:8b:ed:97:0c:0b:9e:fa:f2:75:9f:b4:c6:c5:e9:de:e1:29: ea:cd:c2:f9:da:af:3c:8d:ed:41:ad:11:17:9b:74:1b:56:50: 34:31:9d:b4:1c:6f:ad:3c:75:62:d5:b5:0c:c4:c1:70:9c:eb: b8:39:68:17:2b:15:78:1d:c8:71:75:83:4f:0a:06:0e:94:2e: 8c:ea:e4:e3:13:50:20:3e:57:b9:ff:b6:bf:fd:5c:0e:a7:7a: 23:8c:d3:09:1e:e2:93:d4:ad:eb:51:b2:c8:fa:75:f5:24:53: 3d:c2:b0:8e -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD/EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNDEwMjgw NzIyNTVaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDBERjlBRjI0NzFFQUEz NkZGN0U5QzM2NEZCNDIzODVGQkQwM0E0RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC069E8fgDahrufJA1WxxEhk2e3Qil/pVXa+Hg+LM+IE19sH0hp PdLaW+DIJ7nhhTMM+IIno2VDGjZrgc2jEn2kuFv3S0joD/0yWzO0+IbTAgNmp9tD C2CF/J2P6P8+obQy1bivvCi1+uccsWUqn/yrgM1FCL/FJt97xU+qMpGt90vG273J +RG80tbRHLekiO1xv768J3XO1heQx2hGZSFbhrNaZkYCOJLewNyFX5P4ZsLuVccn Gra58aSeF6sZXk1dYqgh0+JKfrM07cWV8ON/qpUZYdI9T0iDck3QssKWJuNBRQ7e xzcTyLKc6YSQLM2Nioqbai5DHYnXLePmDeGDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDfmvJHHqo2/36cNk+0I4X70DpOQwHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvRGZtdkpISHFvMl8z NmNOay0wSTRYNzBEcE9RLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdP5TANBgkqhkiG9w0BAQsFAAOCAQEAM49k+UuAuYI68N/et4K9XYqTWRDJ 7lhUCUeGHztlTHLdsGzkKQi7kZndl6Lnf/9YSP9QVjydeOyPHWSLYXl+DDo4q10C cZ+7Mpy7zBbMtCEfBi5kVRqkKG7ueILQPVOcB2kzGLC1BhL/vlLqLvTqpUEkTqqV DNrJBhQ3EIurTliAoxV5tBhkCTG2iV39SnGJsYvtlwwLnvrydZ+0xsXp3uEp6s3C +dqvPI3tQa0RF5t0G1ZQNDGdtBxvrTx1YtW1DMTBcJzruDloFysVeB3IcXWDTwoG DpQujOrk4xNQID5Xuf+2v/1cDqd6I4zTCR7ik9St61GyyPp19SRTPcKwjg== -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:35 2024 by rpki-client on console-fra.rpki-client.org