$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/MHV-03xmBb-oEGS-czTJkM_Nsz8.roa File: MHV-03xmBb-oEGS-czTJkM_Nsz8.roa (raw, json) Hash identifier: ZWMKxOo9LR1ITCABW6PC7oNwUEnFCpU2qQJg7wqS7yY= Subject key identifier: 30:75:7E:D3:7C:66:05:BF:A8:10:64:BE:73:34:C9:90:CF:CD:B3:3F Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 0FEB Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/MHV-03xmBb-oEGS-czTJkM_Nsz8.roa Signing time: Mon 28 Oct 2024 07:22:53 +0000 ROA not before: Mon 28 Oct 2024 07:22:53 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4812 IP address blocks: 103.79.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 22:57:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4075 (0xfeb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Oct 28 07:22:53 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=30757ED37C6605BFA81064BE7334C990CFCDB33F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:69:4c:0c:91:74:0e:da:01:2d:ef:db:94:43: 65:07:db:31:40:fe:f6:e0:c2:ad:85:bd:6c:4a:c3: 3c:44:21:fd:d5:50:72:d9:c2:4a:75:66:44:25:33: ee:1f:35:9f:53:cc:a8:05:cb:07:cf:b8:57:79:c1: 2d:26:16:da:59:e2:07:58:8a:2a:e5:03:92:6e:19: 2f:7c:e6:63:c1:46:0b:ae:51:52:47:b7:b1:e0:fc: aa:85:81:34:60:14:17:c5:77:43:83:46:3e:74:5f: 07:2a:63:c0:7c:65:d8:65:d2:b7:89:03:49:04:1a: 8e:a8:6f:2a:98:f2:31:ad:a7:79:ad:74:c0:75:39: 66:b0:67:6c:dc:29:2a:a7:cd:45:2b:cf:02:4d:3c: 4e:da:91:12:2f:b1:68:5a:f8:90:ba:14:f5:52:f8: 16:35:a7:8e:66:24:5b:c9:f9:c7:ca:49:25:82:41: cc:a7:70:db:a1:2c:98:61:87:01:8b:25:ab:60:90: f7:15:e9:a2:59:50:5d:b2:f2:2c:35:99:70:93:71: 73:fa:4d:c9:e4:0f:d3:0a:c5:92:01:fb:73:7c:10: 12:c2:4d:4f:46:cd:c9:65:16:df:e9:be:d9:f4:a6: 63:a8:c8:2c:74:0d:81:10:c7:b6:cf:6c:8c:79:45: 2a:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:75:7E:D3:7C:66:05:BF:A8:10:64:BE:73:34:C9:90:CF:CD:B3:3F X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/MHV-03xmBb-oEGS-czTJkM_Nsz8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.229.0/24 Signature Algorithm: sha256WithRSAEncryption 72:b2:96:dd:8e:4c:6a:43:00:ef:4a:13:a2:df:76:3d:dd:5f: 95:8e:96:30:95:be:9f:4d:3b:41:6c:e0:df:2b:11:54:e1:3c: a2:52:e7:25:17:0d:a9:4b:3e:ea:00:65:50:b9:43:78:ce:f6: a2:43:4b:89:46:c3:41:85:8d:da:ec:df:2d:9d:c6:f5:20:c1: 91:99:7b:12:fd:4b:23:e6:98:02:6e:7f:8e:ea:e1:6e:15:41: 74:61:72:4c:92:41:42:65:df:81:d5:b0:8d:ff:1a:53:d7:d2: 26:65:b5:7f:b9:e4:1c:71:c0:a5:27:08:cc:7f:19:a4:86:36: e5:1a:22:2d:a9:4e:90:da:ec:b0:35:10:6c:42:cf:0e:b8:77: 6f:e7:a2:f3:4e:8c:7d:73:37:e3:9c:a9:1f:78:5a:16:2c:65: e2:d5:4c:09:8f:ff:90:39:fc:0f:18:11:11:0e:a3:44:a8:c7: 6e:0f:a8:ce:2a:78:28:1a:23:53:1f:35:fc:fa:ac:42:a6:5b: 92:aa:54:4e:fa:cc:82:85:f4:0f:72:fe:64:3c:b8:b0:8b:3f: 8c:4b:aa:bd:99:78:dd:4d:aa:19:c6:3e:82:0e:3d:a1:e3:e8: f3:fe:d5:b3:f0:b0:a5:91:9b:56:cd:4b:13:c7:5e:b4:f9:65: 20:49:c5:04 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD+swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNDEwMjgw NzIyNTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMwNzU3RUQzN0M2NjA1 QkZBODEwNjRCRTczMzRDOTkwQ0ZDREIzM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDAaUwMkXQO2gEt79uUQ2UH2zFA/vbgwq2FvWxKwzxEIf3VUHLZ wkp1ZkQlM+4fNZ9TzKgFywfPuFd5wS0mFtpZ4gdYiirlA5JuGS985mPBRguuUVJH t7Hg/KqFgTRgFBfFd0ODRj50XwcqY8B8Zdhl0reJA0kEGo6obyqY8jGtp3mtdMB1 OWawZ2zcKSqnzUUrzwJNPE7akRIvsWha+JC6FPVS+BY1p45mJFvJ+cfKSSWCQcyn cNuhLJhhhwGLJatgkPcV6aJZUF2y8iw1mXCTcXP6TcnkD9MKxZIB+3N8EBLCTU9G zcllFt/pvtn0pmOoyCx0DYEQx7bPbIx5RSqfAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMHV+03xmBb+oEGS+czTJkM/Nsz8wHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvTUhWLTAzeG1CYi1v RUdTLWN6VEprTV9Oc3o4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdP5TANBgkqhkiG9w0BAQsFAAOCAQEAcrKW3Y5MakMA70oTot92Pd1flY6W MJW+n007QWzg3ysRVOE8olLnJRcNqUs+6gBlULlDeM72okNLiUbDQYWN2uzfLZ3G 9SDBkZl7Ev1LI+aYAm5/jurhbhVBdGFyTJJBQmXfgdWwjf8aU9fSJmW1f7nkHHHA pScIzH8ZpIY25RoiLalOkNrssDUQbELPDrh3b+ei806MfXM345ypH3haFixl4tVM CY//kDn8DxgREQ6jRKjHbg+ozip4KBojUx81/PqsQqZbkqpUTvrMgoX0D3L+ZDy4 sIs/jEuqvZl43U2qGcY+gg49oePo8/7Vs/CwpZGbVs1LE8detPllIEnFBA== -----END CERTIFICATE-----Generated at Sun Feb 16 22:22:39 2025 by rpki-client