$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3168/ngCrogSoEerCy3JCDkH3qz2zjh4.roa File: ngCrogSoEerCy3JCDkH3qz2zjh4.roa (raw, json) Hash identifier: 7gV3qPpp3e9GtLUZvSw/Up5TUwAArU2Zk1z9CC4Eo+o= Subject key identifier: 9E:00:AB:A2:04:A8:11:EA:C2:CB:72:42:0E:41:F7:AB:3D:B3:8E:1E Certificate issuer: /CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Certificate serial: 0FEC Authority key identifier: 24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/ngCrogSoEerCy3JCDkH3qz2zjh4.roa Signing time: Mon 28 Oct 2024 07:22:53 +0000 ROA not before: Mon 28 Oct 2024 07:22:53 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 211392 IP address blocks: 103.79.228.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4076 (0xfec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=240987F40A6030CDFA33DED1EEE7CF4DC7C30094 Validity Not Before: Oct 28 07:22:53 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9E00ABA204A811EAC2CB72420E41F7AB3DB38E1E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:fe:6b:37:07:0b:1d:09:9b:fa:2b:b7:55:a6: 64:4a:12:42:83:8e:4b:9f:84:46:40:48:e6:d5:26: 04:3f:b3:16:aa:37:f0:64:74:d3:f3:e6:ec:18:af: d8:72:68:09:22:a2:77:be:68:e0:37:f1:a3:29:d1: 51:97:87:b7:e6:13:96:32:43:b6:a4:1d:33:e2:82: 34:11:e7:9f:53:1f:0d:e4:1c:e0:64:a9:d8:b3:ea: 06:05:67:7c:3b:e0:fc:eb:58:51:1c:dd:33:23:11: a5:92:cf:45:40:be:9c:be:c0:88:7d:63:07:ff:39: 95:96:8c:4f:da:45:da:82:25:15:b0:de:31:40:70: c9:a8:7f:42:77:e0:b0:4d:ea:b8:26:c3:87:fc:37: a8:26:3b:e6:04:7e:b2:5e:b0:1b:21:ce:76:82:8a: 53:f6:44:56:a8:38:ca:40:6d:a8:43:b9:e1:c9:b1: e2:cc:95:f6:d6:29:cf:69:ca:f3:48:69:85:88:8e: 01:94:e9:31:2f:49:9c:ff:23:c2:bc:86:d3:af:57: 70:d2:1f:df:a5:75:9f:48:2b:ec:ff:4f:2c:4a:89: 86:55:52:98:4a:82:fd:1a:02:60:9f:f4:27:fe:41: dd:ad:dd:15:71:67:89:98:ba:bd:33:62:3c:11:5e: cb:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:00:AB:A2:04:A8:11:EA:C2:CB:72:42:0E:41:F7:AB:3D:B3:8E:1E X509v3 Authority Key Identifier: keyid:24:09:87:F4:0A:60:30:CD:FA:33:DE:D1:EE:E7:CF:4D:C7:C3:00:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/JAmH9ApgMM36M97R7ufPTcfDAJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/JAmH9ApgMM36M97R7ufPTcfDAJQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3168/ngCrogSoEerCy3JCDkH3qz2zjh4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.79.228.0/24 Signature Algorithm: sha256WithRSAEncryption 5a:28:05:f0:90:02:b1:05:28:f8:97:3b:3e:ed:99:6f:ed:0c: 27:a0:65:9f:8b:2d:65:01:7e:42:a3:93:7f:40:65:32:32:9d: ac:0f:8a:a5:00:87:78:89:d8:d0:65:95:81:8e:81:9d:ad:4d: 22:16:6e:c2:21:a4:81:28:e2:bb:2e:8d:14:78:62:bd:c2:b6: 2f:05:54:c9:c4:f3:e0:56:ba:94:c0:69:db:29:bc:35:aa:bb: af:4d:41:6c:a9:9c:a7:57:54:2d:c5:16:cc:fc:29:52:7c:d4: 5d:85:40:11:80:1e:7a:e8:e1:5a:15:38:91:06:c7:c5:87:c3: 81:39:be:79:15:f2:25:8e:5e:cf:01:f8:c7:bd:60:86:51:e8: 87:54:0d:c7:5a:ac:33:9f:d1:ff:7c:25:b1:ea:45:7e:e5:0c: 80:39:e8:b1:d8:35:c8:1d:a5:93:7a:38:47:c1:82:e6:84:9d: eb:27:49:f8:12:f9:88:57:bf:9e:e4:25:2b:50:ed:82:a1:9d: 9b:39:d9:8e:21:62:f0:5c:0c:e7:06:2f:57:34:65:d0:7a:4e: ec:8b:04:f4:79:6e:99:66:c7:a2:69:34:38:43:1a:18:5c:04: 56:27:db:9f:d9:5d:58:f4:c8:71:1f:57:ba:d2:9d:62:8e:c8: a6:83:93:de -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD+wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjQw OTg3RjQwQTYwMzBDREZBMzNERUQxRUVFN0NGNERDN0MzMDA5NDAeFw0yNDEwMjgw NzIyNTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDlFMDBBQkEyMDRBODEx RUFDMkNCNzI0MjBFNDFGN0FCM0RCMzhFMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDB/ms3BwsdCZv6K7dVpmRKEkKDjkufhEZASObVJgQ/sxaqN/Bk dNPz5uwYr9hyaAkione+aOA38aMp0VGXh7fmE5YyQ7akHTPigjQR559THw3kHOBk qdiz6gYFZ3w74PzrWFEc3TMjEaWSz0VAvpy+wIh9Ywf/OZWWjE/aRdqCJRWw3jFA cMmof0J34LBN6rgmw4f8N6gmO+YEfrJesBshznaCilP2RFaoOMpAbahDueHJseLM lfbWKc9pyvNIaYWIjgGU6TEvSZz/I8K8htOvV3DSH9+ldZ9IK+z/TyxKiYZVUphK gv0aAmCf9Cf+Qd2t3RVxZ4mYur0zYjwRXsuFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUngCrogSoEerCy3JCDkH3qz2zjh4wHwYDVR0jBBgwFoAUJAmH9ApgMM36M97R 7ufPTcfDAJQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2 OC9KQW1IOUFwZ01NMzZNOTdSN3VmUFRjZkRBSlEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0pBbUg5QXBnTU0zNk05N1I3dWZQVGNmREFKUS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjgvbmdDcm9nU29FZXJD eTNKQ0RrSDNxejJ6amg0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGdP5DANBgkqhkiG9w0BAQsFAAOCAQEAWigF8JACsQUo+Jc7Pu2Zb+0MJ6Bl n4stZQF+QqOTf0BlMjKdrA+KpQCHeInY0GWVgY6Bna1NIhZuwiGkgSjiuy6NFHhi vcK2LwVUycTz4Fa6lMBp2ym8Naq7r01BbKmcp1dULcUWzPwpUnzUXYVAEYAeeujh WhU4kQbHxYfDgTm+eRXyJY5ezwH4x71ghlHoh1QNx1qsM5/R/3wlsepFfuUMgDno sdg1yB2lk3o4R8GC5oSd6ydJ+BL5iFe/nuQlK1DtgqGdmznZjiFi8FwM5wYvVzRl 0HpO7IsE9HlumWbHomk0OEMaGFwEVifbn9ldWPTIcR9XutKdYo7IpoOT3g== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:11 2024 by rpki-client on console-ams.rpki-client.org