$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/1Y9Spn_zTd19UzZUD2ZSqP8b0Qk.roa File: 1Y9Spn_zTd19UzZUD2ZSqP8b0Qk.roa (raw, json) Hash identifier: fQicQIvQDxK8UPOh7JVgkPbdWFd1x3I9/rfZ9+gHmvE= Subject key identifier: D5:8F:52:A6:7F:F3:4D:DD:7D:53:36:54:0F:66:52:A8:FF:1B:D1:09 Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 0F5D Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/1Y9Spn_zTd19UzZUD2ZSqP8b0Qk.roa Signing time: Tue 15 Oct 2024 09:41:08 +0000 ROA not before: Tue 15 Oct 2024 09:41:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137443 IP address blocks: 103.218.94.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3933 (0xf5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Oct 15 09:41:08 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D58F52A67FF34DDD7D5336540F6652A8FF1BD109 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:e9:0a:44:de:12:de:bf:7c:88:64:08:57:be: fd:c8:8c:32:35:62:af:55:be:15:69:9a:c0:ea:70: 2b:10:75:2f:78:07:89:13:13:2c:b0:2e:04:38:bb: 52:63:a6:62:b0:0e:31:d4:76:4e:aa:32:ef:3e:5b: f5:68:be:dc:e4:46:dd:05:f1:a7:1b:e4:08:5b:02: e2:d1:44:1f:ff:5e:2f:95:9d:cf:19:da:9f:eb:90: 4c:8d:e5:c1:a0:32:bf:f3:78:ce:12:9b:ee:d7:42: 23:9a:43:cc:81:d4:f9:cf:96:29:23:6a:2b:b2:ef: 2d:55:71:89:d4:b0:6a:b6:bc:bf:af:a2:c0:25:59: ac:8c:3f:d4:00:63:32:1f:8f:8f:2b:9a:06:c4:32: 39:4e:93:1e:ed:b7:e3:f6:6b:f2:25:cf:f2:c2:09: 08:53:35:d9:53:0a:dc:cd:da:07:6d:38:ad:4d:6e: 31:63:6a:c7:ce:2b:b7:a8:de:be:15:77:fb:b0:ce: e3:3f:dd:41:0e:3b:99:06:2d:5f:8b:1f:a2:e7:eb: 39:82:68:62:3c:bf:c5:d0:de:d6:78:59:23:8f:b0: 44:1e:f3:c7:69:10:a1:88:b2:e7:89:53:e7:d3:d0: 03:02:89:a3:68:31:3b:a9:01:d9:84:5c:e5:b3:77: 90:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:8F:52:A6:7F:F3:4D:DD:7D:53:36:54:0F:66:52:A8:FF:1B:D1:09 X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/1Y9Spn_zTd19UzZUD2ZSqP8b0Qk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.218.94.0/24 Signature Algorithm: sha256WithRSAEncryption 86:0d:cd:ae:e8:26:89:72:79:13:76:64:eb:3f:39:9c:a4:ca: d7:be:95:41:3b:f3:5b:ed:e3:d1:bc:74:e1:36:ad:06:80:15: 90:7e:20:7d:0a:d3:48:67:3a:26:ac:e9:54:77:b9:c2:13:dd: ce:5d:14:0c:40:bd:95:45:f5:db:ac:e8:64:37:3f:b3:c6:b7: ba:c0:72:91:a2:cd:a1:22:22:a5:4b:40:ba:a3:b9:d0:5e:66: a5:eb:44:e7:51:db:e0:1e:dd:60:8c:3a:c5:4b:b7:04:da:b3: 8c:71:98:10:1a:0a:7e:88:a5:71:b2:b2:3b:29:60:a1:f8:b8: 97:ef:da:c9:3f:2f:f0:0d:aa:2a:b7:be:48:a3:d9:c3:91:55: 23:2e:da:8f:3a:18:78:1e:cb:9e:44:41:3d:ed:88:66:48:42: ee:66:5a:80:a2:7e:33:f3:01:87:52:49:7f:c9:5b:a5:d3:64: c4:b7:c6:93:ab:15:13:74:08:7a:1e:46:d9:28:33:b4:1d:70: 22:f0:a0:3e:14:d7:e7:72:06:44:c8:8f:f5:17:61:ff:00:04: 67:c5:09:34:02:8c:62:71:92:17:8b:1e:58:59:96:8e:56:e5: 19:3f:f7:f8:e0:51:9c:21:2f:36:06:b3:56:54:7b:c5:42:96: 47:83:28:fa -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD10wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNDEwMTUw OTQxMDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ1OEY1MkE2N0ZGMzRE REQ3RDUzMzY1NDBGNjY1MkE4RkYxQkQxMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDf6QpE3hLev3yIZAhXvv3IjDI1Yq9VvhVpmsDqcCsQdS94B4kT EyywLgQ4u1JjpmKwDjHUdk6qMu8+W/VovtzkRt0F8acb5AhbAuLRRB//Xi+Vnc8Z 2p/rkEyN5cGgMr/zeM4Sm+7XQiOaQ8yB1PnPlikjaiuy7y1VcYnUsGq2vL+vosAl WayMP9QAYzIfj48rmgbEMjlOkx7tt+P2a/Ilz/LCCQhTNdlTCtzN2gdtOK1NbjFj asfOK7eo3r4Vd/uwzuM/3UEOO5kGLV+LH6Ln6zmCaGI8v8XQ3tZ4WSOPsEQe88dp EKGIsueJU+fT0AMCiaNoMTupAdmEXOWzd5CNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU1Y9Spn/zTd19UzZUD2ZSqP8b0QkwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvMVk5U3BuX3pUZDE5 VXpaVUQyWlNxUDhiMFFrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfaXjANBgkqhkiG9w0BAQsFAAOCAQEAhg3NrugmiXJ5E3Zk6z85nKTK176V QTvzW+3j0bx04TatBoAVkH4gfQrTSGc6JqzpVHe5whPdzl0UDEC9lUX126zoZDc/ s8a3usBykaLNoSIipUtAuqO50F5mpetE51Hb4B7dYIw6xUu3BNqzjHGYEBoKfoil cbKyOylgofi4l+/ayT8v8A2qKre+SKPZw5FVIy7ajzoYeB7LnkRBPe2IZkhC7mZa gKJ+M/MBh1JJf8lbpdNkxLfGk6sVE3QIeh5G2SgztB1wIvCgPhTX53IGRMiP9Rdh /wAEZ8UJNAKMYnGSF4seWFmWjlblGT/3+OBRnCEvNgazVlR7xUKWR4Mo+g== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:11 2024 by rpki-client on console-ams.rpki-client.org