$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/2TY9VoA3ypgrPhPSlXQafnyCiZQ.roa File: 2TY9VoA3ypgrPhPSlXQafnyCiZQ.roa (raw, json) Hash identifier: vDSNz/Qcv+DhHxxw1rypQ9nLIGQJWwh3M36UKDV6pr0= Subject key identifier: D9:36:3D:56:80:37:CA:98:2B:3E:13:D2:95:74:1A:7E:7C:82:89:94 Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 0F5F Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/2TY9VoA3ypgrPhPSlXQafnyCiZQ.roa Signing time: Tue 15 Oct 2024 09:41:09 +0000 ROA not before: Tue 15 Oct 2024 09:41:09 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137443 IP address blocks: 103.197.180.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3935 (0xf5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Oct 15 09:41:09 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=D9363D568037CA982B3E13D295741A7E7C828994 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:56:34:b3:2c:44:fc:0d:92:37:3e:ca:fc:ac: 86:31:b7:cd:3d:33:fb:87:31:56:be:d6:76:1f:9e: 33:9a:fa:07:a2:d8:a4:9e:1a:86:7f:d0:c5:be:7e: b9:88:c5:42:32:6b:4a:ec:5c:d9:72:bb:14:e2:98: 02:e6:2a:23:ed:3f:cb:9c:a0:2b:ac:a9:e9:f6:85: 33:31:8e:00:73:6d:a3:4f:d5:37:ab:4c:42:32:ed: 18:83:63:4b:76:a1:34:cc:1b:5b:10:94:31:ca:1f: 12:2e:fa:84:36:9b:ba:f4:c6:6b:1d:e8:65:a5:5a: 32:55:03:89:aa:3b:6c:26:47:1c:bd:b4:d6:ed:fa: 86:cc:22:87:cc:ae:ba:9b:2e:62:3d:2b:3d:d2:45: 30:fa:c9:36:26:4e:7f:9f:fb:bf:7c:ee:b3:45:41: 6c:91:0a:70:b7:be:76:22:5a:f5:71:b8:c4:b3:39: 13:55:8c:0f:cc:f8:93:92:a6:ce:fd:7e:81:ba:4e: 63:d4:60:60:01:ea:f2:a2:39:30:64:1e:05:d5:3e: 91:3e:f2:76:bf:8f:76:6d:92:bf:d1:ee:e4:14:3b: 46:69:f8:3b:bd:66:c6:7a:60:5b:94:8e:0c:e1:17: 79:cb:af:25:d3:21:3c:d6:f9:f5:5c:1f:81:a2:77: 23:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:36:3D:56:80:37:CA:98:2B:3E:13:D2:95:74:1A:7E:7C:82:89:94 X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/2TY9VoA3ypgrPhPSlXQafnyCiZQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.197.180.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:bc:a6:5f:db:da:f0:2a:c1:53:be:f5:48:86:68:c1:d7:32: 8a:2c:cb:29:fa:44:09:6d:66:74:60:53:04:2f:6c:fd:ae:7b: 6d:13:c6:37:1f:09:b5:48:c4:7c:d1:6f:dd:63:ec:dd:fd:64: d4:d9:74:2d:26:1d:20:d4:44:73:c0:3b:35:43:c2:99:58:cc: 38:a9:d5:ec:ec:5b:28:c5:25:fe:bd:3f:c5:33:48:89:10:4d: de:e4:78:67:11:4b:33:d1:9c:89:e5:16:a7:b4:9e:9c:00:00: 76:05:c2:df:6f:af:be:4c:fa:07:36:f0:2a:0c:98:94:45:34: 5b:75:28:4b:91:14:6e:af:27:c3:bb:cc:78:ff:4b:ec:6d:41: 98:9d:5e:6a:af:3b:f7:97:ee:7f:2d:66:77:19:21:a3:6a:9b: 20:2c:71:78:b8:a8:fa:d5:b9:77:e2:6c:d5:33:7a:57:b6:db: aa:1e:50:bf:f4:cb:b7:71:24:1e:6f:80:26:38:3a:a1:65:eb: 8a:56:0f:e2:d8:95:31:73:88:61:57:3f:35:1e:00:2d:ea:59: 74:fb:ff:08:33:82:25:44:82:3e:2a:e0:42:f0:07:ae:2d:47: 3b:27:c8:f4:05:9e:ed:f7:11:a2:b7:93:85:9b:50:65:e1:23: 0d:60:cb:70 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD18wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNDEwMTUw OTQxMDlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEQ5MzYzRDU2ODAzN0NB OTgyQjNFMTNEMjk1NzQxQTdFN0M4Mjg5OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2VjSzLET8DZI3Psr8rIYxt809M/uHMVa+1nYfnjOa+gei2KSe GoZ/0MW+frmIxUIya0rsXNlyuxTimALmKiPtP8ucoCusqen2hTMxjgBzbaNP1Ter TEIy7RiDY0t2oTTMG1sQlDHKHxIu+oQ2m7r0xmsd6GWlWjJVA4mqO2wmRxy9tNbt +obMIofMrrqbLmI9Kz3SRTD6yTYmTn+f+7987rNFQWyRCnC3vnYiWvVxuMSzORNV jA/M+JOSps79foG6TmPUYGAB6vKiOTBkHgXVPpE+8na/j3Ztkr/R7uQUO0Zp+Du9 ZsZ6YFuUjgzhF3nLryXTITzW+fVcH4GidyMDAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU2TY9VoA3ypgrPhPSlXQafnyCiZQwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvMlRZOVZvQTN5cGdy UGhQU2xYUWFmbnlDaVpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfFtDANBgkqhkiG9w0BAQsFAAOCAQEAPbymX9va8CrBU771SIZowdcyiizL KfpECW1mdGBTBC9s/a57bRPGNx8JtUjEfNFv3WPs3f1k1Nl0LSYdINREc8A7NUPC mVjMOKnV7OxbKMUl/r0/xTNIiRBN3uR4ZxFLM9GcieUWp7SenAAAdgXC32+vvkz6 BzbwKgyYlEU0W3UoS5EUbq8nw7vMeP9L7G1BmJ1eaq8795fufy1mdxkho2qbICxx eLio+tW5d+Js1TN6V7bbqh5Qv/TLt3EkHm+AJjg6oWXrilYP4tiVMXOIYVc/NR4A LepZdPv/CDOCJUSCPirgQvAHri1HOyfI9AWe7fcRoreThZtQZeEjDWDLcA== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:11 2024 by rpki-client on console-ams.rpki-client.org