$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/IGn-XmZuKtQL73cha8UpyIipgDM.roa File: IGn-XmZuKtQL73cha8UpyIipgDM.roa (raw, json) Hash identifier: A14YSG0N4jkA/PqSNWJ36Q5QgFwbmJx9CRG22fBL64Y= Subject key identifier: 20:69:FE:5E:66:6E:2A:D4:0B:EF:77:21:6B:C5:29:C8:88:A9:80:33 Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 0F5C Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/IGn-XmZuKtQL73cha8UpyIipgDM.roa Signing time: Tue 15 Oct 2024 09:41:08 +0000 ROA not before: Tue 15 Oct 2024 09:41:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137443 IP address blocks: 103.139.92.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3932 (0xf5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Oct 15 09:41:08 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2069FE5E666E2AD40BEF77216BC529C888A98033 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:f4:a4:e1:a9:33:6f:a6:fd:92:46:31:a2:4f: 66:93:5f:70:1c:31:3c:6a:bc:32:da:96:1e:11:6b: 51:37:fb:cb:f3:af:d9:f5:c3:ee:3a:1a:52:5d:0f: 3d:5d:a4:ac:7b:26:1c:35:61:6d:d8:91:b7:40:e8: 70:fe:2a:b1:b0:81:10:a3:65:98:9d:26:a8:f0:dd: 36:50:10:8c:a9:d8:4b:b9:9b:56:01:a2:0c:f0:af: 87:01:75:00:7f:93:af:0a:9b:ac:ca:f0:f8:4b:c9: 42:9a:f4:08:aa:fb:05:9c:3f:be:b4:4c:2b:77:ed: 9f:8e:0f:b3:60:2d:f0:8f:e9:28:e2:66:a1:e6:91: ad:ce:f8:a0:5c:21:70:31:62:a2:09:bc:9f:29:4c: 33:89:84:0a:04:59:59:85:5b:98:0d:d6:ea:3e:58: d2:cc:b1:ed:2c:16:2b:b2:bc:b0:00:80:5c:24:c6: 58:9c:89:2b:3c:e5:a8:30:34:be:0f:da:50:82:b7: 0b:a5:97:ac:fb:3d:af:42:fc:22:d5:7a:3d:8f:38: 91:eb:e2:79:c9:72:f7:c1:fd:0a:10:0e:ab:5a:b8: 97:08:3e:51:56:ac:90:8c:cc:de:3b:60:7b:6c:bf: 1d:43:19:df:07:67:83:52:c5:d9:f4:2e:16:20:dc: ee:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:69:FE:5E:66:6E:2A:D4:0B:EF:77:21:6B:C5:29:C8:88:A9:80:33 X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/IGn-XmZuKtQL73cha8UpyIipgDM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.92.0/24 Signature Algorithm: sha256WithRSAEncryption a8:dd:58:ec:92:1b:50:e0:ba:87:63:2f:05:bc:a6:49:3c:b7: bf:1f:98:e1:73:a6:c6:88:b5:f1:d0:5d:22:72:3d:f8:6c:ed: cf:e6:7f:3e:f6:f4:8b:35:b1:59:f1:c8:dd:4e:1c:bf:73:3f: a4:98:ab:b7:7b:19:b6:63:fe:11:9b:4d:1b:6a:40:15:fd:e4: 15:73:a0:a5:86:bf:37:7d:9d:2f:a0:fc:1f:50:68:2e:79:52: 08:7a:38:2b:c9:d1:e8:eb:f2:df:d0:c0:c3:bc:bb:25:04:af: 83:f5:6c:57:3a:5e:02:f8:1b:d6:58:34:a2:e9:d2:9a:57:9c: 96:91:79:6e:06:4e:6b:7e:0c:30:00:96:5c:52:67:95:67:5b: 3e:91:78:51:fa:7a:21:ad:79:b4:68:8c:16:ec:04:49:19:81: f0:9a:57:88:6c:0e:40:da:29:70:4b:f0:ea:23:cf:7c:08:19: 84:d1:f6:7b:62:e2:8c:64:91:f7:38:c7:5c:db:f0:df:01:da: 76:44:3e:40:1b:e2:c4:2d:2c:a5:96:af:4e:4c:59:7f:2e:b1: 57:63:09:81:b9:59:e1:4b:c4:78:5e:66:d4:3b:c5:e5:9c:aa: ff:fc:ac:20:ac:ef:d6:56:67:0b:fe:77:e7:f7:4d:6c:cf:dc: 48:90:36:e9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD1wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNDEwMTUw OTQxMDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIwNjlGRTVFNjY2RTJB RDQwQkVGNzcyMTZCQzUyOUM4ODhBOTgwMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+9KThqTNvpv2SRjGiT2aTX3AcMTxqvDLalh4Ra1E3+8vzr9n1 w+46GlJdDz1dpKx7Jhw1YW3YkbdA6HD+KrGwgRCjZZidJqjw3TZQEIyp2Eu5m1YB ogzwr4cBdQB/k68Km6zK8PhLyUKa9Aiq+wWcP760TCt37Z+OD7NgLfCP6SjiZqHm ka3O+KBcIXAxYqIJvJ8pTDOJhAoEWVmFW5gN1uo+WNLMse0sFiuyvLAAgFwkxlic iSs85agwNL4P2lCCtwull6z7Pa9C/CLVej2POJHr4nnJcvfB/QoQDqtauJcIPlFW rJCMzN47YHtsvx1DGd8HZ4NSxdn0LhYg3O6TAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUIGn+XmZuKtQL73cha8UpyIipgDMwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvSUduLVhtWnVLdFFM NzNjaGE4VXB5SWlwZ0RNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGeLXDANBgkqhkiG9w0BAQsFAAOCAQEAqN1Y7JIbUOC6h2MvBbymSTy3vx+Y 4XOmxoi18dBdInI9+Gztz+Z/Pvb0izWxWfHI3U4cv3M/pJirt3sZtmP+EZtNG2pA Ff3kFXOgpYa/N32dL6D8H1BoLnlSCHo4K8nR6Ovy39DAw7y7JQSvg/VsVzpeAvgb 1lg0ounSmleclpF5bgZOa34MMACWXFJnlWdbPpF4Ufp6Ia15tGiMFuwESRmB8JpX iGwOQNopcEvw6iPPfAgZhNH2e2LijGSR9zjHXNvw3wHadkQ+QBvixC0spZavTkxZ fy6xV2MJgblZ4UvEeF5m1DvF5Zyq//ysIKzv1lZnC/535/dNbM/cSJA26Q== -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:35 2024 by rpki-client on console-fra.rpki-client.org