$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/LT2YAInbqTi5ngphm9kxYvZHOls.roa File: LT2YAInbqTi5ngphm9kxYvZHOls.roa (raw, json) Hash identifier: zFgeY11NRDn4sGjofsRNA4IjXAT35G2YLVdDSIHc61Y= Subject key identifier: 2D:3D:98:00:89:DB:A9:38:B9:9E:0A:61:9B:D9:31:62:F6:47:3A:5B Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 0966 Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/LT2YAInbqTi5ngphm9kxYvZHOls.roa Signing time: Wed 13 Dec 2023 03:47:15 +0000 ROA not before: Wed 13 Dec 2023 03:47:15 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 55933 IP address blocks: 103.139.92.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Jun 2024 16:25:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2406 (0x966) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Dec 13 03:47:15 2023 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=2D3D980089DBA938B99E0A619BD93162F6473A5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e8:bd:bf:15:b3:0e:ab:41:d5:7b:11:35:4f: a5:32:d0:83:5f:e4:53:49:2e:a8:e9:07:1f:55:be: be:f2:f5:56:97:68:84:fb:7d:83:03:ad:ab:ff:06: f1:c9:a2:90:51:0a:95:88:99:74:ad:d1:85:6f:4f: bd:ad:d3:ee:2f:59:b8:4b:71:f3:d9:9c:91:46:c6: 22:3b:db:13:47:2e:cd:04:76:76:c4:fa:68:74:c5: 10:60:ce:40:78:58:67:e4:9e:67:ac:d1:61:31:3e: 03:ad:c5:0d:25:5f:3f:7a:f1:a6:13:ce:f2:28:25: 31:6d:19:d2:61:e7:5f:25:d5:22:dc:ba:a2:a7:1f: 79:ed:71:98:11:41:40:fb:22:90:99:a7:f6:4c:1b: 56:55:ae:53:80:03:f4:85:55:ba:c6:3b:5c:ba:10: e9:fb:31:1e:15:73:3b:52:e1:66:8d:ed:fd:d2:38: 64:e3:17:36:dd:8f:ec:39:fc:6f:41:f5:e8:34:39: 26:0f:65:46:2a:fc:3c:e1:fc:50:03:30:e1:4f:39: 69:f8:1e:f7:bd:69:cc:73:41:24:27:39:d7:50:2d: 1b:4f:31:f4:1d:55:6e:97:f1:62:a5:6a:31:d2:bc: d4:85:e1:58:e3:de:d5:26:d3:0e:aa:02:75:56:72: 7e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:3D:98:00:89:DB:A9:38:B9:9E:0A:61:9B:D9:31:62:F6:47:3A:5B X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/LT2YAInbqTi5ngphm9kxYvZHOls.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.92.0/23 Signature Algorithm: sha256WithRSAEncryption b1:65:f1:41:88:8d:2a:c0:c0:7b:a5:4a:6f:1a:ea:05:a3:4b: 19:ca:7c:86:1b:d2:46:17:eb:b8:34:7a:7a:81:7b:3b:89:3b: 8a:30:17:0e:73:e6:fd:01:e3:d5:61:e1:14:c9:ef:b5:69:3f: f5:25:98:0d:8f:2f:0e:eb:58:b9:c7:9d:0b:e8:e3:aa:e7:12: 39:7b:92:64:57:03:75:a3:b9:4c:8a:f7:ac:c0:fa:d0:0b:86: 79:05:18:fe:4c:c1:16:85:7d:6f:4d:e6:c6:7b:b1:3e:e7:4d: 5d:4e:06:ff:fa:87:8a:26:37:dd:9b:25:75:1a:43:90:51:1e: 0d:bf:09:bd:08:18:ed:89:2e:97:49:5a:96:68:67:65:ee:e8: 97:99:46:70:62:78:cc:46:a8:64:93:c8:6a:f7:4d:76:59:b2: 64:fd:97:54:45:b5:ea:8e:84:24:76:85:d8:51:17:88:ae:58: 4e:eb:03:41:29:0c:4f:c7:ce:3f:dc:30:e8:a8:4a:b4:27:90: 93:55:18:4c:ac:38:34:6d:30:ee:41:c8:62:77:e4:c0:74:31: ca:dc:cf:bb:ff:4f:ee:42:09:5c:7b:69:bb:d8:c1:84:75:de: 75:24:7d:8c:15:10:e3:09:59:eb:19:c0:fd:82:6b:fe:ad:db: ba:df:b0:6d -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yMzEyMTMw MzQ3MTVaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDJEM0Q5ODAwODlEQkE5 MzhCOTlFMEE2MTlCRDkzMTYyRjY0NzNBNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC26L2/FbMOq0HVexE1T6Uy0INf5FNJLqjpBx9Vvr7y9VaXaIT7 fYMDrav/BvHJopBRCpWImXSt0YVvT72t0+4vWbhLcfPZnJFGxiI72xNHLs0EdnbE +mh0xRBgzkB4WGfknmes0WExPgOtxQ0lXz968aYTzvIoJTFtGdJh518l1SLcuqKn H3ntcZgRQUD7IpCZp/ZMG1ZVrlOAA/SFVbrGO1y6EOn7MR4VcztS4WaN7f3SOGTj Fzbdj+w5/G9B9eg0OSYPZUYq/Dzh/FADMOFPOWn4Hve9acxzQSQnOddQLRtPMfQd VW6X8WKlajHSvNSF4Vjj3tUm0w6qAnVWcn6LAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULT2YAInbqTi5ngphm9kxYvZHOlswHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvTFQyWUFJbmJxVGk1 bmdwaG05a3hZdlpIT2xzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeLXDANBgkqhkiG9w0BAQsFAAOCAQEAsWXxQYiNKsDAe6VKbxrqBaNLGcp8 hhvSRhfruDR6eoF7O4k7ijAXDnPm/QHj1WHhFMnvtWk/9SWYDY8vDutYucedC+jj qucSOXuSZFcDdaO5TIr3rMD60AuGeQUY/kzBFoV9b03mxnuxPudNXU4G//qHiiY3 3ZsldRpDkFEeDb8JvQgY7Ykul0lalmhnZe7ol5lGcGJ4zEaoZJPIavdNdlmyZP2X VEW16o6EJHaF2FEXiK5YTusDQSkMT8fOP9ww6KhKtCeQk1UYTKw4NG0w7kHIYnfk wHQxytzPu/9P7kIJXHtpu9jBhHXedSR9jBUQ4wlZ6xnA/YJr/q3but+wbQ== -----END CERTIFICATE-----Generated at Sat Jun 1 12:23:49 2024 by rpki-client on console-ams.rpki-client.org