$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/Te6MTilA5PAitEutPNt0SViv9Tk.roa File: Te6MTilA5PAitEutPNt0SViv9Tk.roa (raw, json) Hash identifier: CKprCz5hT7alfsZYA0ghEsfYsbXr+6TL6AiieK6KZTQ= Subject key identifier: 4D:EE:8C:4E:29:40:E4:F0:22:B4:4B:AD:3C:DB:74:49:58:AF:F5:39 Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 0F56 Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/Te6MTilA5PAitEutPNt0SViv9Tk.roa Signing time: Tue 15 Oct 2024 09:41:06 +0000 ROA not before: Tue 15 Oct 2024 09:41:06 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137443 IP address blocks: 103.197.181.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3926 (0xf56) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Oct 15 09:41:06 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4DEE8C4E2940E4F022B44BAD3CDB744958AFF539 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:7d:97:e1:01:f3:27:a7:df:c9:4a:6b:dd:a6: 38:05:20:3d:ab:b7:ed:16:f4:0a:f8:80:5a:8c:9a: d2:a1:63:8a:71:5a:05:12:ca:e4:c0:d0:59:b0:9c: 66:7d:9f:94:e9:05:2b:bb:62:d4:40:1d:8e:8d:ce: 72:a1:42:18:4c:ea:f1:b4:d7:05:13:92:c1:43:57: 6d:0e:65:1f:60:31:1e:08:77:92:2b:46:37:8e:42: fe:b5:0c:0f:a3:d3:de:67:99:26:66:5f:e3:56:5e: 16:e8:5f:f0:7a:8d:c2:f3:4a:87:ef:c3:cb:a5:b5: 5b:7e:a3:66:69:59:2c:55:77:af:cb:e5:f4:27:25: 4c:86:04:85:86:1b:63:c3:2c:f8:df:c6:25:1e:c2: d6:18:23:26:6c:93:89:bb:e7:3b:01:58:24:c7:81: f3:e1:4e:dd:a0:2f:e5:b5:6a:b1:fa:b1:09:a5:28: c0:39:21:4a:41:04:b5:64:97:15:61:6b:bc:b9:29: 53:e6:40:b9:7e:f8:75:0e:5c:59:18:c1:d0:84:91: 34:a9:d4:fe:0b:b3:ca:d7:34:76:61:a2:59:ff:ca: 03:1a:4d:c2:b0:1a:bc:26:7e:e3:da:e0:2e:91:b4: 07:e1:e5:2c:af:c0:1c:17:dd:b6:05:6c:6b:0c:33: d8:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:EE:8C:4E:29:40:E4:F0:22:B4:4B:AD:3C:DB:74:49:58:AF:F5:39 X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/Te6MTilA5PAitEutPNt0SViv9Tk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.197.181.0/24 Signature Algorithm: sha256WithRSAEncryption 66:74:e8:88:e1:ef:54:31:43:8b:31:85:b0:2d:d1:f1:c8:b9: 1b:f2:1e:5b:42:34:06:61:a7:d4:c0:0c:7c:ae:b0:94:cb:98: 81:a0:76:6a:41:f9:a5:9e:d8:65:27:e9:bc:b2:d6:30:61:45: 74:dd:f8:dd:e7:82:f5:38:b8:a4:d6:d9:68:b4:41:8d:bc:22: ea:e1:6f:cf:49:f3:53:ac:fa:59:2d:c0:f0:d1:9f:5d:c9:fb: 4f:a5:da:a2:4b:96:39:94:42:e7:74:72:5d:1e:11:bb:8c:78: e4:d5:d1:a1:7a:02:a5:8b:8a:94:36:52:7b:ce:fb:f3:8a:f0: 31:ed:ce:5e:ec:21:d1:86:8a:94:67:66:c4:a4:ff:58:46:ba: 39:23:09:fd:8e:9f:00:d2:38:c6:f9:16:91:e0:76:40:ea:aa: c7:83:e6:b0:49:c2:5c:73:0c:a7:7f:22:3b:1c:24:ea:28:72: 2f:6f:af:8a:d2:86:49:36:6f:b8:a3:77:e8:b2:fa:d6:33:be: 10:5f:2f:69:40:00:56:44:93:92:d6:a2:e9:c6:46:b0:cb:76: ac:d2:bb:b5:de:a4:1b:b0:1a:fd:38:a7:00:49:3b:47:f2:29: ad:2d:32:7e:a9:3f:45:43:1f:64:86:72:22:56:35:5d:76:87: 38:2e:55:a0 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD1YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNDEwMTUw OTQxMDZaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRERUU4QzRFMjk0MEU0 RjAyMkI0NEJBRDNDREI3NDQ5NThBRkY1MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpfZfhAfMnp9/JSmvdpjgFID2rt+0W9Ar4gFqMmtKhY4pxWgUS yuTA0FmwnGZ9n5TpBSu7YtRAHY6NznKhQhhM6vG01wUTksFDV20OZR9gMR4Id5Ir RjeOQv61DA+j095nmSZmX+NWXhboX/B6jcLzSofvw8ultVt+o2ZpWSxVd6/L5fQn JUyGBIWGG2PDLPjfxiUewtYYIyZsk4m75zsBWCTHgfPhTt2gL+W1arH6sQmlKMA5 IUpBBLVklxVha7y5KVPmQLl++HUOXFkYwdCEkTSp1P4Ls8rXNHZholn/ygMaTcKw GrwmfuPa4C6RtAfh5SyvwBwX3bYFbGsMM9irAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTe6MTilA5PAitEutPNt0SViv9TkwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvVGU2TVRpbEE1UEFp dEV1dFBOdDBTVml2OVRrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfFtTANBgkqhkiG9w0BAQsFAAOCAQEAZnToiOHvVDFDizGFsC3R8ci5G/Ie W0I0BmGn1MAMfK6wlMuYgaB2akH5pZ7YZSfpvLLWMGFFdN343eeC9Ti4pNbZaLRB jbwi6uFvz0nzU6z6WS3A8NGfXcn7T6XaokuWOZRC53RyXR4Ru4x45NXRoXoCpYuK lDZSe87784rwMe3OXuwh0YaKlGdmxKT/WEa6OSMJ/Y6fANI4xvkWkeB2QOqqx4Pm sEnCXHMMp38iOxwk6ihyL2+vitKGSTZvuKN36LL61jO+EF8vaUAAVkSTktai6cZG sMt2rNK7td6kG7Aa/TinAEk7R/IprS0yfqk/RUMfZIZyIlY1XXaHOC5VoA== -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:35 2024 by rpki-client on console-fra.rpki-client.org