$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/omDqZ3E36yg9qFeS144ER9TTthE.roa File: omDqZ3E36yg9qFeS144ER9TTthE.roa (raw, json) Hash identifier: 8N4cGiHmUy+WroqgGxchyoS+2gKZxZKaMLRuYlwZftY= Subject key identifier: A2:60:EA:67:71:37:EB:28:3D:A8:57:92:D7:8E:04:47:D4:D3:B6:11 Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 0F5B Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/omDqZ3E36yg9qFeS144ER9TTthE.roa Signing time: Tue 15 Oct 2024 09:41:08 +0000 ROA not before: Tue 15 Oct 2024 09:41:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137443 IP address blocks: 103.197.183.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3931 (0xf5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Oct 15 09:41:08 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A260EA677137EB283DA85792D78E0447D4D3B611 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:03:c4:3d:47:28:c8:df:b0:ce:1b:3b:51:dc: 66:e6:d7:c9:85:6a:7f:0b:5e:0e:38:2d:3b:30:43: 41:ac:a8:e4:1f:a4:ed:9d:59:38:9f:f4:1c:d8:20: 46:a1:1b:60:9b:db:2f:db:10:f8:f0:b6:6c:d8:5e: 2c:f0:dd:26:91:cc:6b:06:a6:6f:32:e8:78:4e:21: 09:ba:c7:7b:f8:1d:8d:bc:17:38:39:01:27:a8:9d: 44:c0:ff:b9:33:28:01:cc:3c:dc:50:4e:ec:06:b3: 63:e4:c0:e4:11:a1:2f:14:0f:4c:06:3f:fb:43:43: 7b:9e:59:b2:f7:3f:4c:fd:a2:78:19:a7:9a:85:3c: cb:cc:e4:4c:ec:d4:80:80:1a:e8:84:e6:64:55:0f: 1a:a2:8d:7e:42:fe:b8:23:ab:1f:5f:de:e5:f6:4b: bd:78:7b:82:ab:5f:97:b3:df:a7:f3:64:4d:24:0f: 9c:a4:31:53:21:85:3e:75:73:61:49:5d:5f:a9:fd: 84:cf:af:a4:38:c9:a9:fa:dc:5c:38:ca:5a:b1:30: 94:87:55:be:9c:d1:ae:b6:a9:b6:bf:16:fc:91:18: fc:02:88:d6:28:0d:cb:35:9a:6e:8e:ef:7c:26:58: eb:d6:ae:2e:ef:19:f0:95:6c:61:2b:c3:49:45:67: b5:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:60:EA:67:71:37:EB:28:3D:A8:57:92:D7:8E:04:47:D4:D3:B6:11 X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/omDqZ3E36yg9qFeS144ER9TTthE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.197.183.0/24 Signature Algorithm: sha256WithRSAEncryption 78:21:31:24:1c:ab:ae:7e:94:86:bb:2f:e2:8f:2b:47:ff:6e: e8:43:f6:5a:c8:14:c7:5e:8b:cc:42:34:38:7a:bf:a9:8a:67: fa:9f:8b:47:80:70:28:88:a0:be:d5:1e:e1:ba:65:62:b7:38: 06:51:5a:fd:98:c0:0d:76:53:39:9b:ae:2f:e1:55:1c:55:c3: 15:5e:cd:96:ef:e4:bc:da:27:e1:2c:31:fc:70:7f:27:f1:95: 14:4d:ce:66:18:0b:1e:59:ce:ae:bb:49:e4:92:f2:f7:86:c9: 7b:ec:bb:02:e8:a3:5e:79:d0:f5:f4:4a:e2:ff:36:a8:ec:aa: 25:c8:3e:29:ae:01:4e:56:ef:16:e0:95:a6:36:ea:e6:5e:1b: ae:89:8b:94:64:aa:ee:07:b8:08:bf:b6:64:ca:0e:1a:ad:30: c2:50:d0:0a:3e:14:94:52:ac:c8:b2:63:d6:39:4f:c8:30:37: a8:8b:89:dd:ff:f0:f8:ad:9d:27:32:0b:78:88:4b:41:87:2e: 87:b8:42:31:32:11:b5:e7:20:23:e1:73:9e:b4:da:59:4a:9a: a4:dc:11:2c:38:40:64:a4:22:72:62:c0:ba:2a:35:0f:04:d0: d5:c8:1a:95:60:a2:e0:3f:44:b7:f4:2a:5b:ad:07:14:e4:45: 5a:b9:16:09 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNDEwMTUw OTQxMDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEEyNjBFQTY3NzEzN0VC MjgzREE4NTc5MkQ3OEUwNDQ3RDREM0I2MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0A8Q9RyjI37DOGztR3Gbm18mFan8LXg44LTswQ0GsqOQfpO2d WTif9BzYIEahG2Cb2y/bEPjwtmzYXizw3SaRzGsGpm8y6HhOIQm6x3v4HY28Fzg5 ASeonUTA/7kzKAHMPNxQTuwGs2PkwOQRoS8UD0wGP/tDQ3ueWbL3P0z9ongZp5qF PMvM5Ezs1ICAGuiE5mRVDxqijX5C/rgjqx9f3uX2S714e4KrX5ez36fzZE0kD5yk MVMhhT51c2FJXV+p/YTPr6Q4yan63Fw4ylqxMJSHVb6c0a62qba/FvyRGPwCiNYo Dcs1mm6O73wmWOvWri7vGfCVbGErw0lFZ7XVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUomDqZ3E36yg9qFeS144ER9TTthEwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvb21EcVozRTM2eWc5 cUZlUzE0NEVSOVRUdGhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGfFtzANBgkqhkiG9w0BAQsFAAOCAQEAeCExJByrrn6Uhrsv4o8rR/9u6EP2 WsgUx16LzEI0OHq/qYpn+p+LR4BwKIigvtUe4bplYrc4BlFa/ZjADXZTOZuuL+FV HFXDFV7Nlu/kvNon4Swx/HB/J/GVFE3OZhgLHlnOrrtJ5JLy94bJe+y7AuijXnnQ 9fRK4v82qOyqJcg+Ka4BTlbvFuCVpjbq5l4bromLlGSq7ge4CL+2ZMoOGq0wwlDQ Cj4UlFKsyLJj1jlPyDA3qIuJ3f/w+K2dJzILeIhLQYcuh7hCMTIRtecgI+FznrTa WUqapNwRLDhAZKQicmLAuio1DwTQ1cgalWCi4D9Et/QqW60HFORFWrkWCQ== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:11 2024 by rpki-client on console-ams.rpki-client.org