$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/v3RnkysGveAP__mOvzZebm8t9kw.roa File: v3RnkysGveAP__mOvzZebm8t9kw.roa (raw, json) Hash identifier: v1qlf/FN/yj0agXdE6sRMi0An5qaRHGBGueIj4qUnNM= Subject key identifier: BF:74:67:93:2B:06:BD:E0:0F:FF:F9:8E:BF:36:5E:6E:6F:2D:F6:4C Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 0F59 Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/v3RnkysGveAP__mOvzZebm8t9kw.roa Signing time: Tue 15 Oct 2024 09:41:07 +0000 ROA not before: Tue 15 Oct 2024 09:41:07 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137443 IP address blocks: 103.139.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3929 (0xf59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Oct 15 09:41:07 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=BF7467932B06BDE00FFFF98EBF365E6E6F2DF64C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1c:b4:4b:02:60:ec:7f:ef:d1:76:a9:e8:29: 47:5a:24:08:e6:92:59:58:47:65:b0:b5:0e:df:52: e0:70:97:37:da:2c:bc:45:34:d1:02:2b:0d:7d:63: ec:3e:dc:db:b4:0d:a5:21:33:5b:61:bc:91:6d:eb: 0c:89:7d:6a:51:d1:0f:a8:29:49:66:59:c8:5c:fb: 8a:a4:af:2b:a4:21:a0:2e:21:e9:0f:50:d9:18:69: 08:0c:6f:74:4b:a5:cc:cd:1b:32:2c:3c:a5:8f:b4: 58:e4:63:76:57:0e:d8:9c:bc:72:96:c1:3a:92:8b: 08:6e:84:f7:8d:8e:60:4b:41:09:68:dd:f8:87:0e: 31:12:e1:fc:42:6c:de:26:7f:1e:ff:24:b7:c8:ed: ea:48:10:f8:f6:e4:81:70:89:5d:bb:a2:64:26:b1: d4:e0:67:6b:86:1e:48:bb:48:d2:f2:7b:9b:9d:d4: b5:5e:54:7a:61:59:37:59:67:5e:65:9f:1f:5e:8d: 66:64:bf:e9:32:69:b0:a1:f1:4c:ed:49:c5:68:fc: e2:02:dd:25:8e:fe:d6:f9:c4:bd:3f:11:c0:a2:67: 79:6d:4c:f2:d3:7c:f5:34:5f:68:94:06:aa:d6:54: 5f:4d:ec:a5:7f:cf:fd:5e:89:fa:13:dc:33:de:2f: da:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:74:67:93:2B:06:BD:E0:0F:FF:F9:8E:BF:36:5E:6E:6F:2D:F6:4C X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/v3RnkysGveAP__mOvzZebm8t9kw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.93.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:a4:2d:58:8a:ab:5a:f0:ba:7f:64:09:72:e5:9e:3b:33:92: 85:ca:70:0a:61:ad:bb:ac:7c:d3:e4:dc:d5:d2:42:56:ab:5c: 04:1b:32:1d:43:e7:96:53:2a:97:7a:b9:8e:29:59:14:b6:08: 96:2b:96:a5:32:d6:de:0f:94:7e:9d:fb:ea:ea:05:91:6f:ac: 5c:00:d3:d7:47:26:7d:85:85:f7:12:19:c3:39:42:ea:05:09: ff:7b:9f:0b:d5:4a:d6:40:15:73:79:84:2d:06:75:0d:ff:03: 01:5c:1e:a9:16:09:15:87:42:e7:cc:a4:3c:3b:55:e5:a0:e1: 6f:6b:50:09:6b:1c:2c:08:4d:c8:b5:35:29:50:a1:f8:a6:3e: 0d:c0:0a:13:81:bd:16:36:e3:63:aa:8d:4e:1e:59:2c:f7:06: fa:56:fa:30:ce:2b:42:cf:8c:d5:d0:04:b2:e2:77:6b:a2:b8: d4:a5:3f:ed:fb:ce:99:17:0a:60:63:27:50:1d:6a:6b:ef:8e: 33:f1:b3:1f:a3:2d:d0:16:89:b6:f9:23:bd:1b:e1:17:e5:90: 19:f2:c3:0f:35:a6:91:1d:5e:34:84:ee:ad:9c:92:5d:fe:87: fc:01:4a:86:10:2a:e9:8b:9e:6e:46:64:ab:99:ca:e0:4e:ee: 15:20:7d:23 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICD1kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yNDEwMTUw OTQxMDdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJGNzQ2NzkzMkIwNkJE RTAwRkZGRjk4RUJGMzY1RTZFNkYyREY2NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNHLRLAmDsf+/RdqnoKUdaJAjmkllYR2WwtQ7fUuBwlzfaLLxF NNECKw19Y+w+3Nu0DaUhM1thvJFt6wyJfWpR0Q+oKUlmWchc+4qkryukIaAuIekP UNkYaQgMb3RLpczNGzIsPKWPtFjkY3ZXDticvHKWwTqSiwhuhPeNjmBLQQlo3fiH DjES4fxCbN4mfx7/JLfI7epIEPj25IFwiV27omQmsdTgZ2uGHki7SNLye5ud1LVe VHphWTdZZ15lnx9ejWZkv+kyabCh8UztScVo/OIC3SWO/tb5xL0/EcCiZ3ltTPLT fPU0X2iUBqrWVF9N7KV/z/1eifoT3DPeL9rjAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUv3RnkysGveAP//mOvzZebm8t9kwwHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEvdjNSbmt5c0d2ZUFQ X19tT3Z6WmVibTh0OWt3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAGeLXTANBgkqhkiG9w0BAQsFAAOCAQEAm6QtWIqrWvC6f2QJcuWeOzOShcpw CmGtu6x80+Tc1dJCVqtcBBsyHUPnllMql3q5jilZFLYIliuWpTLW3g+Ufp376uoF kW+sXADT10cmfYWF9xIZwzlC6gUJ/3ufC9VK1kAVc3mELQZ1Df8DAVweqRYJFYdC 58ykPDtV5aDhb2tQCWscLAhNyLU1KVCh+KY+DcAKE4G9FjbjY6qNTh5ZLPcG+lb6 MM4rQs+M1dAEsuJ3a6K41KU/7fvOmRcKYGMnUB1qa++OM/GzH6Mt0BaJtvkjvRvh F+WQGfLDDzWmkR1eNITurZySXf6H/AFKhhAq6YuebkZkq5nK4E7uFSB9Iw== -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:11 2024 by rpki-client on console-ams.rpki-client.org