$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3171/xTfmzSlK8CdeoH5uKrsIg5p26h8.roa File: xTfmzSlK8CdeoH5uKrsIg5p26h8.roa (raw, json) Hash identifier: ITc0JolOATzPb8on/sX6rvjq7Dl/jfiyENbzsoUDNI0= Subject key identifier: C5:37:E6:CD:29:4A:F0:27:5E:A0:7E:6E:2A:BB:08:83:9A:76:EA:1F Certificate issuer: /CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Certificate serial: 0967 Authority key identifier: 02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/xTfmzSlK8CdeoH5uKrsIg5p26h8.roa Signing time: Wed 13 Dec 2023 03:47:15 +0000 ROA not before: Wed 13 Dec 2023 03:47:15 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 55933 IP address blocks: 103.139.92.0/24 maxlen: 24 103.139.93.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Jun 2024 11:25:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2407 (0x967) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02FB05DE3C544A9F1C344A63EB5F6CFDD3481156 Validity Not Before: Dec 13 03:47:15 2023 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=C537E6CD294AF0275EA07E6E2ABB08839A76EA1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:24:ee:99:e8:0d:70:10:84:c2:2a:15:1a:a4: 8b:c1:07:dd:24:25:e8:09:f8:44:fc:b1:cf:59:1c: 76:45:a8:c0:df:b1:a6:fb:09:a3:a9:7f:93:11:ae: 9a:72:33:34:74:34:34:3f:57:d8:03:ac:10:2c:15: c1:37:b8:27:63:8f:e7:89:46:c8:5c:0c:54:34:b5: 6a:eb:f9:39:0a:51:e5:cb:97:99:51:40:8f:a4:95: 03:85:3c:61:f9:db:bd:11:8f:20:42:81:09:08:2e: d6:f8:df:31:ae:0e:24:aa:1d:28:e5:75:a5:b4:24: 53:e2:16:c5:0f:f9:e3:bb:5b:f4:6b:c7:9a:00:5b: ac:f1:65:62:ef:78:70:7f:49:52:08:01:3b:b1:a9: 7e:f4:c5:9d:68:71:c9:70:bd:76:18:7f:af:64:50: 02:b1:34:0e:3f:20:a8:ca:54:c5:d8:e8:f1:42:2b: c3:6d:5c:2a:83:2a:94:af:f6:21:a9:48:0e:80:4e: 21:77:f8:ca:ec:01:5a:0a:47:dd:a5:ec:c0:60:65: af:34:de:76:dd:4b:54:2f:e4:e5:74:8e:0f:a9:96: 4b:36:2b:16:75:c8:db:f8:b8:45:a8:cc:ea:d7:80: 8b:15:6d:95:94:07:bc:a2:2f:91:58:5f:0a:9f:76: 1a:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:37:E6:CD:29:4A:F0:27:5E:A0:7E:6E:2A:BB:08:83:9A:76:EA:1F X509v3 Authority Key Identifier: keyid:02:FB:05:DE:3C:54:4A:9F:1C:34:4A:63:EB:5F:6C:FD:D3:48:11:56 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/AvsF3jxUSp8cNEpj619s_dNIEVY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/AvsF3jxUSp8cNEpj619s_dNIEVY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3171/xTfmzSlK8CdeoH5uKrsIg5p26h8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.139.92.0/23 Signature Algorithm: sha256WithRSAEncryption 97:b5:d8:c7:ce:ca:e1:9b:6d:c1:28:dd:d6:38:b1:60:52:95: 6e:99:88:85:ba:bb:fc:e9:99:3e:4b:30:76:30:29:78:bc:52: fe:7f:28:66:c3:33:55:53:9d:4c:54:28:29:dd:5c:5a:1a:95: 79:97:70:af:13:e0:f8:a4:7a:e9:13:67:14:2c:f2:37:e4:96: 38:88:0b:84:10:2d:43:c8:5c:75:89:04:3e:d7:b1:ed:d2:27: 82:ff:3a:e1:75:6e:3d:71:0c:b9:bd:4e:90:06:96:03:1e:a1: 1e:f7:6b:94:e9:e3:75:c7:df:d5:92:b5:45:a9:80:89:64:35: 4a:51:d2:d5:84:2b:38:a7:5f:55:86:f2:73:23:82:89:66:e0: e8:d0:18:80:54:ce:e8:e6:bf:c7:0e:70:e9:bf:f2:fe:33:57: f0:93:79:3e:6b:70:40:18:ab:e7:0a:76:6f:20:03:92:90:36: b6:73:4e:9f:3f:e5:58:7a:03:05:a4:ea:f0:88:c3:31:8e:99: e7:e0:77:51:dd:c8:6a:06:06:71:14:d7:8e:75:db:96:9b:c7: a7:a7:68:5f:e6:ac:64:d0:6d:02:9d:6a:6c:74:6a:4d:b6:2f: 15:10:a2:b8:06:1b:54:03:3a:2a:b4:72:a9:b3:2e:f0:f4:ad: 8e:e6:94:ce -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICCWcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDJG QjA1REUzQzU0NEE5RjFDMzQ0QTYzRUI1RjZDRkREMzQ4MTE1NjAeFw0yMzEyMTMw MzQ3MTVaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKEM1MzdFNkNEMjk0QUYw Mjc1RUEwN0U2RTJBQkIwODgzOUE3NkVBMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDJO6Z6A1wEITCKhUapIvBB90kJegJ+ET8sc9ZHHZFqMDfsab7 CaOpf5MRrppyMzR0NDQ/V9gDrBAsFcE3uCdjj+eJRshcDFQ0tWrr+TkKUeXLl5lR QI+klQOFPGH5270RjyBCgQkILtb43zGuDiSqHSjldaW0JFPiFsUP+eO7W/Rrx5oA W6zxZWLveHB/SVIIATuxqX70xZ1occlwvXYYf69kUAKxNA4/IKjKVMXY6PFCK8Nt XCqDKpSv9iGpSA6ATiF3+MrsAVoKR92l7MBgZa803nbdS1Qv5OV0jg+plks2KxZ1 yNv4uEWozOrXgIsVbZWUB7yiL5FYXwqfdhr5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUxTfmzSlK8CdeoH5uKrsIg5p26h8wHwYDVR0jBBgwFoAUAvsF3jxUSp8cNEpj 619s/dNIEVYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE3 MS9BdnNGM2p4VVNwOGNORXBqNjE5c19kTklFVlkuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0F2c0YzanhVU3A4Y05FcGo2MTlzX2ROSUVWWS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNzEveFRmbXpTbEs4Q2Rl b0g1dUtyc0lnNXAyNmg4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWeLXDANBgkqhkiG9w0BAQsFAAOCAQEAl7XYx87K4ZttwSjd1jixYFKVbpmI hbq7/OmZPkswdjApeLxS/n8oZsMzVVOdTFQoKd1cWhqVeZdwrxPg+KR66RNnFCzy N+SWOIgLhBAtQ8hcdYkEPtex7dIngv864XVuPXEMub1OkAaWAx6hHvdrlOnjdcff 1ZK1RamAiWQ1SlHS1YQrOKdfVYbycyOCiWbg6NAYgFTO6Oa/xw5w6b/y/jNX8JN5 PmtwQBir5wp2byADkpA2tnNOnz/lWHoDBaTq8IjDMY6Z5+B3Ud3IagYGcRTXjnXb lpvHp6doX+asZNBtAp1qbHRqTbYvFRCiuAYbVAM6KrRyqbMu8PStjuaUzg== -----END CERTIFICATE-----Generated at Sat Jun 1 07:13:56 2024 by rpki-client on console-ams.rpki-client.org