$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3181/Rft6LrhHFWBywPLZ0rg4zLaSbPY.roa File: Rft6LrhHFWBywPLZ0rg4zLaSbPY.roa (raw, json) Hash identifier: Pd2KwS/nLmLibNqUoPbC9XCrRPwULz07N859032shAs= Subject key identifier: 45:FB:7A:2E:B8:47:15:60:72:C0:F2:D9:D2:B8:38:CC:B6:92:6C:F6 Certificate issuer: /CN=136A39C7630A3C7491050D3E9DBD5B6F7906FD75 Certificate serial: 04 Authority key identifier: 13:6A:39:C7:63:0A:3C:74:91:05:0D:3E:9D:BD:5B:6F:79:06:FD:75 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/Rft6LrhHFWBywPLZ0rg4zLaSbPY.roa Signing time: Wed 13 Sep 2023 03:34:26 +0000 ROA not before: Wed 13 Sep 2023 03:34:26 +0000 ROA not after: Thu 12 Sep 2024 03:29:52 +0000 asID: 38378 IP address blocks: 103.29.24.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Jun 2024 16:27:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=136A39C7630A3C7491050D3E9DBD5B6F7906FD75 Validity Not Before: Sep 13 03:34:26 2023 GMT Not After : Sep 12 03:29:52 2024 GMT Subject: CN=45FB7A2EB847156072C0F2D9D2B838CCB6926CF6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:29:58:56:49:76:e8:17:9e:cc:a4:19:fb:b4: 0e:d9:d1:b4:38:9a:2f:6e:7f:e7:39:a4:aa:67:79: 2c:4e:44:b2:32:d4:5f:75:99:52:93:11:4a:6a:0d: 67:41:e8:a6:3a:c9:34:6d:83:41:4a:04:c4:4f:c2: 64:1a:03:01:09:f4:04:cf:3e:8a:d4:05:55:d2:8f: 43:75:0a:4e:48:b4:a4:4b:a7:e1:4d:7d:ef:d0:76: 6b:39:74:8d:d2:cc:c2:1c:b4:39:6d:85:be:e0:ec: 6d:c1:34:69:62:e0:84:b0:90:1b:0e:ec:23:37:bb: 8d:ee:6b:13:1e:05:3e:70:98:f6:a5:b4:28:3d:8b: 25:84:f1:d8:de:e1:1f:72:47:fa:3d:17:e8:ca:95: b3:16:11:f7:9d:40:00:14:92:8e:ac:b3:37:49:ae: d3:ef:00:8c:17:0f:4a:89:93:e8:6a:f2:ce:70:93: 2b:d3:2f:23:e4:7c:ad:7b:81:2e:25:2d:20:cb:7c: 5f:e0:50:58:bf:a9:d5:f9:43:43:24:41:43:66:e4: ed:3e:2c:29:e3:d6:ff:64:46:cf:34:f4:0b:52:d3: 43:55:45:98:69:b0:e5:45:43:30:df:4e:4a:5c:e3: 30:22:b3:30:ca:ba:6a:7d:87:47:5d:e2:4b:83:2c: 9f:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:FB:7A:2E:B8:47:15:60:72:C0:F2:D9:D2:B8:38:CC:B6:92:6C:F6 X509v3 Authority Key Identifier: keyid:13:6A:39:C7:63:0A:3C:74:91:05:0D:3E:9D:BD:5B:6F:79:06:FD:75 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/E2o5x2MKPHSRBQ0-nb1bb3kG_XU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3181/Rft6LrhHFWBywPLZ0rg4zLaSbPY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.29.24.0/23 Signature Algorithm: sha256WithRSAEncryption 91:14:e1:44:8d:fa:92:b3:65:3d:8a:9e:8e:44:f9:a6:ea:4b: 79:c1:a1:ec:68:1b:8a:77:3b:31:5e:86:43:96:9a:e6:51:ef: d7:40:03:9f:7d:05:67:a0:61:2c:19:eb:5a:06:82:50:a4:40: e6:e5:a9:94:1a:75:99:e6:e9:6c:ce:73:bc:4a:68:7d:7d:82: 59:d7:26:a4:98:d5:19:7b:76:bc:7c:69:19:4a:a5:3d:5b:64: a2:2a:a3:7c:f4:4f:d0:8b:0a:92:ad:6e:4c:e9:e7:00:e5:cb: 1e:a7:4e:ac:50:c7:0a:96:c0:75:7e:53:14:d8:77:7f:b3:cb: ff:31:d2:17:7d:ed:ca:f3:3c:d4:3f:70:ca:ca:76:f1:b1:b2: 42:98:c2:f5:03:a7:a8:39:e4:5d:10:ee:6e:f5:3b:86:42:2f: 98:20:b5:a5:40:07:fc:da:aa:c7:0f:22:99:0a:88:65:78:b3: 19:82:cf:d2:8b:91:18:04:cf:c5:2c:8d:a0:ff:46:47:99:d8: 3e:a3:92:d5:1b:33:02:b7:dc:67:7b:42:94:8e:cb:5f:ed:ac: 8d:87:c7:11:a7:5f:e4:29:78:d0:58:df:88:4c:d6:2b:2f:d6: 36:c6:9b:2d:15:12:ea:76:1a:96:50:21:48:c8:5d:ad:55:7b: 97:df:a3:34 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxMzZB MzlDNzYzMEEzQzc0OTEwNTBEM0U5REJENUI2Rjc5MDZGRDc1MB4XDTIzMDkxMzAz MzQyNloXDTI0MDkxMjAzMjk1MlowMzExMC8GA1UEAxMoNDVGQjdBMkVCODQ3MTU2 MDcyQzBGMkQ5RDJCODM4Q0NCNjkyNkNGNjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAMopWFZJdugXnsykGfu0DtnRtDiaL25/5zmkqmd5LE5EsjLUX3WZ UpMRSmoNZ0HopjrJNG2DQUoExE/CZBoDAQn0BM8+itQFVdKPQ3UKTki0pEun4U19 79B2azl0jdLMwhy0OW2FvuDsbcE0aWLghLCQGw7sIze7je5rEx4FPnCY9qW0KD2L JYTx2N7hH3JH+j0X6MqVsxYR951AABSSjqyzN0mu0+8AjBcPSomT6GryznCTK9Mv I+R8rXuBLiUtIMt8X+BQWL+p1flDQyRBQ2bk7T4sKePW/2RGzzT0C1LTQ1VFmGmw 5UVDMN9OSlzjMCKzMMq6an2HR13iS4Msn3UCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRF+3ouuEcVYHLA8tnSuDjMtpJs9jAfBgNVHSMEGDAWgBQTajnHYwo8dJEFDT6d vVtveQb9dTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMTgx L0UybzV4Mk1LUEhTUkJRMC1uYjFiYjNrR19YVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvRTJvNXgyTUtQSFNSQlEwLW5iMWJiM2tHX1hVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE4MS9SZnQ2THJoSEZXQnl3 UExaMHJnNHpMYVNiUFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZx0YMA0GCSqGSIb3DQEBCwUAA4IBAQCRFOFEjfqSs2U9ip6ORPmm6kt5waHs aBuKdzsxXoZDlprmUe/XQAOffQVnoGEsGetaBoJQpEDm5amUGnWZ5ulsznO8Smh9 fYJZ1yakmNUZe3a8fGkZSqU9W2SiKqN89E/QiwqSrW5M6ecA5csep06sUMcKlsB1 flMU2Hd/s8v/MdIXfe3K8zzUP3DKynbxsbJCmML1A6eoOeRdEO5u9TuGQi+YILWl QAf82qrHDyKZCohleLMZgs/Si5EYBM/FLI2g/0ZHmdg+o5LVGzMCt9xne0KUjstf 7ayNh8cRp1/kKXjQWN+ITNYrL9Y2xpstFRLqdhqWUCFIyF2tVXuX36M0 -----END CERTIFICATE-----Generated at Sun Jun 2 12:47:03 2024 by rpki-client on console-ams.rpki-client.org