$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3205/ql5aK_3HVWmrdA8f3CGpV8ENKbE.roa File: ql5aK_3HVWmrdA8f3CGpV8ENKbE.roa (raw, json) Hash identifier: D1RflnH9NRs+wnGCRhBg2cAzncUzLN1LNAFljKpukpI= Subject key identifier: AA:5E:5A:2B:FD:C7:55:69:AB:74:0F:1F:DC:21:A9:57:C1:0D:29:B1 Certificate issuer: /CN=581041F42679F5E17F19C37E490A7794863B2BEB Certificate serial: 06CB Authority key identifier: 58:10:41:F4:26:79:F5:E1:7F:19:C3:7E:49:0A:77:94:86:3B:2B:EB Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/ql5aK_3HVWmrdA8f3CGpV8ENKbE.roa Signing time: Tue 25 Jun 2024 09:55:48 +0000 ROA not before: Tue 25 Jun 2024 09:55:48 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4812 IP address blocks: 103.96.224.0/23 maxlen: 24 103.96.224.0/24 maxlen: 24 103.96.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:20:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1739 (0x6cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=581041F42679F5E17F19C37E490A7794863B2BEB Validity Not Before: Jun 25 09:55:48 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=AA5E5A2BFDC75569AB740F1FDC21A957C10D29B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:49:39:1a:92:eb:11:a8:ff:93:d4:35:43:9f: be:42:36:78:e3:9d:4f:1c:f9:33:5e:f1:b1:82:34: 92:f9:9a:bf:04:d2:55:8d:d2:87:3b:18:05:de:9b: 8d:6b:23:a8:bf:36:92:bb:b8:a9:68:27:ff:dc:96: 4a:ca:21:86:59:ee:ec:62:92:54:7b:ab:ad:18:74: da:e2:39:14:92:ba:7b:8e:c2:8b:40:73:36:11:da: c6:93:e6:64:ce:46:a6:4c:fa:26:1d:ff:d7:40:4c: 38:f2:18:ab:a2:73:5b:11:08:72:48:f2:c3:23:39: c3:bf:a4:29:cd:6b:6f:99:43:e4:3a:c0:8b:dd:92: 49:eb:75:21:7e:a1:cd:32:4e:a0:b1:67:f6:b7:98: 1b:41:cf:ad:6c:49:92:23:6b:86:97:a9:6a:c5:26: ef:21:da:d5:fd:b2:3c:47:16:bd:43:59:67:fe:e9: 55:5a:6b:92:55:4c:1a:74:5e:ff:41:82:1e:d1:32: c6:17:5c:c1:13:b9:8e:95:f4:e6:04:3a:76:e3:f2: a7:75:f2:09:f1:04:69:95:67:71:e9:05:9b:10:37: 94:ca:9d:39:69:c0:6e:be:e5:4a:e6:81:7c:78:af: 54:a2:ff:a2:60:3e:f5:ff:32:e2:e7:d4:d9:13:8a: ad:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:5E:5A:2B:FD:C7:55:69:AB:74:0F:1F:DC:21:A9:57:C1:0D:29:B1 X509v3 Authority Key Identifier: keyid:58:10:41:F4:26:79:F5:E1:7F:19:C3:7E:49:0A:77:94:86:3B:2B:EB X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/WBBB9CZ59eF_GcN-SQp3lIY7K-s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WBBB9CZ59eF_GcN-SQp3lIY7K-s.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3205/ql5aK_3HVWmrdA8f3CGpV8ENKbE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.96.224.0/23 Signature Algorithm: sha256WithRSAEncryption b9:09:23:68:33:28:22:70:c7:29:4d:43:40:83:07:a6:19:71: 6a:4c:c7:61:d6:e4:27:39:55:e7:75:2e:ea:8c:82:b0:5d:18: 21:fb:2c:1a:9d:13:49:2c:8d:10:af:d5:23:13:ab:2a:04:31: c7:3c:d9:ba:cd:05:5f:b3:9c:a2:27:4e:48:be:6a:cc:41:b1: 1d:d5:f5:04:7f:3c:a3:b3:13:c5:1a:02:c4:d0:d2:eb:31:a8: dd:bf:cd:c8:c3:ce:9f:27:21:ae:d5:be:86:58:5b:95:84:a9: 35:88:9f:2b:16:5d:f1:79:09:d5:ef:3c:0f:b5:cb:4e:29:ed: 63:09:b5:98:f7:85:18:09:7f:63:36:fa:bf:1a:79:0d:df:bd: cb:20:bf:ac:6e:5a:c9:45:ae:c9:78:34:dd:b9:49:32:15:46: ae:03:45:4c:44:ed:de:04:9c:8b:bf:87:2a:fe:c3:a7:d0:8a: 7f:37:1b:77:b0:97:83:00:2f:c1:45:96:e1:6e:50:2f:1c:b8: 7d:0e:5d:0a:4c:3e:9d:30:3c:89:87:15:75:cd:17:4e:bd:d1: fa:02:5c:01:ee:8a:57:62:4c:cc:74:c9:20:26:5c:d2:de:97: a2:f3:d2:70:3c:02:21:50:0a:41:e1:7a:eb:11:c6:1a:11:f5: 9c:cc:52:61 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICBsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTgx MDQxRjQyNjc5RjVFMTdGMTlDMzdFNDkwQTc3OTQ4NjNCMkJFQjAeFw0yNDA2MjUw OTU1NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBNUU1QTJCRkRDNzU1 NjlBQjc0MEYxRkRDMjFBOTU3QzEwRDI5QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD6STkakusRqP+T1DVDn75CNnjjnU8c+TNe8bGCNJL5mr8E0lWN 0oc7GAXem41rI6i/NpK7uKloJ//clkrKIYZZ7uxiklR7q60YdNriORSSunuOwotA czYR2saT5mTORqZM+iYd/9dATDjyGKuic1sRCHJI8sMjOcO/pCnNa2+ZQ+Q6wIvd kknrdSF+oc0yTqCxZ/a3mBtBz61sSZIja4aXqWrFJu8h2tX9sjxHFr1DWWf+6VVa a5JVTBp0Xv9Bgh7RMsYXXMETuY6V9OYEOnbj8qd18gnxBGmVZ3HpBZsQN5TKnTlp wG6+5UrmgXx4r1Si/6JgPvX/MuLn1NkTiq2DAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUql5aK/3HVWmrdA8f3CGpV8ENKbEwHwYDVR0jBBgwFoAUWBBB9CZ59eF/GcN+ SQp3lIY7K+swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzIw NS9XQkJCOUNaNTllRl9HY04tU1FwM2xJWTdLLXMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1dCQkI5Q1o1OWVGX0djTi1TUXAzbElZN0stcy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyMDUvcWw1YUtfM0hWV21y ZEE4ZjNDR3BWOEVOS2JFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWdg4DANBgkqhkiG9w0BAQsFAAOCAQEAuQkjaDMoInDHKU1DQIMHphlxakzH YdbkJzlV53Uu6oyCsF0YIfssGp0TSSyNEK/VIxOrKgQxxzzZus0FX7OcoidOSL5q zEGxHdX1BH88o7MTxRoCxNDS6zGo3b/NyMPOnychrtW+hlhblYSpNYifKxZd8XkJ 1e88D7XLTintYwm1mPeFGAl/Yzb6vxp5Dd+9yyC/rG5ayUWuyXg03blJMhVGrgNF TETt3gSci7+HKv7Dp9CKfzcbd7CXgwAvwUWW4W5QLxy4fQ5dCkw+nTA8iYcVdc0X Tr3R+gJcAe6KV2JMzHTJICZc0t6XovPScDwCIVAKQeF66xHGGhH1nMxSYQ== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:11 2024 by rpki-client on console-fra.rpki-client.org