$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/z6ifoglfIbV3a7GG25WG9QkRLRI.roa File: z6ifoglfIbV3a7GG25WG9QkRLRI.roa (raw, json) Hash identifier: UItSWcv7JaCw3uv0J4HiXaRiuGKlxQXa1/jFqFMYxJI= Subject key identifier: CF:A8:9F:A2:09:5F:21:B5:77:6B:B1:86:DB:95:86:F5:09:11:2D:12 Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Certificate serial: 0132 Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/z6ifoglfIbV3a7GG25WG9QkRLRI.roa Signing time: Tue 19 Mar 2024 02:32:42 +0000 ROA not before: Tue 19 Mar 2024 02:32:42 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 21859 IP address blocks: 157.10.220.0/24 maxlen: 32 157.10.221.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 03 May 2024 01:24:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 306 (0x132) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Validity Not Before: Mar 19 02:32:42 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CFA89FA2095F21B5776BB186DB9586F509112D12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:4e:2f:95:8c:67:7b:c8:09:c6:24:c4:b8:9f: 25:99:47:03:e1:af:01:ce:4c:15:08:57:34:cc:0f: 4b:ff:6a:44:57:8b:f5:6e:f3:eb:d9:bb:0f:e6:b0: 60:2f:4c:b7:02:54:c5:3f:02:17:58:99:db:7b:3f: ac:35:07:fa:12:1a:b2:35:d0:5f:f1:58:29:8d:95: c4:83:28:f8:fd:11:2c:28:3e:27:5b:71:85:cf:cc: c2:68:58:40:8a:03:e2:02:c5:da:cd:f8:56:0d:37: ff:59:f5:6c:02:e2:1f:22:7f:cd:a9:e7:f1:17:d8: ae:b1:c3:ee:e4:7d:3b:2f:54:19:78:e1:e1:dd:1f: bf:e8:10:b2:15:43:d0:2d:b6:dd:1f:36:47:aa:74: dd:6d:42:19:26:17:ea:32:ca:50:a4:a9:76:4b:ab: ae:a2:15:62:a5:b2:8b:d5:a4:03:5e:8f:16:43:5f: 9a:5c:3a:18:9d:7d:d3:2d:4a:fc:3b:00:5b:7c:1b: 4a:e3:6c:de:f5:5d:39:3f:c9:5a:1d:48:1e:bf:72: 1f:54:14:c3:2c:f3:65:73:c4:4a:64:d6:7e:79:3e: 11:f5:88:f5:d8:34:fa:30:79:a0:91:0b:1b:71:0c: e3:0a:9f:93:a5:72:41:f2:30:de:a1:a8:ce:ee:d4: b9:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:A8:9F:A2:09:5F:21:B5:77:6B:B1:86:DB:95:86:F5:09:11:2D:12 X509v3 Authority Key Identifier: keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/z6ifoglfIbV3a7GG25WG9QkRLRI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.10.220.0/23 Signature Algorithm: sha256WithRSAEncryption 28:a6:3f:7e:0a:34:a3:90:0c:92:1e:13:55:e3:23:f9:8a:4f: 71:f1:1d:cf:28:c3:af:dd:f0:07:5b:65:35:01:c3:41:ae:30: d6:09:40:74:e1:5b:40:06:cf:8e:d4:39:cd:f5:5c:63:d8:01: 49:cd:a9:64:14:b4:95:a7:16:78:23:b8:c8:9b:6f:4d:34:c0: 0c:3c:a5:e6:f3:f4:d2:28:17:fa:81:4a:47:3e:a3:d6:c4:eb: 70:14:1a:a9:98:6a:c4:bd:05:59:ac:64:a0:d1:4f:6b:3f:48: bc:6b:a3:90:c0:55:4e:73:97:1a:c5:02:d5:5f:e7:2e:cc:44: b3:81:56:34:98:a6:21:50:d3:d7:95:a2:39:07:b8:e4:2c:9b: 1c:18:14:db:45:7f:9c:71:1f:6e:01:43:f0:6a:1f:60:9b:65: c9:ad:97:a7:0d:77:f3:3d:1a:d8:cd:52:96:2a:84:a3:46:c4: 7a:30:e3:c3:ac:d3:22:a8:e9:bd:3f:70:a6:c6:b4:94:b3:9d: 1f:60:8d:f0:38:be:f9:0b:1c:1e:ca:ba:69:c5:d8:a3:7f:9f: a6:a6:67:7e:d8:f5:4c:3a:1e:8c:c3:77:65:48:99:dc:97:9e: a3:55:f6:88:67:e1:89:3f:80:54:cc:42:cc:9b:98:93:c2:73: e9:84:18:15 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICATIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNDAzMTkw MjMyNDJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGQTg5RkEyMDk1RjIx QjU3NzZCQjE4NkRCOTU4NkY1MDkxMTJEMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDTTi+VjGd7yAnGJMS4nyWZRwPhrwHOTBUIVzTMD0v/akRXi/Vu 8+vZuw/msGAvTLcCVMU/AhdYmdt7P6w1B/oSGrI10F/xWCmNlcSDKPj9ESwoPidb cYXPzMJoWECKA+ICxdrN+FYNN/9Z9WwC4h8if82p5/EX2K6xw+7kfTsvVBl44eHd H7/oELIVQ9Attt0fNkeqdN1tQhkmF+oyylCkqXZLq66iFWKlsovVpANejxZDX5pc OhidfdMtSvw7AFt8G0rjbN71XTk/yVodSB6/ch9UFMMs82VzxEpk1n55PhH1iPXY NPoweaCRCxtxDOMKn5OlckHyMN6hqM7u1LmTAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUz6ifoglfIbV3a7GG25WG9QkRLRIwHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgvejZpZm9nbGZJYlYz YTdHRzI1V0c5UWtSTFJJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAZ0K3DANBgkqhkiG9w0BAQsFAAOCAQEAKKY/fgo0o5AMkh4TVeMj+YpPcfEd zyjDr93wB1tlNQHDQa4w1glAdOFbQAbPjtQ5zfVcY9gBSc2pZBS0lacWeCO4yJtv TTTADDyl5vP00igX+oFKRz6j1sTrcBQaqZhqxL0FWaxkoNFPaz9IvGujkMBVTnOX GsUC1V/nLsxEs4FWNJimIVDT15WiOQe45CybHBgU20V/nHEfbgFD8GofYJtlya2X pw138z0a2M1SliqEo0bEejDjw6zTIqjpvT9wpsa0lLOdH2CN8Di++QscHsq6acXY o3+fpqZnftj1TDoejMN3ZUiZ3Jeeo1X2iGfhiT+AVMxCzJuYk8Jz6YQYFQ== -----END CERTIFICATE-----Generated at Thu May 2 23:49:53 2024 by rpki-client on console-fra.rpki-client.org