$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3272/Qjf32VmCtmNjH_6Zx_n_ZbHTAy4.roa File: Qjf32VmCtmNjH_6Zx_n_ZbHTAy4.roa (raw, json) Hash identifier: u5uvBTkGZaUzpMjb/HVAcJPApOyTE8w7c/L3ITMD10I= Subject key identifier: 42:37:F7:D9:59:82:B6:63:63:1F:FE:99:C7:F9:FF:65:B1:D3:03:2E Certificate issuer: /CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Certificate serial: 03 Authority key identifier: B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/Qjf32VmCtmNjH_6Zx_n_ZbHTAy4.roa Signing time: Fri 29 Mar 2024 04:34:05 +0000 ROA not before: Fri 29 Mar 2024 04:34:04 +0000 ROA not after: Sat 29 Mar 2025 01:10:17 +0000 asID: 211392 IP address blocks: 157.66.42.0/23 maxlen: 24 157.66.42.0/24 maxlen: 24 157.66.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Jun 2024 21:56:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B52F0F3FF7371FF1CE9D823E9549FC1158B16A2A Validity Not Before: Mar 29 04:34:04 2024 GMT Not After : Mar 29 01:10:17 2025 GMT Subject: CN=4237F7D95982B663631FFE99C7F9FF65B1D3032E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:39:7d:81:54:2a:99:32:39:0e:0a:76:3e:70: 1f:60:5b:d9:ba:39:43:6e:af:d1:52:7a:6a:c4:41: d7:f4:2a:35:2c:e4:37:c2:20:fd:d5:30:b7:ed:82: 1f:24:69:05:5f:9d:e9:c1:e2:5e:ea:26:a0:e4:a6: 8d:6d:c3:67:47:d5:09:2b:74:31:29:e8:f4:fb:e1: c2:49:85:a6:68:5b:cc:62:f5:b5:3a:ae:69:e5:7b: b8:18:23:a7:41:37:55:8f:7c:55:a8:54:fb:fe:87: 48:80:94:88:a6:22:2c:b0:a6:9f:9f:97:9d:8e:13: a1:43:32:bb:b3:16:dd:47:0a:d5:cd:8a:01:ad:bc: 64:35:4e:9a:8a:f6:b3:6f:82:bb:8e:f3:5f:14:de: 24:6d:4b:3b:e1:6d:51:26:7a:63:c4:3a:a0:7b:f0: e6:06:f2:51:b3:7a:8c:af:35:68:87:fc:fb:7c:b2: cc:6c:70:98:c5:55:7b:a5:05:11:9b:1a:e5:cf:76: 39:be:95:17:d7:79:25:85:77:1f:50:f0:7e:d1:a3: c4:ac:db:c3:3e:01:c1:d4:8e:f5:61:6d:31:e9:2a: 78:a6:cd:75:11:25:d2:6b:85:35:9e:ef:a3:bd:35: c4:29:cf:44:50:98:e2:ac:81:ae:3b:15:49:fb:8e: e5:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:37:F7:D9:59:82:B6:63:63:1F:FE:99:C7:F9:FF:65:B1:D3:03:2E X509v3 Authority Key Identifier: keyid:B5:2F:0F:3F:F7:37:1F:F1:CE:9D:82:3E:95:49:FC:11:58:B1:6A:2A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/tS8PP_c3H_HOnYI-lUn8EVixaio.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/tS8PP_c3H_HOnYI-lUn8EVixaio.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3272/Qjf32VmCtmNjH_6Zx_n_ZbHTAy4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 157.66.42.0/23 Signature Algorithm: sha256WithRSAEncryption 4e:9e:b6:2c:a6:aa:b3:7b:e0:57:3e:80:4d:2e:f5:a6:58:0d: a1:67:0f:6a:5e:0c:ca:52:5a:5f:37:7d:dc:0d:28:30:0f:28: 9c:3b:20:f4:59:89:98:50:4d:2e:97:34:df:fa:1b:00:74:d3: ea:22:1b:e1:b2:82:31:6c:85:1b:bd:2d:65:7c:21:bd:03:34: 85:14:10:ab:e4:31:25:31:03:de:f9:98:74:52:87:bb:fe:6a: ea:e1:79:fd:6c:fe:ca:88:67:e4:a3:52:f4:c1:f5:88:cb:5d: d1:bf:08:d3:08:4c:7c:5f:e6:e6:21:8a:a2:48:76:4f:e2:76: c2:0d:ee:fb:31:b3:fc:0a:2d:1f:29:90:cd:8d:be:6b:d1:08: c8:3b:51:3d:43:5b:10:88:6d:25:5d:88:17:aa:6b:63:e9:f8: c0:dd:fd:79:eb:3d:6a:56:a9:31:8c:3d:75:70:70:e8:5c:fd: f0:7c:8a:d9:a3:b3:19:d6:97:5a:c5:75:94:6d:3e:19:15:14: e4:6a:19:be:26:42:6d:bb:8a:6d:ea:64:e6:64:73:5c:42:d3: 47:a5:f4:52:89:3b:56:d5:96:67:80:5c:00:37:a1:3d:62:78: a9:2e:f4:a4:33:c9:e1:3d:a7:9e:51:6c:a0:cb:db:de:be:ee: 46:35:db:bb -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCNTJG MEYzRkY3MzcxRkYxQ0U5RDgyM0U5NTQ5RkMxMTU4QjE2QTJBMB4XDTI0MDMyOTA0 MzQwNFoXDTI1MDMyOTAxMTAxN1owMzExMC8GA1UEAxMoNDIzN0Y3RDk1OTgyQjY2 MzYzMUZGRTk5QzdGOUZGNjVCMUQzMDMyRTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANI5fYFUKpkyOQ4Kdj5wH2Bb2bo5Q26v0VJ6asRB1/QqNSzkN8Ig /dUwt+2CHyRpBV+d6cHiXuomoOSmjW3DZ0fVCSt0MSno9PvhwkmFpmhbzGL1tTqu aeV7uBgjp0E3VY98VahU+/6HSICUiKYiLLCmn5+XnY4ToUMyu7MW3UcK1c2KAa28 ZDVOmor2s2+Cu47zXxTeJG1LO+FtUSZ6Y8Q6oHvw5gbyUbN6jK81aIf8+3yyzGxw mMVVe6UFEZsa5c92Ob6VF9d5JYV3H1DwftGjxKzbwz4BwdSO9WFtMekqeKbNdREl 0muFNZ7vo701xCnPRFCY4qyBrjsVSfuO5RUCAwEAAaOCAfMwggHvMB0GA1UdDgQW BBRCN/fZWYK2Y2Mf/pnH+f9lsdMDLjAfBgNVHSMEGDAWgBS1Lw8/9zcf8c6dgj6V SfwRWLFqKjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8zMjcy L3RTOFBQX2MzSF9IT25ZSS1sVW44RVZpeGFpby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvdFM4UFBfYzNIX0hPbllJLWxVbjhFVml4YWlvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3Mi9RamYzMlZtQ3RtTmpI XzZaeF9uX1piSFRBeTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnUIqMA0GCSqGSIb3DQEBCwUAA4IBAQBOnrYspqqze+BXPoBNLvWmWA2hZw9q XgzKUlpfN33cDSgwDyicOyD0WYmYUE0ulzTf+hsAdNPqIhvhsoIxbIUbvS1lfCG9 AzSFFBCr5DElMQPe+Zh0Uoe7/mrq4Xn9bP7KiGfko1L0wfWIy13RvwjTCEx8X+bm IYqiSHZP4nbCDe77MbP8Ci0fKZDNjb5r0QjIO1E9Q1sQiG0lXYgXqmtj6fjA3f15 6z1qVqkxjD11cHDoXP3wfIrZo7MZ1pdaxXWUbT4ZFRTkahm+JkJtu4pt6mTmZHNc QtNHpfRSiTtW1ZZngFwAN6E9YnipLvSkM8nhPaeeUWygy9vevu5GNdu7 -----END CERTIFICATE-----Generated at Fri Jun 7 17:48:01 2024 by rpki-client on console-fra.rpki-client.org