$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/361/OQyZYlA3L_6zGPKU7cJhUmPloT0.roa File: OQyZYlA3L_6zGPKU7cJhUmPloT0.roa (raw, json) Hash identifier: 4PvLtmaVaaehflB1xT2IuFC7PzrNob69dXRFvSWFcHk= Subject key identifier: 39:0C:99:62:50:37:2F:FE:B3:18:F2:94:ED:C2:61:52:63:E5:A1:3D Certificate issuer: /CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Certificate serial: 1714 Authority key identifier: 58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/OQyZYlA3L_6zGPKU7cJhUmPloT0.roa Signing time: Tue 21 May 2024 06:24:11 +0000 ROA not before: Tue 21 May 2024 06:24:11 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 45110 IP address blocks: 43.254.228.0/22 maxlen: 24 43.254.228.0/24 maxlen: 24 43.254.229.0/24 maxlen: 24 43.254.230.0/24 maxlen: 24 103.200.220.0/22 maxlen: 24 111.118.200.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5908 (0x1714) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=585206C87420BE42C7B9042DE3E5FD51595FF14B Validity Not Before: May 21 06:24:11 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=390C996250372FFEB318F294EDC2615263E5A13D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:87:83:85:6b:d7:d0:fe:ea:80:7d:0a:72:73: bc:f8:21:bd:d3:7f:1e:49:ee:a7:01:6b:42:b3:b1: 35:87:d9:1c:cc:8f:dd:5b:31:d1:fc:66:cf:31:96: 3e:6b:8f:d9:4d:d2:47:f0:9e:e6:74:4f:a3:5b:77: a0:8d:d3:45:04:65:88:37:9f:1a:a3:b2:56:0e:31: 8e:5f:07:15:84:51:25:4c:19:8b:a1:14:19:a8:c9: 6d:85:5f:6e:7e:1c:df:d8:95:8b:70:6e:be:6b:b6: 47:71:e8:ee:95:c1:89:5d:c3:f5:73:0c:87:88:e4: 9f:0f:4e:16:cf:66:f5:94:4c:be:e9:11:88:a0:23: 39:ef:fc:7a:b7:32:7e:7c:4a:b1:9b:fc:12:d1:20: db:22:f0:74:39:e1:4f:ec:6d:c1:2c:80:2d:47:13: 19:f4:61:1d:7f:f6:c4:9f:b6:17:1f:a9:86:fa:6c: 06:da:ca:0c:95:cc:f7:14:90:71:cf:22:8f:9e:e2: d2:2c:32:0a:44:d0:fc:be:10:2c:80:1b:7e:0e:02: c2:3b:e3:12:0d:20:d8:f9:21:f5:eb:53:c7:c2:17: 2e:53:35:5a:97:b8:56:18:9b:25:d1:82:f5:9e:61: c9:01:eb:f0:b6:ac:12:39:3d:7e:05:22:6f:5c:0a: 0e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:0C:99:62:50:37:2F:FE:B3:18:F2:94:ED:C2:61:52:63:E5:A1:3D X509v3 Authority Key Identifier: keyid:58:52:06:C8:74:20:BE:42:C7:B9:04:2D:E3:E5:FD:51:59:5F:F1:4B X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/WFIGyHQgvkLHuQQt4-X9UVlf8Us.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WFIGyHQgvkLHuQQt4-X9UVlf8Us.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/361/OQyZYlA3L_6zGPKU7cJhUmPloT0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.228.0/22 103.200.220.0/22 111.118.200.0/24 Signature Algorithm: sha256WithRSAEncryption 50:e9:a1:6a:c2:2f:13:53:be:90:d9:bc:94:e7:0f:6f:71:f6: df:93:8e:da:25:e9:c4:6a:02:70:66:8e:a1:bd:0c:85:1e:fd: 61:0f:0f:53:ec:e6:89:42:92:49:49:e1:5b:f5:ba:0f:34:a1: af:7b:86:91:9d:e4:89:07:07:2b:14:29:50:d7:9c:56:07:75: 03:a1:d6:b8:dd:c0:7d:77:ab:01:d3:a8:8f:f6:92:e0:79:13: e6:24:ee:9e:e1:e0:f2:60:69:34:70:0a:eb:bc:e1:01:04:d8: f5:82:72:84:b2:0c:75:fb:3d:21:76:81:d7:fa:fa:89:10:c7: e2:30:b2:7c:28:58:26:b4:33:5d:ea:67:c6:5a:20:f7:ad:aa: a2:a3:0e:26:e5:b7:06:c1:06:00:fa:a0:2f:8f:93:0b:96:b5: 9d:38:c7:02:2a:4b:87:1f:fe:32:5c:f2:7c:ee:64:72:16:86: 2d:57:64:76:cc:0f:49:06:5b:0c:c7:b3:65:52:0d:e7:5f:d4: 71:80:c8:9c:5c:7e:be:00:2b:47:ce:a8:9e:8c:2f:3f:4d:3c: 22:3e:c3:35:44:03:9c:47:88:6d:a7:1a:82:ea:46:9a:a3:1b: e6:bf:7b:49:f2:d5:88:3d:df:45:4c:45:8c:de:e7:37:b2:55: d0:ce:0f:74 -----BEGIN CERTIFICATE----- MIIE4TCCA8mgAwIBAgICFxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg1 MjA2Qzg3NDIwQkU0MkM3QjkwNDJERTNFNUZENTE1OTVGRjE0QjAeFw0yNDA1MjEw NjI0MTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM5MEM5OTYyNTAzNzJG RkVCMzE4RjI5NEVEQzI2MTUyNjNFNUExM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGh4OFa9fQ/uqAfQpyc7z4Ib3Tfx5J7qcBa0KzsTWH2RzMj91b MdH8Zs8xlj5rj9lN0kfwnuZ0T6Nbd6CN00UEZYg3nxqjslYOMY5fBxWEUSVMGYuh FBmoyW2FX25+HN/YlYtwbr5rtkdx6O6VwYldw/VzDIeI5J8PThbPZvWUTL7pEYig Iznv/Hq3Mn58SrGb/BLRINsi8HQ54U/sbcEsgC1HExn0YR1/9sSfthcfqYb6bAba ygyVzPcUkHHPIo+e4tIsMgpE0Py+ECyAG34OAsI74xININj5IfXrU8fCFy5TNVqX uFYYmyXRgvWeYckB6/C2rBI5PX4FIm9cCg6LAgMBAAGjggH9MIIB+TAdBgNVHQ4E FgQUOQyZYlA3L/6zGPKU7cJhUmPloT0wHwYDVR0jBBgwFoAUWFIGyHQgvkLHuQQt 4+X9UVlf8UswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYx L1dGSUd5SFFndmtMSHVRUXQ0LVg5VVZsZjhVcy5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV0ZJR3lIUWd2a0xIdVFRdDQtWDlVVmxmOFVzLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzYxL09ReVpZbEEzTF82ekdQ S1U3Y0poVW1QbG9UMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID BAIr/uQDBAJnyNwDBABvdsgwDQYJKoZIhvcNAQELBQADggEBAFDpoWrCLxNTvpDZ vJTnD29x9t+Tjtol6cRqAnBmjqG9DIUe/WEPD1Ps5olCkklJ4Vv1ug80oa97hpGd 5IkHBysUKVDXnFYHdQOh1rjdwH13qwHTqI/2kuB5E+Yk7p7h4PJgaTRwCuu84QEE 2PWCcoSyDHX7PSF2gdf6+okQx+IwsnwoWCa0M13qZ8ZaIPetqqKjDibltwbBBgD6 oC+PkwuWtZ04xwIqS4cf/jJc8nzuZHIWhi1XZHbMD0kGWwzHs2VSDedf1HGAyJxc fr4AK0fOqJ6MLz9NPCI+wzVEA5xHiG2nGoLqRpqjG+a/e0ny1Yg930VMRYze5zey VdDOD3Q= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org