$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/-4qmH61j6Zju3phhid_i9jyapKI.roa File: -4qmH61j6Zju3phhid_i9jyapKI.roa (raw, json) Hash identifier: xDkQq6dFOqwZVFPKt1UlfZ6F+84XEWmSDyAzlkiymlc= Subject key identifier: FB:8A:A6:1F:AD:63:E9:98:EE:DE:98:61:89:DF:E2:F6:3C:9A:A4:A2 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14FB Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-4qmH61j6Zju3phhid_i9jyapKI.roa Signing time: Wed 11 Sep 2024 02:26:14 +0000 ROA not before: Wed 11 Sep 2024 02:26:14 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.19.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5371 (0x14fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:26:14 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=FB8AA61FAD63E998EEDE986189DFE2F63C9AA4A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:33:14:35:ef:c4:05:37:e5:41:cb:d4:1c:90: 31:a5:98:0d:3a:d8:8f:14:a4:b6:9a:c4:75:5a:c7: 0d:83:8a:3e:7b:0e:63:ad:02:03:12:58:b0:6c:3b: 25:12:a5:5a:df:d2:6a:b4:a5:44:6e:8e:70:68:bf: 97:79:98:02:51:ec:d0:fe:a4:b8:6c:cc:6b:93:5c: 3c:e4:32:98:91:1c:02:46:95:d5:07:cb:d9:73:b4: 78:6a:da:06:31:fe:07:18:73:27:10:02:85:c8:2f: 59:ef:cc:2b:5a:dd:0c:fd:98:59:17:c3:b2:57:a4: 26:49:15:be:f8:1a:6a:9d:e7:b5:dc:f8:7c:2a:ee: ca:84:2e:b7:b5:80:06:5d:4d:8c:28:b0:97:5b:18: 1f:51:ac:d7:0c:91:9a:7d:10:0b:46:91:cf:0e:b6: 94:c1:15:06:da:f0:b6:25:19:49:7e:6f:6e:fe:b7: 75:b2:0c:7c:11:47:e6:d8:78:af:fd:24:7f:b2:0d: 5f:2a:d2:35:6e:16:b6:84:93:b8:60:78:85:c2:37: b9:2a:50:0c:3a:82:53:d5:8e:a1:c0:b7:ac:0f:08: 82:9b:a1:1c:90:18:6a:9b:2c:b3:a9:80:12:37:ca: 83:d0:e8:85:30:d1:95:4d:ec:5a:21:0f:6c:28:a7: c1:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:8A:A6:1F:AD:63:E9:98:EE:DE:98:61:89:DF:E2:F6:3C:9A:A4:A2 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/-4qmH61j6Zju3phhid_i9jyapKI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.19.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:c0:1f:0b:1e:ab:ba:e7:8d:f6:1b:ff:bd:53:e6:2b:65:1f: 14:52:7c:e4:b1:b6:62:54:1c:1c:13:7b:ce:6f:4e:49:95:1f: 1b:ac:aa:53:e5:6e:83:e8:6d:4c:04:35:c2:29:a1:4d:a7:32: 49:c3:cb:be:8a:7d:d3:7d:db:c3:4a:aa:d6:b1:14:8a:fb:90: 9e:26:76:b6:ba:03:9c:c7:06:4c:2b:42:2d:dc:08:17:a3:f0: f7:b8:6c:e8:6d:87:5a:e3:6c:bb:28:b6:b3:ec:94:c5:34:f5: a9:1e:0f:3d:06:b5:62:67:a2:7e:c8:6e:d4:ae:e1:28:59:de: 3e:8f:82:e1:34:c7:de:b2:a0:b2:f5:f4:78:40:24:d8:a3:23: 45:fc:5e:85:6c:61:08:44:7a:8c:52:c1:f4:29:6d:d5:57:1f: a9:29:fe:bb:bf:a5:d4:18:51:a3:75:29:6d:7c:74:d7:81:bd: 74:b7:6d:d3:a9:02:c0:3f:33:ef:2b:09:c6:83:f2:66:c9:59: 1f:e3:df:c5:ce:b2:70:57:b1:88:9b:bd:6c:a1:e7:f6:2e:4c: 27:b9:90:b6:b8:3e:ba:6b:36:f3:bd:78:87:1d:67:7e:30:be: 11:68:55:70:2f:dc:67:fb:53:96:bb:3a:2d:2e:13:51:44:c9: c9:d9:d2:6c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFPswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjI2MTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEZCOEFBNjFGQUQ2M0U5 OThFRURFOTg2MTg5REZFMkY2M0M5QUE0QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCMxQ178QFN+VBy9QckDGlmA062I8UpLaaxHVaxw2Dij57DmOt AgMSWLBsOyUSpVrf0mq0pURujnBov5d5mAJR7ND+pLhszGuTXDzkMpiRHAJGldUH y9lztHhq2gYx/gcYcycQAoXIL1nvzCta3Qz9mFkXw7JXpCZJFb74Gmqd57Xc+Hwq 7sqELre1gAZdTYwosJdbGB9RrNcMkZp9EAtGkc8OtpTBFQba8LYlGUl+b27+t3Wy DHwRR+bYeK/9JH+yDV8q0jVuFraEk7hgeIXCN7kqUAw6glPVjqHAt6wPCIKboRyQ GGqbLLOpgBI3yoPQ6IUw0ZVN7FohD2wop8EnAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU+4qmH61j6Zju3phhid/i9jyapKIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3Ly00cW1INjFqNlpqdTNw aGhpZF9pOWp5YXBLSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RMwDQYJKoZIhvcNAQELBQADggEBAJvAHwseq7rnjfYb/71T5itlHxRSfOSx tmJUHBwTe85vTkmVHxusqlPlboPobUwENcIpoU2nMknDy76KfdN928NKqtaxFIr7 kJ4mdra6A5zHBkwrQi3cCBej8Pe4bOhth1rjbLsotrPslMU09akeDz0GtWJnon7I btSu4ShZ3j6PguE0x96yoLL19HhAJNijI0X8XoVsYQhEeoxSwfQpbdVXH6kp/ru/ pdQYUaN1KW18dNeBvXS3bdOpAsA/M+8rCcaD8mbJWR/j38XOsnBXsYibvWyh5/Yu TCe5kLa4PrprNvO9eIcdZ34wvhFoVXAv3Gf7U5a7Oi0uE1FEycnZ0mw= -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:42 2024 by rpki-client on console-fra.rpki-client.org