$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/0lZoyB5FERgDKQuXxeu66BYcP04.roa File: 0lZoyB5FERgDKQuXxeu66BYcP04.roa (raw, json) Hash identifier: +wbgf2Uu7rfczYzgGxpv1JG2g5cal6C6rmppgBB6vuk= Subject key identifier: D2:56:68:C8:1E:45:11:18:03:29:0B:97:C5:EB:BA:E8:16:1C:3F:4E Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 154E Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/0lZoyB5FERgDKQuXxeu66BYcP04.roa Signing time: Wed 11 Sep 2024 03:59:22 +0000 ROA not before: Wed 11 Sep 2024 03:59:22 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.18.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5454 (0x154e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:59:22 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=D25668C81E45111803290B97C5EBBAE8161C3F4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:63:ce:a4:1c:3a:51:95:40:77:b2:ec:ef:e9: 5b:f9:40:0b:fe:99:48:84:4b:3c:ea:d6:ba:be:a4: a5:5c:16:89:aa:e6:6f:2e:dd:97:ea:35:dc:b1:d2: 5d:66:7a:97:95:39:e7:7f:51:62:d8:26:4c:98:71: f3:c2:0b:93:c5:34:ba:10:19:b0:6c:12:47:69:3d: 16:de:11:13:01:d0:08:0c:cb:59:16:c6:48:df:f4: 16:ee:c7:e1:1e:6a:eb:3a:6c:a0:5b:fd:5f:e9:dd: bd:e3:f1:a9:16:dd:78:25:0d:cf:f4:43:13:f4:fd: a2:94:ea:c5:24:79:66:b5:b7:e3:16:cc:c0:7c:1b: 81:48:e1:72:40:49:b9:bd:d8:b0:f5:f4:07:91:a0: 0b:78:66:38:81:24:8f:69:d4:d3:2f:d0:6f:7f:f1: 8f:b5:34:bd:d7:3f:87:43:92:a6:37:6f:99:81:10: 8d:4c:96:f1:21:6b:22:c1:f1:c7:c5:2d:a8:ff:3b: 5b:28:94:37:78:9e:54:a9:39:a9:b6:62:78:1b:54: 65:bf:f5:1c:70:22:a9:bf:f6:80:fd:04:b5:ea:13: 29:7f:c7:28:03:be:4c:d9:3e:cf:5d:13:6e:8a:65: 87:b8:28:06:35:b7:73:78:6e:3e:40:50:0e:e3:24: b0:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:56:68:C8:1E:45:11:18:03:29:0B:97:C5:EB:BA:E8:16:1C:3F:4E X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/0lZoyB5FERgDKQuXxeu66BYcP04.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.18.0/24 Signature Algorithm: sha256WithRSAEncryption a9:04:73:92:65:7a:57:4c:b5:9f:47:f2:31:c8:24:5d:f4:3c: 1f:49:7f:4f:53:4d:6d:5c:b4:1e:5e:29:33:c5:8b:9f:c7:d4: 26:0a:55:56:93:9a:08:20:83:fd:3a:5a:21:5b:28:e7:09:62: c8:20:21:cc:d4:97:27:1e:80:ac:54:b9:3f:27:11:2d:05:07: 64:05:1d:1f:f6:61:0d:f7:0f:1e:c9:c7:ad:9e:a2:84:f4:2c: 70:13:d5:9e:3e:f3:ea:a9:ad:21:57:77:52:96:98:df:36:b4: 33:61:50:7c:66:af:c7:03:80:50:ea:e2:47:ab:9e:25:4e:66: 14:08:d5:0e:01:7d:0c:6a:9a:f4:42:78:d2:b8:06:2b:c1:5a: 59:6b:18:fb:e3:18:33:11:77:9b:56:e5:9b:5f:d6:aa:c9:e6: d6:19:cc:38:96:d7:15:83:92:7c:fe:e8:10:f3:29:ac:5e:78: d3:e2:fc:97:56:a3:ae:a0:48:a1:87:5f:4d:74:1c:d6:ec:c4: 9f:44:e3:9a:cb:11:fd:7e:d3:47:92:b7:51:75:a9:49:3f:f4: 32:0a:6e:34:ee:02:11:e3:cb:b6:9a:77:81:08:23:69:af:77: 67:30:0f:1a:b8:95:5a:7e:70:3f:ae:c5:f7:21:02:e1:2d:4b: 26:a3:8f:5b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU5MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQyNTY2OEM4MUU0NTEx MTgwMzI5MEI5N0M1RUJCQUU4MTYxQzNGNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKY86kHDpRlUB3suzv6Vv5QAv+mUiESzzq1rq+pKVcFomq5m8u 3ZfqNdyx0l1mepeVOed/UWLYJkyYcfPCC5PFNLoQGbBsEkdpPRbeERMB0AgMy1kW xkjf9Bbux+Eeaus6bKBb/V/p3b3j8akW3XglDc/0QxP0/aKU6sUkeWa1t+MWzMB8 G4FI4XJASbm92LD19AeRoAt4ZjiBJI9p1NMv0G9/8Y+1NL3XP4dDkqY3b5mBEI1M lvEhayLB8cfFLaj/O1solDd4nlSpOam2YngbVGW/9RxwIqm/9oD9BLXqEyl/xygD vkzZPs9dE26KZYe4KAY1t3N4bj5AUA7jJLAHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU0lZoyB5FERgDKQuXxeu66BYcP04wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzBsWm95QjVGRVJnREtR dVh4ZXU2NkJZY1AwNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RIwDQYJKoZIhvcNAQELBQADggEBAKkEc5JleldMtZ9H8jHIJF30PB9Jf09T TW1ctB5eKTPFi5/H1CYKVVaTmgggg/06WiFbKOcJYsggIczUlycegKxUuT8nES0F B2QFHR/2YQ33Dx7Jx62eooT0LHAT1Z4+8+qprSFXd1KWmN82tDNhUHxmr8cDgFDq 4kerniVOZhQI1Q4BfQxqmvRCeNK4BivBWllrGPvjGDMRd5tW5Ztf1qrJ5tYZzDiW 1xWDknz+6BDzKaxeeNPi/JdWo66gSKGHX010HNbsxJ9E45rLEf1+00eSt1F1qUk/ 9DIKbjTuAhHjy7aad4EII2mvd2cwDxq4lVp+cD+uxfchAuEtSyajj1s= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:12 2024 by rpki-client on console-fra.rpki-client.org