$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/0zfuNfwcqELLz8ucjWYbHuXB8vM.roa File: 0zfuNfwcqELLz8ucjWYbHuXB8vM.roa (raw, json) Hash identifier: 8hsgtCr9qqATtlYCGndogQ0DFBWFVJI4mHL3KL6bIBo= Subject key identifier: D3:37:EE:35:FC:1C:A8:42:CB:CF:CB:9C:8D:66:1B:1E:E5:C1:F2:F3 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1561 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/0zfuNfwcqELLz8ucjWYbHuXB8vM.roa Signing time: Wed 11 Sep 2024 04:01:47 +0000 ROA not before: Wed 11 Sep 2024 04:01:47 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.45.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5473 (0x1561) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 04:01:47 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=D337EE35FC1CA842CBCFCB9C8D661B1EE5C1F2F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:22:a2:50:7f:b6:fa:f5:7d:fe:d4:16:51:d6: 78:a9:2e:f2:88:d5:3b:0d:3c:91:f8:64:8f:5a:2d: 72:0e:0b:d1:d9:01:84:91:bf:1b:cd:c6:d9:9c:17: 8c:7d:0a:52:d3:70:2e:03:5b:b2:f2:d2:f0:98:e7: f9:3a:74:93:6d:ea:a1:d1:b7:e7:05:12:f1:8f:7f: ca:fd:db:0d:47:09:c5:6f:93:53:a7:5e:8e:19:92: 8e:ce:bb:a7:79:62:96:3b:51:40:db:a4:37:ff:79: fd:bf:36:c1:34:31:0e:1f:e1:9b:50:67:bf:e3:36: c6:22:57:d4:db:ae:c0:6b:d6:3d:72:f0:5c:4a:51: 00:42:6d:cb:da:20:0f:99:9a:24:87:f5:3b:64:ba: 2c:29:91:a0:d7:5a:9f:8e:d8:de:ec:44:55:ff:02: d0:b7:32:61:39:8f:e0:ba:2a:86:4a:52:ad:e7:11: 93:29:49:0e:70:56:bf:5f:cd:03:01:84:74:37:cf: b4:83:69:19:05:41:2c:eb:9d:30:14:59:21:06:cf: 7b:0c:a5:11:1c:4e:62:72:52:ae:83:79:d0:3e:95: 2b:e6:57:6e:b2:91:41:59:50:2e:97:16:ba:b2:fa: f7:ee:92:c5:04:8e:41:eb:63:d3:9d:5c:d9:95:97: 7e:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:37:EE:35:FC:1C:A8:42:CB:CF:CB:9C:8D:66:1B:1E:E5:C1:F2:F3 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/0zfuNfwcqELLz8ucjWYbHuXB8vM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.45.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:4b:d5:ad:d5:ce:dd:aa:23:74:d7:a5:ff:a1:9f:3d:97:e1: 46:ee:46:53:25:65:57:b2:5a:8c:24:38:f0:62:a6:74:68:b7: d0:28:8a:c7:c1:32:b3:43:c6:bf:7a:07:6f:d0:9c:8c:a3:b5: 82:39:4f:ce:a8:f0:d5:71:65:d0:b7:15:63:f6:f7:5e:7b:25: d7:05:72:4e:03:6b:d3:46:ee:99:71:fc:df:9c:5b:3d:37:69: 30:43:89:fe:47:fc:79:cb:6d:10:95:be:03:6e:1d:60:fb:07: 55:f2:e8:ed:cb:e4:70:e3:ed:97:b6:39:20:d4:30:60:f6:0c: 2a:39:4c:21:3e:71:c2:ad:05:2b:13:fc:b0:3c:57:3e:bf:50: ef:ac:13:0d:0f:fb:04:19:d4:7f:2b:d2:8c:76:a0:e6:e2:34: 9f:43:43:d2:88:ca:4f:e9:28:98:e6:e1:51:73:3f:f0:19:b9: 11:96:fe:42:c7:01:8d:4f:83:cf:8b:bf:0b:39:d2:7b:54:26: e0:d0:52:69:12:6d:40:52:36:22:67:ef:5b:b0:f8:07:41:31: 45:9c:11:bd:29:58:3a:17:7f:93:9c:b3:5c:ad:db:82:ce:27: c4:6b:8f:b1:fa:c8:57:23:16:0e:f5:10:3e:e2:73:e2:2e:38: d1:7b:f0:78 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw NDAxNDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEQzMzdFRTM1RkMxQ0E4 NDJDQkNGQ0I5QzhENjYxQjFFRTVDMUYyRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCbIqJQf7b69X3+1BZR1nipLvKI1TsNPJH4ZI9aLXIOC9HZAYSR vxvNxtmcF4x9ClLTcC4DW7Ly0vCY5/k6dJNt6qHRt+cFEvGPf8r92w1HCcVvk1On Xo4Zko7Ou6d5YpY7UUDbpDf/ef2/NsE0MQ4f4ZtQZ7/jNsYiV9TbrsBr1j1y8FxK UQBCbcvaIA+ZmiSH9TtkuiwpkaDXWp+O2N7sRFX/AtC3MmE5j+C6KoZKUq3nEZMp SQ5wVr9fzQMBhHQ3z7SDaRkFQSzrnTAUWSEGz3sMpREcTmJyUq6DedA+lSvmV26y kUFZUC6XFrqy+vfuksUEjkHrY9OdXNmVl37BAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU0zfuNfwcqELLz8ucjWYbHuXB8vMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzB6ZnVOZndjcUVMTHo4 dWNqV1liSHVYQjh2TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3S0wDQYJKoZIhvcNAQELBQADggEBAG1L1a3Vzt2qI3TXpf+hnz2X4UbuRlMl ZVeyWowkOPBipnRot9AoisfBMrNDxr96B2/QnIyjtYI5T86o8NVxZdC3FWP29157 JdcFck4Da9NG7plx/N+cWz03aTBDif5H/HnLbRCVvgNuHWD7B1Xy6O3L5HDj7Ze2 OSDUMGD2DCo5TCE+ccKtBSsT/LA8Vz6/UO+sEw0P+wQZ1H8r0ox2oObiNJ9DQ9KI yk/pKJjm4VFzP/AZuRGW/kLHAY1Pg8+Lvws50ntUJuDQUmkSbUBSNiJn71uw+AdB MUWcEb0pWDoXf5Ocs1yt24LOJ8Rrj7H6yFcjFg71ED7ic+IuONF78Hg= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org