$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/42MhCUwyA1UBArKCrpjWV7WbDus.roa File: 42MhCUwyA1UBArKCrpjWV7WbDus.roa (raw, json) Hash identifier: KLB8A4LjtaXugrO5KxBzEaYvZLKIWY51e3x6Ifqb1Q0= Subject key identifier: E3:63:21:09:4C:32:03:55:01:02:B2:82:AE:98:D6:57:B5:9B:0E:EB Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 151C Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/42MhCUwyA1UBArKCrpjWV7WbDus.roa Signing time: Wed 11 Sep 2024 02:30:09 +0000 ROA not before: Wed 11 Sep 2024 02:30:09 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5404 (0x151c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:30:09 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=E36321094C3203550102B282AE98D657B59B0EEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:fd:96:04:73:59:c9:ca:91:1a:4b:23:b3:8a: 4f:30:bd:57:63:b1:c5:f3:54:c0:9f:33:4a:1b:df: 51:bb:c7:f8:a4:3a:e9:e8:fc:ef:3f:fc:bb:f4:9e: 89:0b:cd:40:20:5a:d9:fc:b4:60:ec:b0:6e:63:1b: 7a:90:48:ad:f4:98:8d:5b:6b:8e:fc:71:95:5d:8f: 4f:3f:83:38:61:ec:c6:02:76:31:b6:d2:70:7f:5b: ad:cf:e5:07:7c:ce:20:53:dc:c1:44:7d:f9:9c:6b: c3:19:ce:e3:8b:f6:37:08:db:5f:8e:46:72:2b:43: d4:e3:f0:25:66:54:1c:dc:63:70:a5:01:5b:50:26: c0:1b:19:3e:0f:c6:f0:69:23:0e:90:2f:ff:d8:10: 3c:a7:97:b1:4a:7d:cc:8b:d5:bc:29:a9:65:f0:3c: a8:4c:2c:12:d7:fb:de:16:eb:aa:c5:fc:41:65:d7: 2a:5d:6d:d2:10:93:65:82:c1:98:23:5f:fd:4a:12: 2f:34:eb:e7:0c:d0:47:16:39:83:08:04:2c:9c:f3: 1c:69:dc:9f:bc:d4:17:cf:b6:85:40:9e:c2:5a:2d: cd:d2:70:02:7d:d6:a1:e0:53:08:06:e0:87:ce:0a: 85:e6:50:16:84:94:bc:39:2a:9a:8a:be:71:81:98: 17:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:63:21:09:4C:32:03:55:01:02:B2:82:AE:98:D6:57:B5:9B:0E:EB X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/42MhCUwyA1UBArKCrpjWV7WbDus.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.51.0/24 Signature Algorithm: sha256WithRSAEncryption ad:6a:38:66:93:0e:bd:0a:b9:9b:c0:87:c1:65:b0:6c:e3:d2: a2:d5:3b:12:5a:18:23:7f:cf:d3:2f:32:a9:e1:48:3f:96:55: 00:35:97:a8:83:01:bd:af:0a:ce:6d:fd:22:cf:05:e3:06:ad: 5c:2a:13:ac:7d:68:0c:86:a4:f5:15:75:93:9d:91:c8:bb:74: a6:e5:bd:5d:d0:70:6e:f3:1a:f5:09:22:0c:aa:55:84:31:cb: bd:22:9c:b4:16:b6:19:28:b6:c8:4d:3c:66:6a:aa:f1:d6:e7: d4:84:b4:16:86:c5:cd:42:c5:bc:b7:31:7d:5a:12:3e:5f:c1: a5:52:10:5b:07:f8:27:fb:ea:08:e2:4e:79:93:35:58:26:43: 54:ca:34:fe:93:9c:2d:84:3c:32:6b:46:fc:28:3c:c2:78:f8: af:bc:49:48:19:98:e0:2c:57:f8:7a:9f:c0:86:62:66:0e:3c: af:7c:cf:ed:51:26:67:0f:74:81:9e:83:14:90:d9:bc:4e:e8: 04:cd:e0:28:ca:1d:4a:ce:86:d1:e3:6f:16:ab:d0:3a:aa:1a: 62:cc:3c:68:b8:a5:13:ad:67:fb:53:2f:8f:09:90:c2:b7:d0: 23:59:cd:d2:62:05:ca:56:d2:a4:0b:ec:2b:76:90:72:94:07: a7:6a:ab:cd -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFRwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjMwMDlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEUzNjMyMTA5NEMzMjAz NTUwMTAyQjI4MkFFOThENjU3QjU5QjBFRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0/ZYEc1nJypEaSyOzik8wvVdjscXzVMCfM0ob31G7x/ikOuno /O8//Lv0nokLzUAgWtn8tGDssG5jG3qQSK30mI1ba478cZVdj08/gzhh7MYCdjG2 0nB/W63P5Qd8ziBT3MFEffmca8MZzuOL9jcI21+ORnIrQ9Tj8CVmVBzcY3ClAVtQ JsAbGT4PxvBpIw6QL//YEDynl7FKfcyL1bwpqWXwPKhMLBLX+94W66rF/EFl1ypd bdIQk2WCwZgjX/1KEi806+cM0EcWOYMIBCyc8xxp3J+81BfPtoVAnsJaLc3ScAJ9 1qHgUwgG4IfOCoXmUBaElLw5KpqKvnGBmBelAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU42MhCUwyA1UBArKCrpjWV7WbDuswHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzQyTWhDVXd5QTFVQkFy S0NycGpXVjdXYkR1cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3TMwDQYJKoZIhvcNAQELBQADggEBAK1qOGaTDr0KuZvAh8FlsGzj0qLVOxJa GCN/z9MvMqnhSD+WVQA1l6iDAb2vCs5t/SLPBeMGrVwqE6x9aAyGpPUVdZOdkci7 dKblvV3QcG7zGvUJIgyqVYQxy70inLQWthkotshNPGZqqvHW59SEtBaGxc1Cxby3 MX1aEj5fwaVSEFsH+Cf76gjiTnmTNVgmQ1TKNP6TnC2EPDJrRvwoPMJ4+K+8SUgZ mOAsV/h6n8CGYmYOPK98z+1RJmcPdIGegxSQ2bxO6ATN4CjKHUrOhtHjbxar0Dqq GmLMPGi4pROtZ/tTL48JkMK30CNZzdJiBcpW0qQL7Ct2kHKUB6dqq80= -----END CERTIFICATE-----Generated at Fri Nov 22 14:30:56 2024 by rpki-client on console-ams.rpki-client.org