$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/9Lv3NNRFpRDshZFpYj_LOkeZdRM.roa File: 9Lv3NNRFpRDshZFpYj_LOkeZdRM.roa (raw, json) Hash identifier: e5avBYhsTJm4ex/e64omChFf1zRrVcow0wQk6i2Ugsg= Subject key identifier: F4:BB:F7:34:D4:45:A5:10:EC:85:91:69:62:3F:CB:3A:47:99:75:13 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1480 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/9Lv3NNRFpRDshZFpYj_LOkeZdRM.roa Signing time: Wed 11 Sep 2024 02:23:24 +0000 ROA not before: Wed 11 Sep 2024 02:23:24 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.36.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5248 (0x1480) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:24 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=F4BBF734D445A510EC859169623FCB3A47997513 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:77:42:62:f3:3b:3b:af:22:03:c7:ed:91:97: e3:ed:5a:42:a5:cd:49:c8:63:56:59:d0:d1:ea:f7: 14:72:0c:56:8c:80:79:8a:02:23:3e:7e:57:7e:a6: 54:7c:b1:77:fe:33:af:23:6d:18:86:bc:ab:ee:85: 55:91:58:79:17:62:e7:42:a8:a5:15:cb:9c:ef:69: f9:d5:1b:f3:5a:85:7b:63:d2:64:13:d7:a3:8d:7a: 5d:1f:10:71:0e:a4:1a:98:71:77:68:bf:bb:54:59: 4e:ba:70:c4:09:ad:bc:25:36:8c:65:5a:a9:62:98: a2:06:23:95:e6:77:dd:ec:b0:d5:05:e1:4d:8d:3f: 6b:9c:49:3d:67:a3:00:2f:b8:7d:4e:c4:56:20:bb: c5:35:da:b3:dc:45:41:af:7a:24:33:5f:9d:7c:53: 79:6d:87:52:95:eb:d9:f7:55:ce:f0:cc:e4:e4:ea: ec:a9:35:d3:45:59:26:b6:00:6e:d8:9c:1c:7b:96: 9a:c5:61:77:ca:44:d3:fa:95:22:1b:55:09:3b:8b: fd:5f:fb:34:09:26:0a:40:7f:90:61:54:d7:df:e9: 06:2d:b0:cf:b2:3e:76:9c:32:0b:c3:66:d6:f0:86: 4d:f4:4d:8e:7f:ce:a8:5d:fb:9a:fe:56:cb:f0:f4: f3:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:BB:F7:34:D4:45:A5:10:EC:85:91:69:62:3F:CB:3A:47:99:75:13 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/9Lv3NNRFpRDshZFpYj_LOkeZdRM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.36.0/22 Signature Algorithm: sha256WithRSAEncryption c0:ae:ec:60:d7:f7:54:0c:fa:d9:6a:a4:83:58:6c:b1:e0:fd: f8:17:d1:9f:49:9e:75:c8:46:2b:a1:79:3c:30:8c:54:3f:e5: e0:eb:70:a6:99:b6:99:ef:75:a2:c0:b4:67:f3:a8:1b:7c:8b: 5e:9d:5d:88:03:14:b6:82:66:31:04:24:ba:a3:6e:98:5b:ee: a3:8c:ab:3c:63:f8:5e:a4:7f:71:98:d2:3a:a7:d7:4b:e0:0c: 96:77:27:46:72:fc:58:61:a1:fc:44:d6:1a:94:26:fb:24:8d: e0:32:8b:d6:94:7e:ed:15:28:f3:56:aa:42:72:15:25:95:35: 2a:97:81:97:4c:1a:01:ef:74:00:17:e9:f5:9f:9c:25:36:76: 62:41:e8:5e:47:88:1a:ca:2c:93:dd:26:a1:fb:55:a1:b1:4e: c8:39:40:35:c6:a4:9a:c2:1b:85:f6:c4:9b:ae:8f:05:12:63: 98:82:52:04:2e:6c:02:ea:36:cf:13:2c:20:a9:04:ff:f7:25: 9c:00:6e:03:aa:d2:bd:1c:73:12:f2:50:07:f4:60:b6:26:7b: 16:07:15:6b:ce:eb:8b:c0:17:97:4b:8b:55:ce:80:07:6c:2e: d9:4a:1a:2c:1c:e8:ee:ed:a3:78:48:17:4a:09:86:2f:ec:ba: e5:16:fe:8b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEY0QkJGNzM0RDQ0NUE1 MTBFQzg1OTE2OTYyM0ZDQjNBNDc5OTc1MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1d0Ji8zs7ryIDx+2Rl+PtWkKlzUnIY1ZZ0NHq9xRyDFaMgHmK AiM+fld+plR8sXf+M68jbRiGvKvuhVWRWHkXYudCqKUVy5zvafnVG/NahXtj0mQT 16ONel0fEHEOpBqYcXdov7tUWU66cMQJrbwlNoxlWqlimKIGI5Xmd93ssNUF4U2N P2ucST1nowAvuH1OxFYgu8U12rPcRUGveiQzX518U3lth1KV69n3Vc7wzOTk6uyp NdNFWSa2AG7YnBx7lprFYXfKRNP6lSIbVQk7i/1f+zQJJgpAf5BhVNff6QYtsM+y PnacMgvDZtbwhk30TY5/zqhd+5r+Vsvw9PNlAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQU9Lv3NNRFpRDshZFpYj/LOkeZdRMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3LzlMdjNOTlJGcFJEc2ha RnBZal9MT2tlWmRSTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SQwDQYJKoZIhvcNAQELBQADggEBAMCu7GDX91QM+tlqpINYbLHg/fgX0Z9J nnXIRiuheTwwjFQ/5eDrcKaZtpnvdaLAtGfzqBt8i16dXYgDFLaCZjEEJLqjbphb 7qOMqzxj+F6kf3GY0jqn10vgDJZ3J0Zy/FhhofxE1hqUJvskjeAyi9aUfu0VKPNW qkJyFSWVNSqXgZdMGgHvdAAX6fWfnCU2dmJB6F5HiBrKLJPdJqH7VaGxTsg5QDXG pJrCG4X2xJuujwUSY5iCUgQubALqNs8TLCCpBP/3JZwAbgOq0r0ccxLyUAf0YLYm exYHFWvO64vAF5dLi1XOgAdsLtlKGiwc6O7to3hIF0oJhi/suuUW/os= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org