$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/A2MngGp4Iw3NLaUikxnJLfBki1A.roa File: A2MngGp4Iw3NLaUikxnJLfBki1A.roa (raw, json) Hash identifier: rz8sX9EYdBP/9MLwQctvCrHVKd+XbZrN300MFNy34+0= Subject key identifier: 03:63:27:80:6A:78:23:0D:CD:2D:A5:22:93:19:C9:2D:F0:64:8B:50 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1529 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/A2MngGp4Iw3NLaUikxnJLfBki1A.roa Signing time: Wed 11 Sep 2024 03:54:53 +0000 ROA not before: Wed 11 Sep 2024 03:54:53 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.6.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5417 (0x1529) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:54:53 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=036327806A78230DCD2DA5229319C92DF0648B50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2e:dd:73:10:b4:b2:6d:ba:05:17:56:d2:ad: 65:d0:07:d3:79:59:59:fe:06:a3:93:42:55:5a:cb: bd:eb:d4:01:82:e6:9c:e0:f4:ec:49:b7:a6:cb:e8: d6:1e:b8:82:dc:a6:37:3c:05:45:05:c8:96:40:dd: 07:73:64:24:ce:cc:4a:f5:73:11:85:89:f6:b8:65: 97:28:41:d5:ce:ae:ac:db:a2:51:94:d5:c0:6d:5a: ba:ff:62:4c:07:10:07:39:8b:5f:cd:50:0e:54:c9: 24:2e:2c:ce:79:bb:7a:e6:fc:f9:b4:15:98:56:a5: c1:e6:e0:57:f3:ad:71:80:85:65:fa:11:31:77:0e: eb:32:a1:43:34:37:8a:67:2c:cf:4d:4f:fe:18:bc: 4e:13:7e:99:14:27:04:04:c8:43:74:5d:f3:d3:f0: ed:2d:87:da:66:8d:0f:37:c4:27:8b:f8:4d:87:76: f9:be:6a:4d:ae:03:83:68:6b:51:05:35:e7:e1:5e: 1a:f4:a3:e8:35:88:43:30:a1:f9:95:ce:73:09:ae: 21:6c:09:52:02:97:b7:e3:13:0f:b2:d5:78:be:07: 6b:ed:78:d0:92:76:1c:72:5e:b4:17:b1:cf:de:4d: 74:be:03:16:3e:7a:47:25:d7:f0:44:a3:a6:7a:d3: 9e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:63:27:80:6A:78:23:0D:CD:2D:A5:22:93:19:C9:2D:F0:64:8B:50 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/A2MngGp4Iw3NLaUikxnJLfBki1A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.6.109.0/24 Signature Algorithm: sha256WithRSAEncryption 60:1e:2b:06:ff:f1:bd:be:fa:a9:16:a5:26:b2:f3:eb:4b:14: 9e:65:04:62:94:fc:2c:54:ba:8c:01:cb:42:e3:82:44:4e:fc: 31:67:1d:df:5c:93:96:a3:bc:36:43:95:3b:3e:d1:7b:a8:a0: 28:85:78:ee:a1:84:e0:57:cd:c9:08:57:3a:ec:6f:4e:9d:34: a2:d0:b1:e0:b6:13:10:a2:6d:31:d9:37:72:58:50:cc:c5:83: ce:14:5c:e2:ba:84:99:75:f0:2b:90:59:a7:5b:02:15:08:2c: ed:05:88:8e:ac:48:b1:35:88:81:30:b8:a3:7d:13:9f:fd:09: b8:d9:bf:e2:54:bb:c4:bb:53:99:c2:d9:b7:e7:e3:cd:69:2c: 8f:fa:53:78:22:3e:fa:0b:fa:06:5f:35:ab:55:da:09:63:a4: 08:2d:a6:1e:1c:14:80:ae:0b:00:c4:15:af:3d:51:45:ca:82: e7:1a:78:b1:d3:69:28:0e:3c:c7:cd:a5:69:7b:d0:02:c7:c4: ce:87:3d:a5:83:73:ca:3e:c9:de:93:7e:d2:39:f4:76:3a:9b: e9:6b:1d:35:19:35:bb:cf:3e:4a:47:d7:9b:68:db:32:18:ce: 2f:36:2a:88:5b:c5:1b:a3:00:71:05:8e:2e:a0:4d:a8:19:47: db:7a:5a:e2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFSkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU0NTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAzNjMyNzgwNkE3ODIz MERDRDJEQTUyMjkzMTlDOTJERjA2NDhCNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyLt1zELSybboFF1bSrWXQB9N5WVn+BqOTQlVay73r1AGC5pzg 9OxJt6bL6NYeuILcpjc8BUUFyJZA3QdzZCTOzEr1cxGFifa4ZZcoQdXOrqzbolGU 1cBtWrr/YkwHEAc5i1/NUA5UySQuLM55u3rm/Pm0FZhWpcHm4FfzrXGAhWX6ETF3 DusyoUM0N4pnLM9NT/4YvE4TfpkUJwQEyEN0XfPT8O0th9pmjQ83xCeL+E2Hdvm+ ak2uA4Noa1EFNefhXhr0o+g1iEMwofmVznMJriFsCVICl7fjEw+y1Xi+B2vteNCS dhxyXrQXsc/eTXS+AxY+ekcl1/BEo6Z6054hAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUA2MngGp4Iw3NLaUikxnJLfBki1AwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0EyTW5nR3A0SXczTkxh VWlreG5KTGZCa2kxQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnBm0wDQYJKoZIhvcNAQELBQADggEBAGAeKwb/8b2++qkWpSay8+tLFJ5lBGKU /CxUuowBy0LjgkRO/DFnHd9ck5ajvDZDlTs+0XuooCiFeO6hhOBXzckIVzrsb06d NKLQseC2ExCibTHZN3JYUMzFg84UXOK6hJl18CuQWadbAhUILO0FiI6sSLE1iIEw uKN9E5/9CbjZv+JUu8S7U5nC2bfn481pLI/6U3giPvoL+gZfNatV2gljpAgtph4c FICuCwDEFa89UUXKgucaeLHTaSgOPMfNpWl70ALHxM6HPaWDc8o+yd6TftI59HY6 m+lrHTUZNbvPPkpH15to2zIYzi82KohbxRujAHEFji6gTagZR9t6WuI= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org