$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/AIRtg5YZN5uBsnfBwMFITehW8GM.roa File: AIRtg5YZN5uBsnfBwMFITehW8GM.roa (raw, json) Hash identifier: LOZaOx2YLAMWfHDty+M3SVJctX6U47kg9iWLyhrkTzs= Subject key identifier: 00:84:6D:83:96:19:37:9B:81:B2:77:C1:C0:C1:48:4D:E8:56:F0:63 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1488 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/AIRtg5YZN5uBsnfBwMFITehW8GM.roa Signing time: Wed 11 Sep 2024 02:23:26 +0000 ROA not before: Wed 11 Sep 2024 02:23:26 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 59083 IP address blocks: 103.10.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5256 (0x1488) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:26 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=00846D839619379B81B277C1C0C1484DE856F063 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:cf:82:9a:ba:a8:f6:8d:c8:d2:40:ee:86:3c: eb:5c:8c:9e:19:5a:41:e7:6d:6a:a9:fe:79:cc:ec: 17:63:c2:f5:42:95:e9:04:ee:eb:bf:15:ea:9f:7c: 79:54:ff:ad:45:9d:52:93:c7:06:db:cd:90:ce:72: 8d:4d:18:d8:e3:f1:73:bb:8b:6c:db:bb:a8:bd:5d: 8e:33:81:10:54:b6:2c:9b:32:d1:c7:5d:93:8e:f6: ce:9b:9b:7c:ac:ff:e3:41:78:c9:ae:23:a7:4b:42: fd:48:02:18:1d:65:6e:a8:5e:d1:1e:9c:21:7b:d3: ed:57:61:cc:7c:eb:09:4c:c3:05:a6:78:44:3b:20: 72:ea:f8:e8:1e:23:bc:86:92:0a:c9:1f:07:4f:b1: a2:3b:53:0a:31:05:74:ed:96:b8:01:2f:31:dd:30: ee:0f:53:04:d2:aa:f6:31:e5:e3:87:c8:90:e8:1a: ee:a1:c7:98:1e:8b:6f:1d:80:d4:d8:2d:df:fe:7d: e1:a2:21:93:6f:2f:c7:14:dd:19:44:fd:fc:d3:5e: c2:3b:20:11:b1:e3:51:1e:72:9f:ea:48:8e:e7:b9: d9:74:40:df:3d:a6:07:f8:ef:a4:9f:f8:b2:fc:4d: 5e:98:ce:f5:08:b6:09:68:d6:f6:e3:6e:5e:d7:2b: cd:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:84:6D:83:96:19:37:9B:81:B2:77:C1:C0:C1:48:4D:E8:56:F0:63 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/AIRtg5YZN5uBsnfBwMFITehW8GM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.10.1.0/24 Signature Algorithm: sha256WithRSAEncryption 13:e8:7a:ad:53:94:5e:79:c3:34:97:c6:3a:f1:77:1f:e3:bc: fe:0e:e4:f9:53:34:f5:01:7d:f6:a5:b5:21:78:ad:a2:12:73: b2:f2:51:38:ca:18:f4:0a:1d:17:e7:34:c7:61:b9:7a:e8:a5: 2d:c0:17:c8:66:b1:87:35:18:cf:94:dd:eb:17:35:de:9e:af: ad:b6:7e:3d:a6:1e:72:af:64:f3:ee:00:26:da:4e:1c:ca:e0: 64:20:2a:b4:c4:b2:42:8d:bc:6f:d2:d7:d4:b9:a7:ba:33:76: 4b:50:fc:5e:18:11:0b:02:e3:88:14:de:f6:99:f0:b5:45:21: 5b:95:00:fd:26:af:98:ed:42:1f:24:bf:a7:38:7d:43:d1:7e: 65:81:4c:bf:6d:1c:10:b6:60:c9:20:56:ba:49:9b:8b:23:39: fa:65:2e:ec:56:80:e8:69:de:9f:f1:01:54:4f:33:c3:bc:e0: 92:88:bf:6d:3a:40:9d:d5:ea:c8:c3:5d:b4:8b:3b:e7:6d:8c: 0b:e5:ec:20:64:ab:ab:cb:7b:af:97:aa:31:68:b4:e9:e3:a6: 3d:f0:a0:5d:ce:f0:95:9b:65:b2:12:84:1f:f5:a1:5c:d6:f9: 1e:fb:c5:4e:42:8e:1b:a0:3e:d9:d8:7e:97:ee:0f:dc:2d:48: 9c:9d:32:1f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwODQ2RDgzOTYxOTM3 OUI4MUIyNzdDMUMwQzE0ODRERTg1NkYwNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDlz4Kauqj2jcjSQO6GPOtcjJ4ZWkHnbWqp/nnM7BdjwvVClekE 7uu/FeqffHlU/61FnVKTxwbbzZDOco1NGNjj8XO7i2zbu6i9XY4zgRBUtiybMtHH XZOO9s6bm3ys/+NBeMmuI6dLQv1IAhgdZW6oXtEenCF70+1XYcx86wlMwwWmeEQ7 IHLq+OgeI7yGkgrJHwdPsaI7UwoxBXTtlrgBLzHdMO4PUwTSqvYx5eOHyJDoGu6h x5gei28dgNTYLd/+feGiIZNvL8cU3RlE/fzTXsI7IBGx41Eecp/qSI7nudl0QN89 pgf476Sf+LL8TV6YzvUItglo1vbjbl7XK80DAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUAIRtg5YZN5uBsnfBwMFITehW8GMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0FJUnRnNVlaTjV1QnNu ZkJ3TUZJVGVoVzhHTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnCgEwDQYJKoZIhvcNAQELBQADggEBABPoeq1TlF55wzSXxjrxdx/jvP4O5PlT NPUBffaltSF4raISc7LyUTjKGPQKHRfnNMdhuXropS3AF8hmsYc1GM+U3esXNd6e r622fj2mHnKvZPPuACbaThzK4GQgKrTEskKNvG/S19S5p7ozdktQ/F4YEQsC44gU 3vaZ8LVFIVuVAP0mr5jtQh8kv6c4fUPRfmWBTL9tHBC2YMkgVrpJm4sjOfplLuxW gOhp3p/xAVRPM8O84JKIv206QJ3V6sjDXbSLO+dtjAvl7CBkq6vLe6+XqjFotOnj pj3woF3O8JWbZbIShB/1oVzW+R77xU5CjhugPtnYfpfuD9wtSJydMh8= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org