$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/DWyTNC9yHqeqVygRqKWk59otemo.roa File: DWyTNC9yHqeqVygRqKWk59otemo.roa (raw, json) Hash identifier: telRg5BDUn5NRnpVupS4WXxXwv0706ITCaoB8i39djk= Subject key identifier: 0D:6C:93:34:2F:72:1E:A7:AA:57:28:11:A8:A5:A4:E7:DA:2D:7A:6A Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14A0 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DWyTNC9yHqeqVygRqKWk59otemo.roa Signing time: Wed 11 Sep 2024 02:23:34 +0000 ROA not before: Wed 11 Sep 2024 02:23:34 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24373 IP address blocks: 103.221.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5280 (0x14a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:34 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=0D6C93342F721EA7AA572811A8A5A4E7DA2D7A6A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:fe:88:4e:74:9f:ea:b4:e3:e5:25:22:12:4f: 87:58:84:8e:36:1e:d6:0a:88:52:e0:8f:96:eb:a7: fc:07:e5:e3:7c:db:d4:53:2d:c8:4b:33:9b:b6:90: cf:7e:cd:a3:82:ce:49:09:43:a5:b1:76:26:28:b8: 0e:4a:59:a7:da:da:8c:6f:45:50:41:16:4c:7c:4d: 10:7c:23:17:7e:a1:09:d7:23:ae:f0:32:fb:46:d7: ba:9a:a8:16:19:82:bd:1b:1c:af:46:d6:6e:c7:26: e1:19:23:ed:ee:d6:c0:76:84:a1:37:6c:91:41:da: 0a:f5:7f:b3:f9:9e:b1:75:1f:42:d1:15:20:81:10: 36:12:90:24:0c:b3:e1:8e:5d:8d:ba:7c:20:39:9d: 70:df:62:85:a4:44:ba:dd:bd:4e:d1:d3:19:80:05: 59:b9:5b:58:42:f4:f8:09:30:b1:07:41:ae:11:50: 8c:31:ef:5c:92:68:18:31:a2:b3:29:6c:8e:59:fc: 91:cd:6e:06:1e:06:30:92:4b:07:c5:7d:80:3f:c5: f6:01:90:31:b6:36:c4:f5:9a:d6:1b:fc:14:97:3a: 67:d4:f3:89:89:30:86:8f:78:c3:fe:72:ec:50:61: d9:79:6c:ac:92:d6:d8:da:e6:f6:4d:dc:6c:40:a4: d6:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:6C:93:34:2F:72:1E:A7:AA:57:28:11:A8:A5:A4:E7:DA:2D:7A:6A X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/DWyTNC9yHqeqVygRqKWk59otemo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.28.0/22 Signature Algorithm: sha256WithRSAEncryption 76:a6:49:65:0e:49:59:81:26:38:ed:17:8b:eb:81:44:f7:a2: 06:e8:72:14:d7:16:e3:89:d6:41:f7:d5:15:cf:de:15:32:97: db:1f:52:ea:4e:40:94:14:8b:58:46:64:fc:8f:56:24:ae:9c: 4b:08:da:8b:33:b4:88:2b:09:99:ff:16:b4:58:9f:c9:a4:06: 11:a6:6e:3e:76:aa:2c:c6:5c:db:e1:93:79:6d:c5:95:a4:96: c7:4e:8d:75:52:45:87:44:f6:83:86:2e:ef:da:c4:c9:8b:90: dc:97:93:60:31:73:48:b0:d7:98:e0:49:ba:7c:d2:48:57:6a: 25:f1:f8:6b:51:63:49:3f:e0:f8:6d:16:b9:2f:02:52:f7:f7: 44:45:49:40:fb:dc:2b:0f:e0:1b:bf:13:d8:8c:b6:f1:3c:c4: 5f:3c:62:ae:cd:6f:4d:e8:38:e9:e4:81:8a:9a:4e:1c:34:bf: 67:a0:4a:cd:87:66:87:93:d0:3f:28:4b:70:5f:8f:4c:74:c2: e3:b4:4e:99:a3:35:d0:0d:cd:9b:d5:f7:db:5e:ea:e5:6a:1d: c1:e9:2a:a0:71:61:73:16:d9:18:7b:a3:e7:cb:d3:7c:03:28: a3:f6:93:2a:c9:ea:2a:df:8e:57:c2:15:f4:23:1b:94:68:89: 9f:f9:2b:a1 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBENkM5MzM0MkY3MjFF QTdBQTU3MjgxMUE4QTVBNEU3REEyRDdBNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDr/ohOdJ/qtOPlJSIST4dYhI42HtYKiFLgj5brp/wH5eN829RT LchLM5u2kM9+zaOCzkkJQ6WxdiYouA5KWafa2oxvRVBBFkx8TRB8Ixd+oQnXI67w MvtG17qaqBYZgr0bHK9G1m7HJuEZI+3u1sB2hKE3bJFB2gr1f7P5nrF1H0LRFSCB EDYSkCQMs+GOXY26fCA5nXDfYoWkRLrdvU7R0xmABVm5W1hC9PgJMLEHQa4RUIwx 71ySaBgxorMpbI5Z/JHNbgYeBjCSSwfFfYA/xfYBkDG2NsT1mtYb/BSXOmfU84mJ MIaPeMP+cuxQYdl5bKyS1tja5vZN3GxApNbtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUDWyTNC9yHqeqVygRqKWk59otemowHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0RXeVROQzl5SHFlcVZ5 Z1JxS1drNTlvdGVtby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RwwDQYJKoZIhvcNAQELBQADggEBAHamSWUOSVmBJjjtF4vrgUT3ogbochTX FuOJ1kH31RXP3hUyl9sfUupOQJQUi1hGZPyPViSunEsI2osztIgrCZn/FrRYn8mk BhGmbj52qizGXNvhk3ltxZWklsdOjXVSRYdE9oOGLu/axMmLkNyXk2Axc0iw15jg Sbp80khXaiXx+GtRY0k/4PhtFrkvAlL390RFSUD73CsP4Bu/E9iMtvE8xF88Yq7N b03oOOnkgYqaThw0v2egSs2HZoeT0D8oS3Bfj0x0wuO0TpmjNdANzZvV99te6uVq HcHpKqBxYXMW2Rh7o+fL03wDKKP2kyrJ6irfjlfCFfQjG5RoiZ/5K6E= -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:42 2024 by rpki-client on console-fra.rpki-client.org