$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/EpsU2lfUAoiyyQGi2-nOm_WJiYM.roa File: EpsU2lfUAoiyyQGi2-nOm_WJiYM.roa (raw, json) Hash identifier: LurhgpMopM9Ru8/MDNTnj0DXVpWdDraMJdjRtVrNOLo= Subject key identifier: 12:9B:14:DA:57:D4:02:88:B2:C9:01:A2:DB:E9:CE:9B:F5:89:89:83 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1492 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EpsU2lfUAoiyyQGi2-nOm_WJiYM.roa Signing time: Wed 11 Sep 2024 02:23:30 +0000 ROA not before: Wed 11 Sep 2024 02:23:30 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 138527 IP address blocks: 103.221.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 04:51:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5266 (0x1492) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:30 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=129B14DA57D40288B2C901A2DBE9CE9BF5898983 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a8:6e:dc:02:97:02:e8:8a:f6:05:fc:42:97: 95:ce:75:5d:f5:de:96:62:56:46:d4:8f:1d:2d:f7: ab:a4:08:89:47:08:da:6c:08:1f:a0:21:ac:6c:30: e4:2c:6f:9a:3f:e7:90:c4:12:0d:37:9d:d8:14:98: 27:59:7d:d2:8e:c9:09:40:d4:c2:89:14:2e:82:83: 37:29:a7:02:29:63:68:8d:de:83:99:74:11:04:74: a4:61:48:c0:58:69:33:47:71:30:3c:ee:af:e1:88: fa:96:02:d7:8b:48:2d:97:8a:98:9a:56:22:19:80: 01:4f:68:31:34:a8:e1:7a:50:96:f1:2d:69:91:a3: 85:cb:b7:3e:4a:56:6b:a3:b5:6e:2a:e7:db:b5:3d: 27:da:b4:6f:fb:7d:2f:bd:84:02:45:4a:d4:be:30: 94:f2:32:7e:36:b2:ca:89:94:fb:6e:c3:fb:fd:13: 67:3f:a3:eb:24:77:9f:f1:71:27:8b:b5:16:52:f5: 96:e5:d9:5a:2c:55:81:f1:a0:5a:e0:df:20:b6:7b: ef:52:1b:e7:e4:8c:2a:e8:11:10:2c:44:c8:b1:20: 83:bf:88:cf:d3:9c:48:02:67:ff:5c:7c:cf:e3:eb: 9a:5e:c7:0c:b7:39:45:32:bd:79:1f:ff:e7:3f:2a: 18:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:9B:14:DA:57:D4:02:88:B2:C9:01:A2:DB:E9:CE:9B:F5:89:89:83 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/EpsU2lfUAoiyyQGi2-nOm_WJiYM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.28.0/22 Signature Algorithm: sha256WithRSAEncryption 56:ae:69:e5:7f:66:9c:56:3c:9f:0d:3a:6b:29:0d:1f:ad:3d: 41:a1:79:b8:47:84:b7:7f:9a:15:11:2a:a2:0c:dc:ff:38:ec: 8c:75:72:02:e5:b1:d2:b8:59:27:ab:1d:05:ac:35:1c:30:ca: 36:da:71:a8:47:83:83:da:fd:03:bb:76:8b:d2:f9:7f:67:d6: 39:2b:ce:4e:ba:e7:9f:50:ea:0a:40:d3:08:02:9c:67:23:8e: 30:58:d8:92:47:0c:a8:07:d6:f3:68:49:da:df:8d:5d:5e:52: cd:f9:27:29:92:6b:26:65:0a:76:2a:dd:65:4e:e0:4b:61:d3: 27:a9:51:87:34:6a:cf:f8:cc:22:15:72:89:dc:28:c2:f4:9c: ae:58:70:5f:ae:96:74:b7:6b:2f:63:90:70:13:a6:24:c3:38: 22:71:ed:49:a9:2c:f8:98:a8:32:f8:d6:14:22:0c:f8:35:49: 79:85:bc:28:6b:5e:97:28:c7:86:f8:fa:87:fc:09:14:17:de: c3:b0:61:7c:d9:41:ce:b6:c4:76:c9:39:de:7e:f3:e5:9c:ee: fb:94:02:b5:e1:50:dc:91:05:3a:e1:ee:09:91:3a:0f:33:c4: 40:ba:50:58:05:b4:be:7b:3f:5c:54:05:25:53:c9:45:94:94: 1c:e8:f6:4c -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDEyOUIxNERBNTdENDAy ODhCMkM5MDFBMkRCRTlDRTlCRjU4OTg5ODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCuqG7cApcC6Ir2BfxCl5XOdV313pZiVkbUjx0t96ukCIlHCNps CB+gIaxsMOQsb5o/55DEEg03ndgUmCdZfdKOyQlA1MKJFC6CgzcppwIpY2iN3oOZ dBEEdKRhSMBYaTNHcTA87q/hiPqWAteLSC2XipiaViIZgAFPaDE0qOF6UJbxLWmR o4XLtz5KVmujtW4q59u1PSfatG/7fS+9hAJFStS+MJTyMn42ssqJlPtuw/v9E2c/ o+skd5/xcSeLtRZS9Zbl2VosVYHxoFrg3yC2e+9SG+fkjCroERAsRMixIIO/iM/T nEgCZ/9cfM/j65pexwy3OUUyvXkf/+c/KhgDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUEpsU2lfUAoiyyQGi2+nOm/WJiYMwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0Vwc1UybGZVQW9peXlR R2kyLW5PbV9XSmlZTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RwwDQYJKoZIhvcNAQELBQADggEBAFauaeV/ZpxWPJ8NOmspDR+tPUGhebhH hLd/mhURKqIM3P847Ix1cgLlsdK4WSerHQWsNRwwyjbacahHg4Pa/QO7dovS+X9n 1jkrzk66559Q6gpA0wgCnGcjjjBY2JJHDKgH1vNoSdrfjV1eUs35JymSayZlCnYq 3WVO4Eth0yepUYc0as/4zCIVconcKML0nK5YcF+ulnS3ay9jkHATpiTDOCJx7Ump LPiYqDL41hQiDPg1SXmFvChrXpcox4b4+of8CRQX3sOwYXzZQc62xHbJOd5+8+Wc 7vuUArXhUNyRBTrh7gmROg8zxEC6UFgFtL57P1xUBSVTyUWUlBzo9kw= -----END CERTIFICATE-----Generated at Fri Nov 22 23:40:49 2024 by rpki-client on console-fra.rpki-client.org