$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/FfZM_cUDhPsY_MUuKhBoCbdN0WU.roa File: FfZM_cUDhPsY_MUuKhBoCbdN0WU.roa (raw, json) Hash identifier: yPwlTFcRvZOBQkuHsRJtQJVhrjMuDc7wt/nahoSwYCw= Subject key identifier: 15:F6:4C:FD:C5:03:84:FB:18:FC:C5:2E:2A:10:68:09:B7:4D:D1:65 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1515 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/FfZM_cUDhPsY_MUuKhBoCbdN0WU.roa Signing time: Wed 11 Sep 2024 02:30:07 +0000 ROA not before: Wed 11 Sep 2024 02:30:07 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.45.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5397 (0x1515) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:30:07 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=15F64CFDC50384FB18FCC52E2A106809B74DD165 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e2:18:a3:fb:14:ed:40:50:67:f4:9c:b5:73: 60:aa:43:32:de:34:c1:6b:b3:a6:c4:8a:0d:0c:b2: 85:79:54:bf:ce:4d:17:ba:5d:62:36:ed:42:2d:d3: 13:ce:8b:a1:c8:c0:ea:a1:c2:f4:86:d1:c3:16:17: e5:64:b4:f9:f8:c9:f8:10:c6:1e:9e:4a:5e:cc:38: 8b:ec:23:2d:9e:fc:da:ff:55:ce:e5:85:30:9c:02: 2d:0f:d3:ba:59:d5:fe:74:37:c8:dd:13:b1:37:b5: 3b:ee:0a:36:2d:d0:19:2d:29:90:cf:99:8e:3c:79: e8:71:55:60:3c:2b:ad:d7:05:64:1e:87:4e:24:0d: 15:40:6b:d4:bd:c3:1b:75:eb:54:27:f5:a2:4d:b7: c3:e5:99:34:b6:8a:ac:5c:5e:6c:e3:63:dc:e9:7f: 3b:59:1d:94:34:6f:c9:96:cc:ca:5c:a5:27:de:28: 50:fc:7f:61:c5:07:fe:f8:2c:2a:5e:2f:8c:25:8f: aa:bd:d3:ae:cc:7f:ac:a2:b5:80:c6:7f:15:0c:a3: 44:2c:d4:f3:85:5e:b5:03:b6:79:64:17:b7:43:1c: c2:71:12:db:da:e7:c4:6a:69:c7:d8:e7:8e:e0:ad: 05:59:89:3b:b4:2e:c2:ea:ea:ca:04:72:b7:f6:66: 42:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:F6:4C:FD:C5:03:84:FB:18:FC:C5:2E:2A:10:68:09:B7:4D:D1:65 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/FfZM_cUDhPsY_MUuKhBoCbdN0WU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.45.0/24 Signature Algorithm: sha256WithRSAEncryption c0:ad:bd:95:90:b7:93:ab:5f:32:f2:26:c9:90:b3:53:34:eb: 82:86:ae:3f:e5:8d:99:65:e0:4a:ad:ea:f1:3c:e7:62:ab:b5: 19:45:ce:74:80:f2:2f:3c:4b:78:0d:95:e1:15:98:3d:63:40: a0:a7:19:47:f9:10:7d:12:5d:8a:ca:0f:cf:cf:5f:e9:ed:10: 60:35:c5:0e:71:5d:62:f5:0c:68:f9:d0:50:46:56:39:f7:a4: 69:7e:38:97:a2:93:ae:9d:d1:41:d6:8a:2c:d2:47:05:08:d5: 26:ac:d9:a7:e4:80:9d:e5:6d:91:4a:35:e2:15:6d:bd:2b:e5: 5d:46:37:e9:b1:51:78:b7:ef:e2:d2:f1:12:0e:1d:b5:fd:1b: f6:10:56:96:44:b2:67:ad:72:ac:6c:69:8a:c2:c4:1d:f4:8a: 9e:11:e1:1b:2c:fe:47:7f:e0:bf:bd:07:91:3e:5a:5d:55:e8: 1d:30:cc:0a:18:78:27:f3:5e:b7:23:dc:eb:d9:f4:39:ea:88: 9b:a6:8c:e8:b7:3a:b3:95:03:6b:fd:48:f9:f8:bb:e6:e8:75: 7a:3b:16:ea:11:b1:d2:cb:6e:22:c5:f0:2d:1f:df:50:2f:c6: 03:35:2e:6d:23:1c:7c:4b:99:85:ef:5c:28:14:3d:d6:76:b6: 75:ff:54:31 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFRUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjMwMDdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDE1RjY0Q0ZEQzUwMzg0 RkIxOEZDQzUyRTJBMTA2ODA5Qjc0REQxNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC/4hij+xTtQFBn9Jy1c2CqQzLeNMFrs6bEig0MsoV5VL/OTRe6 XWI27UIt0xPOi6HIwOqhwvSG0cMWF+VktPn4yfgQxh6eSl7MOIvsIy2e/Nr/Vc7l hTCcAi0P07pZ1f50N8jdE7E3tTvuCjYt0BktKZDPmY48eehxVWA8K63XBWQeh04k DRVAa9S9wxt161Qn9aJNt8PlmTS2iqxcXmzjY9zpfztZHZQ0b8mWzMpcpSfeKFD8 f2HFB/74LCpeL4wlj6q9067Mf6yitYDGfxUMo0Qs1POFXrUDtnlkF7dDHMJxEtva 58RqacfY547grQVZiTu0LsLq6soEcrf2ZkJHAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUFfZM/cUDhPsY/MUuKhBoCbdN0WUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0ZmWk1fY1VEaFBzWV9N VXVLaEJvQ2JkTjBXVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3S0wDQYJKoZIhvcNAQELBQADggEBAMCtvZWQt5OrXzLyJsmQs1M064KGrj/l jZll4Eqt6vE852KrtRlFznSA8i88S3gNleEVmD1jQKCnGUf5EH0SXYrKD8/PX+nt EGA1xQ5xXWL1DGj50FBGVjn3pGl+OJeik66d0UHWiizSRwUI1Sas2afkgJ3lbZFK NeIVbb0r5V1GN+mxUXi37+LS8RIOHbX9G/YQVpZEsmetcqxsaYrCxB30ip4R4Rss /kd/4L+9B5E+Wl1V6B0wzAoYeCfzXrcj3OvZ9DnqiJumjOi3OrOVA2v9SPn4u+bo dXo7FuoRsdLLbiLF8C0f31AvxgM1Lm0jHHxLmYXvXCgUPdZ2tnX/VDE= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:47 2024 by rpki-client on console-ams.rpki-client.org