$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/GzajHcU10PaSKKinfQ7JKTXYksw.roa File: GzajHcU10PaSKKinfQ7JKTXYksw.roa (raw, json) Hash identifier: jveUaf4+Fk9CPIXkBwPu/eGQfURjxREVYqxGdo6uwpI= Subject key identifier: 1B:36:A3:1D:C5:35:D0:F6:92:28:A8:A7:7D:0E:C9:29:35:D8:92:CC Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1467 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GzajHcU10PaSKKinfQ7JKTXYksw.roa Signing time: Wed 11 Sep 2024 02:23:15 +0000 ROA not before: Wed 11 Sep 2024 02:23:15 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.220.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5223 (0x1467) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:15 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=1B36A31DC535D0F69228A8A77D0EC92935D892CC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:df:7e:03:b7:7b:94:0a:bc:9a:24:1f:5c:d8: 60:12:bd:67:4e:c8:1b:27:3f:75:aa:d2:04:3c:37: 1d:43:d0:0c:1f:1d:07:67:06:d3:bb:59:db:a0:88: ac:42:24:85:29:cf:e1:41:03:3e:a5:ab:82:a7:e7: 49:1f:45:43:58:c8:9a:6a:43:6a:d5:2d:39:5e:fb: b5:a5:b5:03:91:5e:f9:8b:b8:69:fc:76:97:86:a4: f4:91:5c:af:a1:aa:a2:b8:8e:c9:9c:44:ce:3e:bb: b0:39:c7:95:9f:78:f6:e4:35:05:df:21:d5:5f:9b: 6d:43:37:cd:0f:4d:7d:10:46:e2:5a:93:71:e4:5f: a1:e0:5e:d2:bc:c2:59:26:ba:9b:29:6c:b6:5f:02: 74:50:ea:4a:aa:26:14:40:78:cd:42:50:6f:c1:7e: eb:43:d9:3c:43:6d:8e:c5:a4:c8:ed:c4:77:1a:9b: 02:47:b0:1a:47:60:4d:0e:49:3c:ec:8e:16:64:d6: a9:08:72:af:2b:cc:0f:6a:9a:62:06:ed:af:9c:b8: ca:ee:d3:e6:40:35:2a:3a:36:c2:a4:5d:86:2a:4d: ba:aa:5c:ea:59:98:83:aa:b2:de:1d:a0:00:37:d0: 18:2c:19:fc:c7:7c:dd:89:b0:d5:18:b5:eb:d5:b0: e2:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:36:A3:1D:C5:35:D0:F6:92:28:A8:A7:7D:0E:C9:29:35:D8:92:CC X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/GzajHcU10PaSKKinfQ7JKTXYksw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.255.0/24 Signature Algorithm: sha256WithRSAEncryption cb:00:11:91:18:a3:f2:2c:13:98:99:80:c8:5b:00:3c:c2:6b: 48:c8:06:f5:04:52:75:7c:c4:9e:45:32:db:21:25:62:19:ed: fc:ad:da:b5:07:ac:8d:2b:fe:55:5a:4d:fb:d8:73:4b:a8:3e: a1:07:0d:dd:53:ea:1d:20:5e:f3:98:27:92:b6:05:87:d2:f9: db:be:67:b9:e0:57:ab:80:52:cc:2b:35:04:b5:24:8d:45:87: 52:b0:18:7b:41:f9:db:a2:e8:eb:e4:2b:b1:36:ff:ed:20:eb: 46:51:55:8b:d7:f3:c5:49:0a:64:cc:f0:8d:20:3d:64:a4:6d: b3:d9:ed:d6:07:7e:3f:92:c7:39:be:d1:73:35:12:7d:13:14: ce:7b:d3:76:77:cd:d5:41:64:7d:08:5a:26:7d:d5:a8:0a:49: 13:7a:4e:50:37:ab:de:66:eb:89:4b:3f:80:8d:e0:da:b9:d9: 55:0f:9d:85:c4:93:05:ca:26:6b:18:0e:6f:07:19:77:be:e0: 7e:66:3a:0f:f8:30:b7:d7:33:d9:94:d0:bf:e3:97:64:f0:50: 6e:ab:79:1c:20:3f:6e:25:38:65:9e:84:ae:94:73:5a:25:a9: 4a:dc:7a:36:96:3a:7f:ad:a5:18:de:1f:b7:bf:66:f6:8f:47: 2f:9e:66:57 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFGcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFCMzZBMzFEQzUzNUQw RjY5MjI4QThBNzdEMEVDOTI5MzVEODkyQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDL334Dt3uUCryaJB9c2GASvWdOyBsnP3Wq0gQ8Nx1D0AwfHQdn BtO7WdugiKxCJIUpz+FBAz6lq4Kn50kfRUNYyJpqQ2rVLTle+7WltQORXvmLuGn8 dpeGpPSRXK+hqqK4jsmcRM4+u7A5x5WfePbkNQXfIdVfm21DN80PTX0QRuJak3Hk X6HgXtK8wlkmupspbLZfAnRQ6kqqJhRAeM1CUG/BfutD2TxDbY7FpMjtxHcamwJH sBpHYE0OSTzsjhZk1qkIcq8rzA9qmmIG7a+cuMru0+ZANSo6NsKkXYYqTbqqXOpZ mIOqst4doAA30BgsGfzHfN2JsNUYtevVsOKpAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUGzajHcU10PaSKKinfQ7JKTXYkswwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0d6YWpIY1UxMFBhU0tL aW5mUTdKS1RYWWtzdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3P8wDQYJKoZIhvcNAQELBQADggEBAMsAEZEYo/IsE5iZgMhbADzCa0jIBvUE UnV8xJ5FMtshJWIZ7fyt2rUHrI0r/lVaTfvYc0uoPqEHDd1T6h0gXvOYJ5K2BYfS +du+Z7ngV6uAUswrNQS1JI1Fh1KwGHtB+dui6OvkK7E2/+0g60ZRVYvX88VJCmTM 8I0gPWSkbbPZ7dYHfj+Sxzm+0XM1En0TFM5703Z3zdVBZH0IWiZ91agKSRN6TlA3 q95m64lLP4CN4Nq52VUPnYXEkwXKJmsYDm8HGXe+4H5mOg/4MLfXM9mU0L/jl2Tw UG6reRwgP24lOGWehK6Uc1olqUrcejaWOn+tpRjeH7e/ZvaPRy+eZlc= -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:40 2024 by rpki-client on console-fra.rpki-client.org