$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/IDR-G_z25UGnUqu7WOSypS29Utk.roa File: IDR-G_z25UGnUqu7WOSypS29Utk.roa (raw, json) Hash identifier: /+uHZLFOZPbokZdEb+71PmazzqGljCXPmhoBAH+LK4c= Subject key identifier: 20:34:7E:1B:FC:F6:E5:41:A7:52:AB:BB:58:E4:B2:A5:2D:BD:52:D9 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 0CDA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/IDR-G_z25UGnUqu7WOSypS29Utk.roa Signing time: Wed 13 Mar 2024 01:21:56 +0000 ROA not before: Wed 13 Mar 2024 01:21:56 +0000 ROA not after: Fri 07 Jun 2024 02:16:11 +0000 asID: 136897 IP address blocks: 103.198.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 18:55:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3290 (0xcda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Mar 13 01:21:56 2024 GMT Not After : Jun 7 02:16:11 2024 GMT Subject: CN=20347E1BFCF6E541A752ABBB58E4B2A52DBD52D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:42:38:00:81:72:00:c4:f6:88:e0:5e:28:90: 57:35:cc:aa:98:bd:32:a9:02:04:89:26:fd:03:76: 70:e4:42:35:dd:41:7e:65:a9:66:cb:97:11:24:6c: 67:9b:fc:e6:95:14:c7:05:53:82:c1:33:2d:4e:bd: 3a:f1:f9:f8:dd:9b:2f:60:86:fc:ca:12:85:a3:35: b7:5c:39:34:b1:8f:45:a0:c5:56:11:fa:2d:e7:14: 56:0e:85:eb:07:a7:44:ff:11:1d:8b:2f:3c:d4:f7: 1b:56:0d:22:bb:ec:d8:dd:ed:3e:07:3c:02:3a:d5: 8f:26:a4:c8:50:9d:7f:96:47:83:d0:82:16:4f:f6: df:5e:44:ba:f7:9c:c6:aa:59:13:04:2c:ee:8c:74: a9:52:e4:36:53:b3:f6:df:24:38:fb:d3:45:49:56: 12:07:d0:fd:63:63:99:c3:d0:68:3a:9b:ca:15:45: 78:e0:89:1d:47:8e:17:f8:1b:3c:82:48:76:77:9d: 35:a8:03:99:2d:57:3a:4c:c8:30:49:ae:18:5b:0c: 1c:d9:9d:38:de:57:1a:eb:77:88:f4:b7:c5:0c:6a: 95:46:e4:6b:99:c2:54:93:07:7d:5c:80:a7:da:76: 90:21:6b:e3:de:77:77:98:4b:c0:ae:af:da:98:35: 09:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:34:7E:1B:FC:F6:E5:41:A7:52:AB:BB:58:E4:B2:A5:2D:BD:52:D9 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/IDR-G_z25UGnUqu7WOSypS29Utk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.198.240.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:5a:39:07:57:c0:00:0b:79:74:20:22:37:a7:17:c9:d1:b1: f7:c3:87:c5:43:e1:34:f5:e8:53:95:9f:3a:d5:46:85:e8:45: c2:84:65:70:91:94:0b:be:bd:a5:4a:b0:c5:34:a0:df:6c:26: db:ea:ed:e6:05:34:cb:76:4c:b0:47:bd:02:be:57:6f:83:f9: d5:42:16:fb:cd:53:41:40:15:d3:a8:bf:4c:61:0c:8d:5e:4c: c7:9a:f1:43:09:41:42:62:67:0e:89:63:6d:de:a9:3e:0d:a4: 0b:ca:ef:f4:37:e0:2a:4f:0c:c2:4a:bf:09:6d:da:d8:86:4b: 73:6b:bb:ed:8f:42:b2:0e:4d:c7:83:35:3b:fd:9c:ca:51:d0: 24:a3:55:bd:ef:ba:ec:d3:01:42:72:fb:ab:4e:d6:bf:ac:bb: 16:b1:da:be:f3:c5:56:3d:cd:e6:40:f1:59:b1:25:2b:a5:5b: 4f:66:99:d6:87:d0:3a:c9:4f:f0:35:75:23:77:5d:76:49:c7: cd:9f:4f:18:c2:a6:97:3c:bb:71:38:d1:47:54:b9:b9:44:73: 54:d5:a3:92:32:8c:25:d3:c5:4d:a9:1f:92:08:cf:fb:0c:70: 64:2c:4b:04:35:be:4c:2c:70:f8:03:37:ee:35:b8:1d:ca:4a: 4f:03:0d:84 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDNowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDAzMTMw MTIxNTZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDIwMzQ3RTFCRkNGNkU1 NDFBNzUyQUJCQjU4RTRCMkE1MkRCRDUyRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMQjgAgXIAxPaI4F4okFc1zKqYvTKpAgSJJv0DdnDkQjXdQX5l qWbLlxEkbGeb/OaVFMcFU4LBMy1OvTrx+fjdmy9ghvzKEoWjNbdcOTSxj0WgxVYR +i3nFFYOhesHp0T/ER2LLzzU9xtWDSK77Njd7T4HPAI61Y8mpMhQnX+WR4PQghZP 9t9eRLr3nMaqWRMELO6MdKlS5DZTs/bfJDj700VJVhIH0P1jY5nD0Gg6m8oVRXjg iR1Hjhf4GzyCSHZ3nTWoA5ktVzpMyDBJrhhbDBzZnTjeVxrrd4j0t8UMapVG5GuZ wlSTB31cgKfadpAha+Ped3eYS8Cur9qYNQlXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUIDR+G/z25UGnUqu7WOSypS29UtkwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0lEUi1HX3oyNVVHblVx dTdXT1N5cFMyOVV0ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnxvAwDQYJKoZIhvcNAQELBQADggEBAJ9aOQdXwAALeXQgIjenF8nRsffDh8VD 4TT16FOVnzrVRoXoRcKEZXCRlAu+vaVKsMU0oN9sJtvq7eYFNMt2TLBHvQK+V2+D +dVCFvvNU0FAFdOov0xhDI1eTMea8UMJQUJiZw6JY23eqT4NpAvK7/Q34CpPDMJK vwlt2tiGS3Nru+2PQrIOTceDNTv9nMpR0CSjVb3vuuzTAUJy+6tO1r+suxax2r7z xVY9zeZA8VmxJSulW09mmdaH0DrJT/A1dSN3XXZJx82fTxjCppc8u3E40UdUublE c1TVo5IyjCXTxU2pH5IIz/sMcGQsSwQ1vkwscPgDN+41uB3KSk8DDYQ= -----END CERTIFICATE-----Generated at Tue May 21 14:52:25 2024 by rpki-client on console-fra.rpki-client.org