$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/INVMISCOP54KNSQzkAHmh_-mWVU.roa File: INVMISCOP54KNSQzkAHmh_-mWVU.roa (raw, json) Hash identifier: tXHNl1gkeoPHngVJzktq7PZrby0YZs4++0A/+qQ/e/g= Subject key identifier: 20:D5:4C:21:20:8E:3F:9E:0A:35:24:33:90:01:E6:87:FF:A6:59:55 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 155F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/INVMISCOP54KNSQzkAHmh_-mWVU.roa Signing time: Wed 11 Sep 2024 04:01:46 +0000 ROA not before: Wed 11 Sep 2024 04:01:46 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.33.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5471 (0x155f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 04:01:46 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=20D54C21208E3F9E0A3524339001E687FFA65955 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:77:3b:e3:fb:48:0f:6f:18:bc:90:16:f5:55: cb:28:34:44:b1:fb:37:ad:d7:b4:e0:ba:60:25:c5: 59:d6:15:6c:b2:b2:9f:65:67:a6:44:06:ab:ed:db: bb:03:fa:79:24:89:b6:2e:41:ec:1f:ac:b2:d3:8e: 6b:98:33:25:2f:0a:a4:88:00:0d:25:66:44:ae:53: 43:69:c7:52:69:50:0f:27:18:e0:40:0e:cd:54:2c: 02:fc:0f:e3:a5:b5:ef:3e:38:53:cc:3f:b5:45:7c: 78:7f:49:46:1d:db:8c:8f:3c:1e:cb:77:f8:e6:ec: 94:8e:19:b5:d0:8e:28:a4:28:09:d2:06:63:d3:1e: c8:a0:8d:96:ea:0c:1b:db:ac:88:85:4f:73:94:67: 21:2e:e7:08:59:69:fd:d8:b7:7b:01:1c:e5:c5:e7: c5:d8:15:81:92:e6:ee:67:4b:77:63:ff:39:01:7d: a9:31:66:42:22:45:d8:66:3f:eb:55:7c:ec:74:00: c1:e8:df:b9:fc:56:14:16:98:d9:a4:6c:34:dc:b1: cc:77:c1:9a:27:ea:6a:fc:77:cf:5a:8f:c4:2a:af: 5a:19:5d:d2:40:a8:a5:06:ad:7d:41:1a:0c:4b:3d: 21:df:56:34:24:82:0d:71:03:e7:15:95:ed:ad:0b: f9:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:D5:4C:21:20:8E:3F:9E:0A:35:24:33:90:01:E6:87:FF:A6:59:55 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/INVMISCOP54KNSQzkAHmh_-mWVU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.33.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:d2:96:ac:10:f0:61:94:40:c0:28:41:d9:7d:84:9f:cd:2b: 36:31:05:f3:f1:2e:8f:38:74:42:dd:c2:6b:1b:20:b1:6e:24: dc:22:ba:9e:b1:90:c3:f6:4e:66:2a:e2:5d:40:98:7c:5e:c9: 28:3f:d6:6a:0c:0a:7d:b9:25:b8:95:55:14:10:82:98:8e:ce: f9:98:ef:1a:67:09:29:ea:03:ba:34:2f:42:d2:08:a0:eb:84: 6c:f1:01:40:98:39:30:2a:23:af:bf:bc:e7:bd:7e:a3:d6:3f: f9:12:c5:ba:7f:6e:8b:d5:88:cc:ab:63:79:0b:ae:87:b8:ce: 58:59:cb:cb:04:fc:6d:5e:26:04:34:4e:73:d7:cd:7c:08:0e: 87:d4:8d:64:d6:fe:8d:a4:a7:75:ef:2e:4f:db:9a:39:4f:55: 66:16:cc:6d:56:ca:d8:5b:6d:9b:3c:c7:04:dd:cd:9f:22:b3: 36:f9:1f:84:e3:c5:37:01:56:b6:c1:aa:6c:54:db:88:46:65: 4b:3a:2e:8f:7f:c1:1d:2d:5a:21:8a:4e:d3:43:26:c7:cf:78: cc:e9:5d:8a:a3:5c:53:de:a7:89:2c:68:b7:e2:a8:b2:43:d4: 84:f1:77:c2:79:7e:93:6d:0c:1e:87:bb:d8:66:c8:e9:62:cc: bd:f4:b4:91 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFV8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw NDAxNDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIwRDU0QzIxMjA4RTNG OUUwQTM1MjQzMzkwMDFFNjg3RkZBNjU5NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCmdzvj+0gPbxi8kBb1VcsoNESx+zet17TgumAlxVnWFWyysp9l Z6ZEBqvt27sD+nkkibYuQewfrLLTjmuYMyUvCqSIAA0lZkSuU0Npx1JpUA8nGOBA Ds1ULAL8D+Olte8+OFPMP7VFfHh/SUYd24yPPB7Ld/jm7JSOGbXQjiikKAnSBmPT HsigjZbqDBvbrIiFT3OUZyEu5whZaf3Yt3sBHOXF58XYFYGS5u5nS3dj/zkBfakx ZkIiRdhmP+tVfOx0AMHo37n8VhQWmNmkbDTcscx3wZon6mr8d89aj8Qqr1oZXdJA qKUGrX1BGgxLPSHfVjQkgg1xA+cVle2tC/lNAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUINVMISCOP54KNSQzkAHmh/+mWVUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0lOVk1JU0NPUDU0S05T UXprQUhtaF8tbVdWVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SEwDQYJKoZIhvcNAQELBQADggEBAE/SlqwQ8GGUQMAoQdl9hJ/NKzYxBfPx Lo84dELdwmsbILFuJNwiup6xkMP2TmYq4l1AmHxeySg/1moMCn25JbiVVRQQgpiO zvmY7xpnCSnqA7o0L0LSCKDrhGzxAUCYOTAqI6+/vOe9fqPWP/kSxbp/bovViMyr Y3kLroe4zlhZy8sE/G1eJgQ0TnPXzXwIDofUjWTW/o2kp3XvLk/bmjlPVWYWzG1W ythbbZs8xwTdzZ8iszb5H4TjxTcBVrbBqmxU24hGZUs6Lo9/wR0tWiGKTtNDJsfP eMzpXYqjXFPep4ksaLfiqLJD1ITxd8J5fpNtDB6Hu9hmyOlizL30tJE= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org