$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/O-B-ZsrBI-XgKg_iMRFCY37YO0Q.roa File: O-B-ZsrBI-XgKg_iMRFCY37YO0Q.roa (raw, json) Hash identifier: iuv2dR5lvhT1/lBaNLYtiPkOAkUStvSyvgWJUuH1Ge8= Subject key identifier: 3B:E0:7E:66:CA:C1:23:E5:E0:2A:0F:E2:31:11:42:63:7E:D8:3B:44 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1484 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/O-B-ZsrBI-XgKg_iMRFCY37YO0Q.roa Signing time: Wed 11 Sep 2024 02:23:25 +0000 ROA not before: Wed 11 Sep 2024 02:23:25 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5252 (0x1484) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:25 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3BE07E66CAC123E5E02A0FE2311142637ED83B44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b9:ef:9f:55:c1:96:a8:dd:fa:d3:68:58:0f: 5c:4b:94:c7:78:cf:e4:dc:58:87:80:ee:0a:1d:91: da:29:87:38:f0:d8:e0:56:13:94:03:ee:fc:51:ea: c3:a2:87:5c:8c:0e:71:71:ae:0b:ea:33:39:5c:0b: 49:d1:95:49:e7:ef:8f:07:0d:2c:63:bf:42:78:83: 03:89:e2:f2:d6:22:f1:c9:a2:5e:b4:1e:d5:b1:39: 60:7e:36:18:a9:f3:e2:a1:36:0d:31:d3:ec:de:c9: 51:eb:d5:cb:c5:08:64:f9:6d:fd:7e:70:5d:f3:25: 08:f3:3c:41:f8:e7:5e:7c:69:e8:21:a3:2f:6d:74: 0c:16:fe:33:cb:61:35:bd:28:a0:a9:48:f2:cb:82: 04:53:63:45:d8:1e:86:61:13:64:f9:9f:d7:91:0f: 49:88:bb:62:c3:65:82:9b:17:10:7c:fe:d3:1f:11: ff:0d:25:4b:73:64:10:60:4d:65:c2:8e:26:ce:fa: fe:2a:c3:19:ff:91:2b:89:e5:cc:f4:69:0d:33:ca: 54:4a:46:9a:b9:36:63:62:1b:5e:f6:b8:1c:85:1e: cb:36:c6:ee:43:86:5f:0a:b4:d7:50:3f:e7:70:fb: ac:3e:f4:7a:5d:04:5f:ad:4c:fb:d0:16:f2:c8:0b: 45:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:E0:7E:66:CA:C1:23:E5:E0:2A:0F:E2:31:11:42:63:7E:D8:3B:44 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/O-B-ZsrBI-XgKg_iMRFCY37YO0Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.0.0/22 Signature Algorithm: sha256WithRSAEncryption d7:c6:0d:50:4d:25:76:6a:ca:dc:1a:cc:61:ea:5c:84:cb:9f: 38:b9:10:a5:a0:81:db:6f:08:a8:2d:96:9d:cb:65:1f:32:c3: 25:53:86:fc:9d:bc:d5:2e:e7:2b:86:00:e1:08:21:a3:63:15: e4:63:61:c5:bf:f4:37:38:e9:94:59:87:23:cd:30:6c:c4:f6: 9a:17:11:e6:09:d1:30:ed:dc:d9:d6:70:f3:a1:72:5a:d6:93: ff:19:62:1f:44:31:ca:c3:e3:f5:e0:8d:a4:e1:cc:26:eb:1e: d0:47:a4:58:99:ff:d3:3b:ea:d2:1e:fa:28:2c:64:81:7d:3a: 0d:a4:27:1d:4b:15:d2:64:07:a2:c5:e2:3d:63:53:7b:75:bb: 67:0e:f1:f8:ca:d2:9d:1f:10:a5:63:7d:e3:b3:9a:a7:11:83: 5d:20:f7:74:4e:76:f0:e5:8c:01:6b:0e:71:18:25:d1:dc:22: 00:17:06:a1:7b:5e:c6:b9:65:86:4a:10:c0:8d:61:f1:c2:64: 06:7a:d6:0e:27:0a:2d:f9:15:20:22:bc:1e:38:98:8a:f7:b1: 5e:56:c8:82:b7:40:58:b0:fd:69:22:3c:37:b4:4b:32:91:96: dc:3e:81:cd:61:99:a7:0a:b9:85:52:0d:6a:7c:28:e6:8f:be: 2c:2c:08:68 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFIQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCRTA3RTY2Q0FDMTIz RTVFMDJBMEZFMjMxMTE0MjYzN0VEODNCNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyue+fVcGWqN3602hYD1xLlMd4z+TcWIeA7godkdophzjw2OBW E5QD7vxR6sOih1yMDnFxrgvqMzlcC0nRlUnn748HDSxjv0J4gwOJ4vLWIvHJol60 HtWxOWB+Nhip8+KhNg0x0+zeyVHr1cvFCGT5bf1+cF3zJQjzPEH45158aeghoy9t dAwW/jPLYTW9KKCpSPLLggRTY0XYHoZhE2T5n9eRD0mIu2LDZYKbFxB8/tMfEf8N JUtzZBBgTWXCjibO+v4qwxn/kSuJ5cz0aQ0zylRKRpq5NmNiG172uByFHss2xu5D hl8KtNdQP+dw+6w+9HpdBF+tTPvQFvLIC0XbAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUO+B+ZsrBI+XgKg/iMRFCY37YO0QwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L08tQi1ac3JCSS1YZ0tn X2lNUkZDWTM3WU8wUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QAwDQYJKoZIhvcNAQELBQADggEBANfGDVBNJXZqytwazGHqXITLnzi5EKWg gdtvCKgtlp3LZR8ywyVThvydvNUu5yuGAOEIIaNjFeRjYcW/9Dc46ZRZhyPNMGzE 9poXEeYJ0TDt3NnWcPOhclrWk/8ZYh9EMcrD4/XgjaThzCbrHtBHpFiZ/9M76tIe +igsZIF9Og2kJx1LFdJkB6LF4j1jU3t1u2cO8fjK0p0fEKVjfeOzmqcRg10g93RO dvDljAFrDnEYJdHcIgAXBqF7Xsa5ZYZKEMCNYfHCZAZ61g4nCi35FSAivB44mIr3 sV5WyIK3QFiw/WkiPDe0SzKRltw+gc1hmacKuYVSDWp8KOaPviwsCGg= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org