$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/O2I3K-daiuqfPLnWs6JUwW8_Sg0.roa File: O2I3K-daiuqfPLnWs6JUwW8_Sg0.roa (raw, json) Hash identifier: t3IwOYunMh431dQZ3ZbmcMREDmnvZ6ciqiL/z5npwgM= Subject key identifier: 3B:62:37:2B:E7:5A:8A:EA:9F:3C:B9:D6:B3:A2:54:C1:6F:3F:4A:0D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 156D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/O2I3K-daiuqfPLnWs6JUwW8_Sg0.roa Signing time: Wed 11 Sep 2024 04:04:12 +0000 ROA not before: Wed 11 Sep 2024 04:04:12 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.92.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5485 (0x156d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 04:04:12 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3B62372BE75A8AEA9F3CB9D6B3A254C16F3F4A0D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:fa:4b:67:0c:28:a5:94:60:64:89:a7:73:c4: 98:f4:57:d3:b7:55:90:19:47:31:1a:3f:79:15:7d: f1:d3:86:07:da:a2:bd:ef:14:4b:c4:f2:a9:6a:2b: 48:a6:df:d8:a5:17:f5:12:50:f9:ce:59:d1:b3:52: d5:80:34:03:32:8f:07:af:df:c1:43:d3:46:34:c1: d2:2e:3a:9f:6e:23:d6:0b:b6:7b:49:95:8a:b0:2e: a6:b6:9d:4f:b3:95:7a:c3:60:88:9a:ce:58:e7:9b: d4:13:00:40:6c:13:ba:ee:68:3a:f8:3b:d8:de:da: 55:8b:ce:9d:10:58:a2:fc:75:83:67:2c:4c:d4:b1: 59:97:cc:af:71:b1:2d:e9:23:ad:45:88:36:f4:77: 17:13:4d:00:f7:49:ab:5a:9e:ca:de:2c:14:15:e2: 97:c8:3c:2c:ce:27:6d:47:3d:bc:54:75:a2:99:c3: ea:d7:38:fd:1e:3e:3b:4c:90:03:45:10:fa:92:18: 86:03:1d:e0:fa:bd:c2:85:7c:91:56:e1:34:30:9d: 5f:65:01:01:b1:1b:10:5f:82:4f:1c:46:7a:50:87: 60:e5:17:2a:56:c0:5e:3b:f3:41:bf:9e:5d:fb:f5: 88:5c:01:3a:d4:3f:48:8b:44:22:c3:85:b5:57:2c: e1:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:62:37:2B:E7:5A:8A:EA:9F:3C:B9:D6:B3:A2:54:C1:6F:3F:4A:0D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/O2I3K-daiuqfPLnWs6JUwW8_Sg0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.92.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:e9:5c:c0:e9:78:cf:56:1c:1b:bf:c5:67:c4:ad:5a:2a:ea: 4a:a2:d3:2f:a2:93:9a:7d:ca:cd:64:03:c5:52:80:07:19:05: db:e2:57:05:a7:6f:4a:f9:db:b9:24:0e:8a:63:1d:e9:9d:1b: 71:a2:8e:39:93:59:d9:bc:e8:c1:43:7a:e8:3d:ef:38:16:04: 36:d3:f0:8a:6e:16:e7:39:d8:1a:8b:38:f7:77:93:31:3f:e7: b1:09:96:df:75:81:6a:dd:cf:d6:88:a0:6e:26:ef:1c:54:12: 51:16:69:9b:f6:ad:e9:cc:f6:34:2e:7f:22:05:22:8f:7e:4e: e9:58:b7:dc:86:c3:ae:dc:ca:9f:bf:48:92:29:f6:05:0f:32: 2a:bb:c4:bd:36:07:f4:c6:64:78:fd:08:d0:54:05:37:6b:f0: 4a:3e:7b:de:23:6b:54:71:f5:f8:d1:bc:48:4c:dc:9c:a7:5b: 67:f7:0e:cc:76:45:5d:ae:d1:80:9b:0c:7b:53:0c:9c:01:42: c0:5e:d0:11:82:dc:34:29:ed:bb:36:bc:85:1e:f6:cf:73:2d: d0:40:c8:04:ff:ab:28:5f:8f:85:01:98:ee:07:5f:93:ee:79: 39:c6:9b:58:20:54:71:3d:28:d5:d0:01:56:80:da:07:53:f8: 1f:14:48:26 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFW0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw NDA0MTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNCNjIzNzJCRTc1QThB RUE5RjNDQjlENkIzQTI1NEMxNkYzRjRBMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDP+ktnDCillGBkiadzxJj0V9O3VZAZRzEaP3kVffHThgfaor3v FEvE8qlqK0im39ilF/USUPnOWdGzUtWANAMyjwev38FD00Y0wdIuOp9uI9YLtntJ lYqwLqa2nU+zlXrDYIiazljnm9QTAEBsE7ruaDr4O9je2lWLzp0QWKL8dYNnLEzU sVmXzK9xsS3pI61FiDb0dxcTTQD3SatansreLBQV4pfIPCzOJ21HPbxUdaKZw+rX OP0ePjtMkANFEPqSGIYDHeD6vcKFfJFW4TQwnV9lAQGxGxBfgk8cRnpQh2DlFypW wF4780G/nl379YhcATrUP0iLRCLDhbVXLOEZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUO2I3K+daiuqfPLnWs6JUwW8/Sg0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L08ySTNLLWRhaXVxZlBM bldzNkpVd1c4X1NnMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3VwwDQYJKoZIhvcNAQELBQADggEBAHzpXMDpeM9WHBu/xWfErVoq6kqi0y+i k5p9ys1kA8VSgAcZBdviVwWnb0r527kkDopjHemdG3GijjmTWdm86MFDeug97zgW BDbT8IpuFuc52BqLOPd3kzE/57EJlt91gWrdz9aIoG4m7xxUElEWaZv2renM9jQu fyIFIo9+TulYt9yGw67cyp+/SJIp9gUPMiq7xL02B/TGZHj9CNBUBTdr8Eo+e94j a1Rx9fjRvEhM3JynW2f3Dsx2RV2u0YCbDHtTDJwBQsBe0BGC3DQp7bs2vIUe9s9z LdBAyAT/qyhfj4UBmO4HX5PueTnGm1ggVHE9KNXQAVaA2gdT+B8USCY= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org