$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/PEgQcbSdHnygQcjvuxROCV3sKSU.roa File: PEgQcbSdHnygQcjvuxROCV3sKSU.roa (raw, json) Hash identifier: B7kwt3gaiddtKC0RHVVoVaqyhn5M9qjvupQ0bEOOwgM= Subject key identifier: 3C:48:10:71:B4:9D:1E:7C:A0:41:C8:EF:BB:14:4E:09:5D:EC:29:25 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 154F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PEgQcbSdHnygQcjvuxROCV3sKSU.roa Signing time: Wed 11 Sep 2024 03:59:22 +0000 ROA not before: Wed 11 Sep 2024 03:59:22 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5455 (0x154f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:59:22 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=3C481071B49D1E7CA041C8EFBB144E095DEC2925 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:88:22:05:cd:ff:8e:22:d7:90:41:a1:a4:d7: b2:fa:e0:5b:a3:98:4d:3a:b8:0b:56:f0:f0:4e:24: 3a:d5:d3:0d:6e:76:2f:6a:16:3d:76:b0:41:de:ea: 36:17:8e:a3:e7:21:e3:ec:1f:ac:0e:80:d1:75:e2: 0a:63:d3:c0:ec:ee:74:89:3f:ed:17:6e:d9:f8:81: 9f:e6:2d:1c:5c:20:a2:4a:46:b9:0c:1d:dc:14:9d: d5:f0:77:da:17:37:47:f3:cd:0b:86:80:19:d1:97: 17:cb:74:9f:41:b5:36:61:be:d9:15:a8:a6:fc:97: 59:12:6e:bd:38:7c:ba:ff:48:b0:ec:8f:aa:37:e2: 4b:8e:88:b0:38:fa:7f:c7:5c:d5:44:87:b6:c0:9c: ad:08:90:f8:72:73:0c:cd:c0:c9:aa:4c:26:f3:78: ba:b2:a9:c9:7e:cb:99:3f:62:0b:ee:80:bd:88:61: 8d:f0:06:e7:4d:08:6b:ab:62:39:48:69:73:85:14: f0:c9:53:9f:8a:7a:c1:06:7f:2c:56:67:a6:78:99: 20:6a:6e:90:da:af:b7:0b:df:19:14:f2:28:67:d5: 10:ab:e2:31:e6:02:b8:89:6f:51:ec:33:60:38:d3: 9b:92:62:13:fb:70:f9:3d:63:68:a2:62:7f:31:d1: 60:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:48:10:71:B4:9D:1E:7C:A0:41:C8:EF:BB:14:4E:09:5D:EC:29:25 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/PEgQcbSdHnygQcjvuxROCV3sKSU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.15.0/24 Signature Algorithm: sha256WithRSAEncryption 36:a3:25:74:bc:62:65:55:84:e6:71:70:9b:bf:06:43:3f:dc: 4b:b0:e9:dd:67:4f:77:2f:ca:e1:d0:40:b9:22:8f:d8:3b:6f: d8:90:9c:b5:4d:f2:f2:f9:32:d9:76:18:11:3c:45:4b:ad:f2: 87:49:10:d9:72:aa:59:a3:be:54:f5:c0:3f:a2:8e:dd:61:28: b0:4e:07:ba:db:0c:82:3e:11:e3:72:7d:4f:dd:95:58:20:12: 02:eb:0e:55:b0:53:f6:9d:49:c6:2e:0a:f5:8c:c6:cc:42:9b: df:be:a9:0d:01:f2:67:1c:cd:e0:31:da:bb:8c:dc:04:1b:9b: 3b:f1:ba:e2:e9:e0:e8:2f:57:55:0c:06:6d:b6:46:90:c2:f6: d4:09:db:da:ea:cd:9f:ee:c7:2b:03:ba:49:ba:d0:4d:75:83: 9a:cb:b3:ee:08:41:b5:b5:54:56:99:f0:6d:ca:c3:b6:82:31: e2:98:56:14:82:35:8a:e8:9a:bf:c9:e1:8c:09:55:bc:fa:c5: a9:57:8d:8f:a7:cf:20:24:50:a6:e4:6d:e8:d3:32:ed:5f:3d: b6:b2:5a:a1:ef:52:ca:3d:98:ae:b9:90:25:52:0c:a6:b0:4c: 62:ba:ec:bf:fd:01:88:30:c8:3f:f2:b7:63:33:05:05:76:4a: a7:2e:8b:85 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFU8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU5MjJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDNDNDgxMDcxQjQ5RDFF N0NBMDQxQzhFRkJCMTQ0RTA5NURFQzI5MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCziCIFzf+OIteQQaGk17L64FujmE06uAtW8PBOJDrV0w1udi9q Fj12sEHe6jYXjqPnIePsH6wOgNF14gpj08Ds7nSJP+0Xbtn4gZ/mLRxcIKJKRrkM HdwUndXwd9oXN0fzzQuGgBnRlxfLdJ9BtTZhvtkVqKb8l1kSbr04fLr/SLDsj6o3 4kuOiLA4+n/HXNVEh7bAnK0IkPhycwzNwMmqTCbzeLqyqcl+y5k/YgvugL2IYY3w BudNCGurYjlIaXOFFPDJU5+KesEGfyxWZ6Z4mSBqbpDar7cL3xkU8ihn1RCr4jHm AriJb1HsM2A405uSYhP7cPk9Y2iiYn8x0WCLAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUPEgQcbSdHnygQcjvuxROCV3sKSUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1BFZ1FjYlNkSG55Z1Fj anZ1eFJPQ1Yzc0tTVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3Q8wDQYJKoZIhvcNAQELBQADggEBADajJXS8YmVVhOZxcJu/BkM/3Euw6d1n T3cvyuHQQLkij9g7b9iQnLVN8vL5Mtl2GBE8RUut8odJENlyqlmjvlT1wD+ijt1h KLBOB7rbDII+EeNyfU/dlVggEgLrDlWwU/adScYuCvWMxsxCm9++qQ0B8mcczeAx 2ruM3AQbmzvxuuLp4OgvV1UMBm22RpDC9tQJ29rqzZ/uxysDukm60E11g5rLs+4I QbW1VFaZ8G3Kw7aCMeKYVhSCNYromr/J4YwJVbz6xalXjY+nzyAkUKbkbejTMu1f PbayWqHvUso9mK65kCVSDKawTGK67L/9AYgwyD/yt2MzBQV2Sqcui4U= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org