$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/QTtVe7rR4YlSme4smWRBaGmms4M.roa File: QTtVe7rR4YlSme4smWRBaGmms4M.roa (raw, json) Hash identifier: +E2k4oDDkmLJz+Ij+3r8b1j13h9C+LWHaVd7vO1ursw= Subject key identifier: 41:3B:55:7B:BA:D1:E1:89:52:99:EE:2C:99:64:41:68:69:A6:B3:83 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 148D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QTtVe7rR4YlSme4smWRBaGmms4M.roa Signing time: Wed 11 Sep 2024 02:23:28 +0000 ROA not before: Wed 11 Sep 2024 02:23:28 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24373 IP address blocks: 103.221.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5261 (0x148d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:28 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=413B557BBAD1E1895299EE2C9964416869A6B383 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:b3:ca:15:ef:20:06:8a:ba:31:f5:41:0f:a8: 3e:72:3d:06:12:7a:38:f0:07:fc:72:dc:13:7d:08: b6:3d:d6:d9:f3:6e:0c:89:25:b0:42:97:19:f9:34: 45:05:75:8a:00:f1:cb:c1:e5:80:dd:3d:2d:24:9f: a6:a6:1b:bd:b8:57:1a:34:da:6d:97:05:1a:9c:f2: c2:91:ab:ec:01:73:c4:b6:79:0c:dc:7d:f4:5a:81: 2f:8b:dd:8e:7a:36:16:87:d9:6f:2b:3c:4b:c9:67: 3c:98:14:1d:aa:36:4e:73:a1:03:06:41:fb:0c:1e: 4c:39:80:ce:ad:5a:b8:4b:bc:bf:05:f5:b1:6f:63: 6f:d1:05:ad:21:e1:a7:89:aa:9b:21:1d:6f:33:e2: 90:9e:23:03:43:79:ea:a5:65:9b:33:3c:a0:ac:5a: 59:9f:30:aa:6e:e2:6b:cb:49:0d:17:5e:98:d2:5b: 82:f1:54:d4:4c:7a:54:16:f5:e0:6e:4a:2e:dc:2e: df:d7:1f:d6:67:a1:18:bf:57:17:95:56:c1:91:7a: 64:0e:1e:b1:8b:ee:43:a6:5c:a9:5f:09:98:55:07: 9c:a9:99:7a:11:44:7d:c6:9f:e2:ac:c2:cd:f4:51: 3c:28:e1:9c:f7:47:a6:07:3e:c0:7f:aa:44:97:16: fa:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:3B:55:7B:BA:D1:E1:89:52:99:EE:2C:99:64:41:68:69:A6:B3:83 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/QTtVe7rR4YlSme4smWRBaGmms4M.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.4.0/22 Signature Algorithm: sha256WithRSAEncryption c8:e3:ac:c5:5c:79:70:20:83:de:02:02:ec:00:9c:1c:94:d7: 80:43:76:2d:7f:37:fe:44:fd:eb:35:5b:c4:ee:ce:1e:1e:5f: 84:35:72:7e:4f:2d:d5:c0:13:e1:9e:bf:60:8f:80:42:35:a9: d5:80:11:52:dc:86:2b:71:05:8f:fb:2a:de:09:c5:f3:4e:45: b1:3d:12:4f:8f:14:72:bd:30:ae:38:4c:04:b3:8d:9c:5d:a9: b5:f8:02:24:41:b3:56:4d:e8:e3:65:99:c2:9b:29:3b:0d:f2: 80:7d:9d:75:1a:c8:15:fc:09:f3:42:e2:65:ba:bc:01:d0:15: 46:98:ce:8c:b9:7b:ac:69:3b:27:89:88:50:de:e0:2c:2d:55: de:d5:10:f0:6f:38:ef:8c:c1:53:5d:5f:d7:42:91:89:92:fe: 68:77:73:b2:4a:fa:15:62:e1:9b:1f:50:6b:dd:e2:e5:27:e7: 6b:e4:9b:09:4d:41:b0:9a:f0:2f:48:e1:8b:b0:f4:42:cc:b1: 72:24:f6:87:87:9b:0b:c5:f5:83:08:ac:6f:94:90:94:78:41: e3:d0:48:e0:98:0a:c5:de:78:df:16:39:d7:1c:11:1d:07:bf: 6c:db:c2:d2:49:c6:5c:45:d2:d3:d8:99:0c:ba:36:7b:3c:e4: b3:74:26:6f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQxM0I1NTdCQkFEMUUx ODk1Mjk5RUUyQzk5NjQ0MTY4NjlBNkIzODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgs8oV7yAGirox9UEPqD5yPQYSejjwB/xy3BN9CLY91tnzbgyJ JbBClxn5NEUFdYoA8cvB5YDdPS0kn6amG724Vxo02m2XBRqc8sKRq+wBc8S2eQzc ffRagS+L3Y56NhaH2W8rPEvJZzyYFB2qNk5zoQMGQfsMHkw5gM6tWrhLvL8F9bFv Y2/RBa0h4aeJqpshHW8z4pCeIwNDeeqlZZszPKCsWlmfMKpu4mvLSQ0XXpjSW4Lx VNRMelQW9eBuSi7cLt/XH9ZnoRi/VxeVVsGRemQOHrGL7kOmXKlfCZhVB5ypmXoR RH3Gn+Ksws30UTwo4Zz3R6YHPsB/qkSXFvqfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUQTtVe7rR4YlSme4smWRBaGmms4MwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1FUdFZlN3JSNFlsU21l NHNtV1JCYUdtbXM0TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QQwDQYJKoZIhvcNAQELBQADggEBAMjjrMVceXAgg94CAuwAnByU14BDdi1/ N/5E/es1W8Tuzh4eX4Q1cn5PLdXAE+Gev2CPgEI1qdWAEVLchitxBY/7Kt4JxfNO RbE9Ek+PFHK9MK44TASzjZxdqbX4AiRBs1ZN6ONlmcKbKTsN8oB9nXUayBX8CfNC 4mW6vAHQFUaYzoy5e6xpOyeJiFDe4CwtVd7VEPBvOO+MwVNdX9dCkYmS/mh3c7JK +hVi4ZsfUGvd4uUn52vkmwlNQbCa8C9I4Yuw9ELMsXIk9oeHmwvF9YMIrG+UkJR4 QePQSOCYCsXeeN8WOdccER0Hv2zbwtJJxlxF0tPYmQy6Nns85LN0Jm8= -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:40 2024 by rpki-client on console-fra.rpki-client.org