$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/R-Ff3n9U3s0DQ64SViQkcpn2AUU.roa File: R-Ff3n9U3s0DQ64SViQkcpn2AUU.roa (raw, json) Hash identifier: U48SnZtMmSLHe6972t5B8yanUjSb2YiCnJLCi3ya/+0= Subject key identifier: 47:E1:5F:DE:7F:54:DE:CD:03:43:AE:12:56:24:24:72:99:F6:01:45 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 153A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R-Ff3n9U3s0DQ64SViQkcpn2AUU.roa Signing time: Wed 11 Sep 2024 03:57:54 +0000 ROA not before: Wed 11 Sep 2024 03:57:54 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5434 (0x153a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:57:54 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=47E15FDE7F54DECD0343AE125624247299F60145 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:fc:cb:68:12:5a:1c:1c:8c:94:7a:a4:fb:8a: 74:fa:e6:17:56:0c:a3:91:93:62:37:df:8a:67:19: 53:ad:37:d8:b8:3e:a9:a1:b7:cf:83:c3:b0:60:34: 20:f7:1e:52:56:ee:f7:02:4c:dc:ae:14:60:0a:20: 56:04:36:bf:a4:82:1d:5d:b3:f5:de:48:eb:71:ac: d5:dc:72:00:50:94:1b:48:47:e1:59:f4:f2:28:dc: 66:8c:59:0a:4a:81:b8:0c:b5:38:82:37:99:07:39: 61:85:ca:57:bf:8e:2f:06:53:32:b3:52:38:8a:c8: b9:42:f1:d9:c0:75:34:74:85:e1:b6:ed:b4:03:2b: 32:85:6f:4d:d7:e4:b7:6b:27:1e:d4:5e:41:a2:fb: 2f:f2:f2:6c:bd:f9:fc:9d:db:7b:24:ad:58:04:47: 97:66:ff:6d:ec:3d:92:ef:fb:dd:09:65:0f:20:2c: fa:6d:bb:d4:e6:a3:e2:3a:02:24:36:f3:54:f4:0a: 05:63:c4:2c:85:84:27:94:9f:72:b4:3f:52:1d:48: 2c:d5:98:28:2e:61:0b:ab:15:71:72:9a:d1:9e:71: dd:18:a7:15:20:d1:da:61:50:67:77:73:ac:25:ed: b4:cb:d5:46:fa:36:15:5b:91:1f:c9:d8:59:d6:0a: 30:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:E1:5F:DE:7F:54:DE:CD:03:43:AE:12:56:24:24:72:99:F6:01:45 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/R-Ff3n9U3s0DQ64SViQkcpn2AUU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.0.0/24 Signature Algorithm: sha256WithRSAEncryption 09:3a:83:cf:da:bf:39:19:9e:f6:85:7f:65:40:24:38:52:e2: 8a:12:75:45:99:4c:24:64:a7:cb:ac:ea:7e:81:72:dc:df:f4: 5e:22:00:3b:85:e6:3e:34:73:2f:f7:d4:eb:88:ed:66:00:ae: 7c:ca:20:8f:c9:e2:36:9b:28:26:19:4d:89:c8:22:4a:8d:d3: bc:bf:23:a3:07:4a:d6:a7:02:0a:70:1a:a6:8b:80:d1:93:39: 3b:42:df:56:c7:b7:ea:b6:5a:88:c9:93:9d:a8:18:8e:a6:70: 62:7f:e0:13:ff:54:d2:29:70:35:15:ca:cd:84:de:d5:9c:fe: 04:56:d0:b9:88:7a:1c:ef:aa:df:f2:91:dc:27:c8:79:52:87: 18:29:27:c5:69:f6:d5:7b:f9:a7:58:28:6b:a1:77:3e:46:d8: ac:e9:89:3a:cb:b6:ce:aa:9d:0b:7d:39:73:6e:83:6a:a3:55: d8:0f:78:68:aa:cd:b2:25:40:e1:04:1e:08:af:14:5b:dd:80: 31:50:95:59:d4:92:e2:96:1a:15:ad:3b:af:a8:31:b5:37:b6: c6:ed:bf:e2:df:47:1a:b1:4d:0a:77:dc:b1:7f:1d:da:5a:d7: 70:f4:d1:4b:82:c1:a5:36:0e:b3:2c:e6:cc:4a:a6:29:5f:4a: f4:3d:e5:1e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFTowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU3NTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ3RTE1RkRFN0Y1NERF Q0QwMzQzQUUxMjU2MjQyNDcyOTlGNjAxNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCh/MtoElocHIyUeqT7inT65hdWDKORk2I334pnGVOtN9i4Pqmh t8+Dw7BgNCD3HlJW7vcCTNyuFGAKIFYENr+kgh1ds/XeSOtxrNXccgBQlBtIR+FZ 9PIo3GaMWQpKgbgMtTiCN5kHOWGFyle/ji8GUzKzUjiKyLlC8dnAdTR0heG27bQD KzKFb03X5LdrJx7UXkGi+y/y8my9+fyd23skrVgER5dm/23sPZLv+90JZQ8gLPpt u9Tmo+I6AiQ281T0CgVjxCyFhCeUn3K0P1IdSCzVmCguYQurFXFymtGecd0YpxUg 0dphUGd3c6wl7bTL1Ub6NhVbkR/J2FnWCjDDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUR+Ff3n9U3s0DQ64SViQkcpn2AUUwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1ItRmYzbjlVM3MwRFE2 NFNWaVFrY3BuMkFVVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QAwDQYJKoZIhvcNAQELBQADggEBAAk6g8/avzkZnvaFf2VAJDhS4ooSdUWZ TCRkp8us6n6Bctzf9F4iADuF5j40cy/31OuI7WYArnzKII/J4jabKCYZTYnIIkqN 07y/I6MHStanAgpwGqaLgNGTOTtC31bHt+q2WojJk52oGI6mcGJ/4BP/VNIpcDUV ys2E3tWc/gRW0LmIehzvqt/ykdwnyHlShxgpJ8Vp9tV7+adYKGuhdz5G2KzpiTrL ts6qnQt9OXNug2qjVdgPeGiqzbIlQOEEHgivFFvdgDFQlVnUkuKWGhWtO6+oMbU3 tsbtv+LfRxqxTQp33LF/Hdpa13D00UuCwaU2DrMs5sxKpilfSvQ95R4= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org