$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/TXtC3cZeUPlx5Djx2Y8y70EpCKE.roa File: TXtC3cZeUPlx5Djx2Y8y70EpCKE.roa (raw, json) Hash identifier: T+QOCq4HGPyGEJkOeXU4JZQ4dYUSZpQyVSAJH0OrxV4= Subject key identifier: 4D:7B:42:DD:C6:5E:50:F9:71:E4:38:F1:D9:8F:32:EF:41:29:08:A1 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1468 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TXtC3cZeUPlx5Djx2Y8y70EpCKE.roa Signing time: Wed 11 Sep 2024 02:23:16 +0000 ROA not before: Wed 11 Sep 2024 02:23:16 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.12.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5224 (0x1468) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:16 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=4D7B42DDC65E50F971E438F1D98F32EF412908A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:20:5f:76:6b:53:e7:c7:bd:06:c0:a7:1e:26: 78:b8:28:84:73:e3:8b:c7:f8:f9:18:21:e4:7a:7d: e2:07:b9:2e:17:47:15:18:9f:39:05:74:ab:4d:32: a8:23:22:96:24:80:0c:45:63:65:50:0a:ba:ec:0c: 83:7a:ef:43:e3:15:b3:80:60:45:89:67:9f:4d:83: 55:27:01:52:47:f8:0f:f0:57:51:1e:1e:a7:07:63: bf:56:e1:62:9f:0b:b3:39:63:21:d9:67:21:e7:9a: cf:b1:74:39:d3:d6:57:80:1f:85:a5:f6:6f:e7:15: e4:5b:d8:df:24:36:53:99:88:46:53:ae:ff:ad:dd: 05:12:d4:fa:81:a6:be:55:6d:dc:24:3a:f9:f9:ba: b0:e9:8e:ee:dd:6a:b6:1d:45:90:58:bf:dd:bc:f7: f8:4c:c7:ce:a8:87:12:0b:5e:e9:d9:5c:7f:f8:af: 89:02:d0:12:f2:cf:0c:1b:a7:a7:be:bd:f4:37:f2: bc:59:12:3b:c9:c8:1e:6f:ce:c6:6a:5f:18:5d:a5: f9:e5:5c:c5:82:a3:3b:92:c0:7b:78:f6:8a:09:2f: 22:86:c1:34:2e:f3:a8:a5:c5:20:93:04:0f:8e:5e: 1a:ea:b2:32:77:ad:5e:de:f4:e9:8f:9a:d9:1f:11: dc:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:7B:42:DD:C6:5E:50:F9:71:E4:38:F1:D9:8F:32:EF:41:29:08:A1 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/TXtC3cZeUPlx5Djx2Y8y70EpCKE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.12.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:52:ca:0d:fb:96:28:43:2f:c8:cc:95:bb:fe:87:d9:e6:3b: 0f:96:0c:d3:8c:a6:cb:58:7c:88:0f:0c:2b:09:81:fc:ea:e6: 48:0b:bb:d6:d0:da:cb:ca:42:9e:39:69:82:4b:32:46:b4:14: 15:2c:5a:98:87:a0:1c:d6:b7:cd:15:0c:3e:f0:28:0a:2a:68: 20:14:c9:fd:f0:cf:69:49:f3:e0:a2:c8:7b:fa:df:fd:27:dd: f3:e8:23:ea:6a:7e:47:5e:da:66:db:aa:0e:9f:b5:43:93:d8: ad:01:0b:e1:8e:b8:7e:f4:9b:a2:21:f9:06:94:94:a6:d3:10: 8d:7c:05:da:02:32:65:73:83:0d:4c:15:7a:16:9a:9d:2d:69: fe:94:2f:29:36:2e:dd:13:ef:6b:a7:60:3b:c4:c6:ba:89:4e: 3a:87:fb:26:f2:0f:a6:46:35:93:bd:13:d1:ca:47:3e:ea:a3: 01:f7:6f:ff:ea:2a:1f:27:f4:0f:6a:e3:98:86:85:a7:fd:5b: 2a:78:9e:53:dd:12:fd:e8:ca:13:70:37:6a:e6:f2:6b:2a:5b: 3a:63:4f:19:b2:ea:86:23:41:9b:8d:4c:d5:bb:a1:b6:db:fe: 87:0c:72:14:0e:59:ca:8e:ec:b7:43:50:c3:b5:22:14:f8:0b: af:c5:07:a6 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFGgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDREN0I0MkREQzY1RTUw Rjk3MUU0MzhGMUQ5OEYzMkVGNDEyOTA4QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCpIF92a1Pnx70GwKceJni4KIRz44vH+PkYIeR6feIHuS4XRxUY nzkFdKtNMqgjIpYkgAxFY2VQCrrsDIN670PjFbOAYEWJZ59Ng1UnAVJH+A/wV1Ee HqcHY79W4WKfC7M5YyHZZyHnms+xdDnT1leAH4Wl9m/nFeRb2N8kNlOZiEZTrv+t 3QUS1PqBpr5VbdwkOvn5urDpju7darYdRZBYv9289/hMx86ohxILXunZXH/4r4kC 0BLyzwwbp6e+vfQ38rxZEjvJyB5vzsZqXxhdpfnlXMWCozuSwHt49ooJLyKGwTQu 86ilxSCTBA+OXhrqsjJ3rV7e9OmPmtkfEdxhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUTXtC3cZeUPlx5Djx2Y8y70EpCKEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1RYdEMzY1plVVBseDVE angyWTh5NzBFcENLRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QwwDQYJKoZIhvcNAQELBQADggEBAC9Syg37lihDL8jMlbv+h9nmOw+WDNOM pstYfIgPDCsJgfzq5kgLu9bQ2svKQp45aYJLMka0FBUsWpiHoBzWt80VDD7wKAoq aCAUyf3wz2lJ8+CiyHv63/0n3fPoI+pqfkde2mbbqg6ftUOT2K0BC+GOuH70m6Ih +QaUlKbTEI18BdoCMmVzgw1MFXoWmp0taf6ULyk2Lt0T72unYDvExrqJTjqH+yby D6ZGNZO9E9HKRz7qowH3b//qKh8n9A9q45iGhaf9Wyp4nlPdEv3oyhNwN2rm8msq WzpjTxmy6oYjQZuNTNW7obbb/ocMchQOWcqO7LdDUMO1IhT4C6/FB6Y= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org