$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/U1J15XOTQb5t32-NfaH3ZXbJCuQ.roa File: U1J15XOTQb5t32-NfaH3ZXbJCuQ.roa (raw, json) Hash identifier: WAa6NscIx8dkkNdHMGk3LrSQiSKdiEg0QZHs1SO5qdw= Subject key identifier: 53:52:75:E5:73:93:41:BE:6D:DF:6F:8D:7D:A1:F7:65:76:C9:0A:E4 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1552 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/U1J15XOTQb5t32-NfaH3ZXbJCuQ.roa Signing time: Wed 11 Sep 2024 03:59:23 +0000 ROA not before: Wed 11 Sep 2024 03:59:23 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5458 (0x1552) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:59:23 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=535275E5739341BE6DDF6F8D7DA1F76576C90AE4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:c0:94:9a:a5:79:44:d8:5a:40:9f:3c:43:c0: 42:b3:ec:47:a3:84:ae:5d:37:f6:85:61:9a:d5:fe: ac:e3:a7:d4:ec:73:92:5d:7e:22:5b:15:28:90:64: df:11:9d:39:46:69:2c:84:b8:87:0c:49:22:c6:87: 51:14:17:81:c7:0e:d3:60:49:35:ce:2f:f3:73:fb: db:07:8f:1a:ab:27:34:2a:a5:0e:99:24:58:b5:5a: c3:65:0f:a6:02:d4:d1:dc:66:67:29:96:d9:95:59: e9:36:52:24:a1:7b:44:18:91:da:bb:fa:da:0c:3e: 42:78:b7:62:87:be:90:c1:51:2f:ae:26:90:93:5b: 4e:7b:70:77:f0:73:af:a8:13:13:b2:90:43:c4:4a: 13:53:b9:31:df:6e:06:85:62:2d:79:92:c8:db:1a: 28:9e:83:74:ad:fd:20:e7:c3:92:49:60:8d:19:aa: a7:a1:d3:72:ec:a8:1e:ff:85:c5:8c:0b:42:80:de: 0b:fb:42:73:e4:29:1f:3f:e0:1f:2a:72:02:47:31: e6:e2:be:e3:ea:65:8e:93:b2:29:6e:a8:83:36:3c: e1:c0:51:21:9e:7b:fe:ac:98:fa:65:f9:88:d5:e8: bf:72:1a:7b:71:78:f9:07:f2:53:65:3d:3e:ce:5c: ec:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:52:75:E5:73:93:41:BE:6D:DF:6F:8D:7D:A1:F7:65:76:C9:0A:E4 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/U1J15XOTQb5t32-NfaH3ZXbJCuQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.22.0/24 Signature Algorithm: sha256WithRSAEncryption 5e:00:9f:54:5b:6f:77:5a:f0:f8:aa:ea:c3:69:81:1c:8e:1f: e3:67:44:c0:c3:76:44:55:2a:35:25:3e:88:82:1f:4e:55:c5: e7:32:f4:df:1a:61:e2:dc:e8:4a:62:8e:25:94:8d:1a:d7:f8: 79:f8:34:56:14:c7:5e:33:02:76:5a:c9:22:dd:67:5b:b8:28: 40:d2:42:be:b9:d0:53:80:23:ec:fd:7c:f0:31:c9:21:42:e4: e4:8b:cf:d3:1f:bd:bb:e6:f1:c4:df:8c:d1:19:ec:a1:f0:e0: 24:b3:44:80:9b:2a:23:1e:04:c3:1b:43:df:02:40:4a:5e:7c: ad:b6:7f:fe:b8:38:5e:8a:b2:1c:85:35:86:67:dd:32:27:ce: 10:7d:b4:a6:f2:09:ca:85:a3:9c:26:10:4a:90:3c:d1:7b:dd: 0e:4d:99:ab:b5:33:60:2c:b9:03:47:f4:df:47:20:d0:d7:60: 33:7d:1d:a6:75:22:4f:8a:5e:c8:7c:26:22:1f:9a:de:3c:7c: b1:ad:06:b3:9a:a1:a8:ab:75:b8:66:bb:5c:ab:b3:e9:a5:01: 7f:bb:6a:20:6f:62:ee:ae:40:42:4a:e7:94:6c:ca:21:40:51: b7:91:75:d3:4e:94:37:83:74:d0:9a:f1:48:90:65:26:54:3a: 7f:e3:5f:ae -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFVIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU5MjNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDUzNTI3NUU1NzM5MzQx QkU2RERGNkY4RDdEQTFGNzY1NzZDOTBBRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLwJSapXlE2FpAnzxDwEKz7EejhK5dN/aFYZrV/qzjp9Tsc5Jd fiJbFSiQZN8RnTlGaSyEuIcMSSLGh1EUF4HHDtNgSTXOL/Nz+9sHjxqrJzQqpQ6Z JFi1WsNlD6YC1NHcZmcpltmVWek2UiShe0QYkdq7+toMPkJ4t2KHvpDBUS+uJpCT W057cHfwc6+oExOykEPEShNTuTHfbgaFYi15ksjbGiieg3St/SDnw5JJYI0Zqqeh 03LsqB7/hcWMC0KA3gv7QnPkKR8/4B8qcgJHMebivuPqZY6TsiluqIM2POHAUSGe e/6smPpl+YjV6L9yGntxePkH8lNlPT7OXOy3AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUU1J15XOTQb5t32+NfaH3ZXbJCuQwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1UxSjE1WE9UUWI1dDMy LU5mYUgzWlhiSkN1US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RYwDQYJKoZIhvcNAQELBQADggEBAF4An1Rbb3da8Piq6sNpgRyOH+NnRMDD dkRVKjUlPoiCH05Vxecy9N8aYeLc6EpijiWUjRrX+Hn4NFYUx14zAnZaySLdZ1u4 KEDSQr650FOAI+z9fPAxySFC5OSLz9Mfvbvm8cTfjNEZ7KHw4CSzRICbKiMeBMMb Q98CQEpefK22f/64OF6KshyFNYZn3TInzhB9tKbyCcqFo5wmEEqQPNF73Q5Nmau1 M2AsuQNH9N9HINDXYDN9HaZ1Ik+KXsh8JiIfmt48fLGtBrOaoairdbhmu1yrs+ml AX+7aiBvYu6uQEJK55RsyiFAUbeRddNOlDeDdNCa8UiQZSZUOn/jX64= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:46 2024 by rpki-client on console-ams.rpki-client.org