$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/VoaLBaKmL8TcltEBxkHWX5oh2G8.roa File: VoaLBaKmL8TcltEBxkHWX5oh2G8.roa (raw, json) Hash identifier: u303kXQtatziJwMkyYE8SBHAvn4+YckyHkQ821UDW6o= Subject key identifier: 56:86:8B:05:A2:A6:2F:C4:DC:96:D1:01:C6:41:D6:5F:9A:21:D8:6F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 150D Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/VoaLBaKmL8TcltEBxkHWX5oh2G8.roa Signing time: Wed 11 Sep 2024 02:27:34 +0000 ROA not before: Wed 11 Sep 2024 02:27:34 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5389 (0x150d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:27:34 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=56868B05A2A62FC4DC96D101C641D65F9A21D86F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f3:75:76:29:ed:f5:0f:f7:f1:08:f5:23:2d: 1c:7a:48:68:db:67:ac:42:5a:ef:ab:32:6f:9a:da: cb:ef:48:2d:46:c5:8c:d6:40:fd:03:ee:f4:89:96: 17:df:49:b6:0d:c6:5a:49:04:d8:6c:75:ab:f8:64: 76:aa:d0:39:27:22:bc:a4:39:28:f6:c5:c8:27:28: 96:04:ea:c0:8b:55:27:75:99:51:26:c6:79:9f:0e: a8:e4:d9:ef:db:49:46:04:7d:8d:a0:e6:f5:bf:a2: fb:ea:c6:d5:bd:13:f2:9a:ff:f0:c3:f4:12:af:98: f2:d0:7b:c4:46:45:84:bb:14:1f:dd:e3:aa:1f:dc: 97:ca:65:61:f1:53:5d:ac:97:74:e2:4e:53:d8:87: 53:4c:a2:9d:d4:c1:1d:b6:52:b4:d7:fd:00:c2:86: a2:98:27:08:30:9f:3d:62:2e:8f:fc:dd:d1:6c:ad: 09:9d:67:23:c6:cd:38:ed:44:32:d7:57:0f:2a:92: 3b:0a:72:03:e5:d2:de:d9:60:69:52:90:b6:e7:77: f0:bf:b4:a5:8a:6d:0a:31:d2:e5:2c:a5:04:9e:82: 87:5e:09:75:fc:39:36:95:22:12:64:6c:e4:b4:14: 50:77:20:4f:27:71:5f:4f:ff:90:54:d4:b6:04:d0: 84:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:86:8B:05:A2:A6:2F:C4:DC:96:D1:01:C6:41:D6:5F:9A:21:D8:6F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/VoaLBaKmL8TcltEBxkHWX5oh2G8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.20.0/24 Signature Algorithm: sha256WithRSAEncryption c0:e5:9e:29:8e:19:08:ff:21:2f:c3:08:db:79:6a:0a:ac:49: 62:47:54:2e:c2:54:72:ed:b0:02:55:fc:82:dd:af:f0:0a:da: 4d:ed:f4:9a:12:6e:a7:37:b9:15:8a:e3:4b:2c:60:d8:3a:88: 52:24:6c:82:a8:cf:c1:70:cb:37:c7:31:34:49:3f:23:37:1b: cc:df:71:e6:0b:5b:51:19:57:11:bc:e0:e5:02:25:7a:ab:71: 92:4f:82:1c:98:09:06:d5:ed:4a:81:b1:60:c2:6e:d2:83:9a: 3a:b3:a0:b0:99:c8:f6:a6:4d:5f:fb:94:43:e8:85:e1:25:39: ce:09:44:30:2c:15:0b:3a:9f:1c:e2:0f:46:7f:9c:1b:5d:4b: 18:fd:5d:c2:2c:0f:0b:45:f3:a0:fd:e2:39:df:ac:92:eb:4a: 37:79:64:f9:84:c3:25:48:9f:24:90:ea:cd:24:77:0b:97:43: a1:e9:9e:ef:ae:54:1f:21:34:65:86:05:7c:45:24:81:0a:43: 04:5e:23:9e:97:77:06:86:70:5c:c9:d0:a7:65:b7:93:23:24: d1:c1:aa:d8:0a:43:84:98:b6:a9:9f:39:07:86:5b:7a:c7:66: 44:08:d0:7a:92:46:e7:8f:3b:d1:0c:e3:38:97:e3:47:bf:ff: 1c:7a:a7:a2 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFQ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjI3MzRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU2ODY4QjA1QTJBNjJG QzREQzk2RDEwMUM2NDFENjVGOUEyMUQ4NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCu83V2Ke31D/fxCPUjLRx6SGjbZ6xCWu+rMm+a2svvSC1GxYzW QP0D7vSJlhffSbYNxlpJBNhsdav4ZHaq0DknIrykOSj2xcgnKJYE6sCLVSd1mVEm xnmfDqjk2e/bSUYEfY2g5vW/ovvqxtW9E/Ka//DD9BKvmPLQe8RGRYS7FB/d46of 3JfKZWHxU12sl3TiTlPYh1NMop3UwR22UrTX/QDChqKYJwgwnz1iLo/83dFsrQmd ZyPGzTjtRDLXVw8qkjsKcgPl0t7ZYGlSkLbnd/C/tKWKbQox0uUspQSegodeCXX8 OTaVIhJkbOS0FFB3IE8ncV9P/5BU1LYE0IRjAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUVoaLBaKmL8TcltEBxkHWX5oh2G8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1ZvYUxCYUttTDhUY2x0 RUJ4a0hXWDVvaDJHOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RQwDQYJKoZIhvcNAQELBQADggEBAMDlnimOGQj/IS/DCNt5agqsSWJHVC7C VHLtsAJV/ILdr/AK2k3t9JoSbqc3uRWK40ssYNg6iFIkbIKoz8FwyzfHMTRJPyM3 G8zfceYLW1EZVxG84OUCJXqrcZJPghyYCQbV7UqBsWDCbtKDmjqzoLCZyPamTV/7 lEPoheElOc4JRDAsFQs6nxziD0Z/nBtdSxj9XcIsDwtF86D94jnfrJLrSjd5ZPmE wyVInySQ6s0kdwuXQ6Hpnu+uVB8hNGWGBXxFJIEKQwReI56XdwaGcFzJ0Kdlt5Mj JNHBqtgKQ4SYtqmfOQeGW3rHZkQI0HqSRuePO9EM4ziX40e//xx6p6I= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:47 2024 by rpki-client on console-ams.rpki-client.org