$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/XAdRX0EPNYRSxLiUlSaE6BTZ3VY.roa File: XAdRX0EPNYRSxLiUlSaE6BTZ3VY.roa (raw, json) Hash identifier: iYlinYcoVRDIjDQYXU7/WDQ//zKMG4b3cVQpAtqNIvQ= Subject key identifier: 5C:07:51:5F:41:0F:35:84:52:C4:B8:94:95:26:84:E8:14:D9:DD:56 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1487 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XAdRX0EPNYRSxLiUlSaE6BTZ3VY.roa Signing time: Wed 11 Sep 2024 02:23:26 +0000 ROA not before: Wed 11 Sep 2024 02:23:26 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 138527 IP address blocks: 103.221.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5255 (0x1487) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:26 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=5C07515F410F358452C4B894952684E814D9DD56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:c8:f7:55:24:9c:01:8a:2c:ce:90:f0:5e:5e: 2d:47:c3:a8:47:d3:6b:04:5a:3e:2c:80:fe:8d:7f: 90:88:4d:af:0f:f6:ad:f2:13:d7:00:a0:b3:44:bb: 3d:eb:97:04:6d:54:3c:2f:b0:2c:03:fc:7b:2a:ff: c0:a2:28:b0:cb:11:3f:04:57:cc:56:4c:59:18:4a: fc:16:41:55:1e:df:e0:78:35:ee:b4:d7:f1:cd:cf: f9:76:ff:f4:c3:fe:00:a6:17:9d:cf:6d:9e:7f:d2: 12:7e:47:2d:34:86:66:45:15:6c:cf:0b:66:04:80: cd:ef:89:67:b8:30:7c:0e:9c:ce:a1:29:94:2c:30: 46:4e:f9:21:6b:c4:08:85:86:c5:dc:ec:e8:19:24: ef:d2:f3:d6:50:a8:36:69:fc:99:90:7b:05:21:7b: 39:bf:e0:5e:c3:46:a2:dd:b7:56:25:41:eb:b9:d4: f0:e9:66:cd:29:99:ce:e7:90:7a:23:c6:32:b2:c4: 9f:be:c6:5e:1e:51:48:89:86:7f:1e:73:23:46:70: 43:02:64:da:37:6d:3e:1a:53:9f:45:b7:9b:a1:43: b2:fb:ce:23:7d:31:f9:0d:ff:ed:bb:33:2f:a6:c7: 55:77:9b:7e:be:8a:80:1e:f3:00:fc:c5:42:75:97: 57:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:07:51:5F:41:0F:35:84:52:C4:B8:94:95:26:84:E8:14:D9:DD:56 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/XAdRX0EPNYRSxLiUlSaE6BTZ3VY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.4.0/22 Signature Algorithm: sha256WithRSAEncryption a1:0c:52:df:29:c5:8a:ba:1a:3d:5b:96:7b:56:09:a2:e8:ac: 84:d5:3f:0a:a2:d2:a0:46:9c:3f:af:ad:77:46:b8:d5:e1:65: 4f:fa:d8:9e:8e:5c:95:86:ad:cc:0b:43:76:e6:3b:c7:78:a6: ed:01:2d:c4:38:15:00:45:74:72:fa:68:cf:78:47:e8:54:78: 93:48:bb:80:d2:69:aa:26:c6:68:70:7d:ec:36:66:9c:50:d0: f5:72:d7:72:d9:a1:9a:f9:55:ca:c0:cc:c8:98:0c:fa:d6:50: 4b:28:e9:36:d5:b4:1c:c1:6e:dc:76:1a:36:16:18:64:5d:88: 75:8d:9d:35:09:01:a7:40:cb:80:05:ca:e4:3f:bc:b7:5f:17: c6:d3:a1:e7:b9:80:69:7c:41:b3:b6:4d:09:fd:c4:0f:c9:8a: 22:a7:f9:21:82:97:8a:dc:3d:e3:9c:4d:c5:5a:35:d3:98:b4: 2d:5b:c8:1d:a8:0c:d3:f0:de:26:fa:ac:3e:de:d5:5a:9e:7d: db:a6:18:4f:c2:6d:6e:f7:cb:ee:46:79:da:d6:99:e4:c6:7c: ae:57:8a:82:d3:0a:8c:41:0f:dc:0c:3a:39:02:e6:9e:c2:fa: b4:5b:3a:21:75:01:15:54:b0:d5:09:22:27:f0:8f:49:fc:75: 48:35:4b:75 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFIcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVDMDc1MTVGNDEwRjM1 ODQ1MkM0Qjg5NDk1MjY4NEU4MTREOURENTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0yPdVJJwBiizOkPBeXi1Hw6hH02sEWj4sgP6Nf5CITa8P9q3y E9cAoLNEuz3rlwRtVDwvsCwD/Hsq/8CiKLDLET8EV8xWTFkYSvwWQVUe3+B4Ne60 1/HNz/l2//TD/gCmF53PbZ5/0hJ+Ry00hmZFFWzPC2YEgM3viWe4MHwOnM6hKZQs MEZO+SFrxAiFhsXc7OgZJO/S89ZQqDZp/JmQewUhezm/4F7DRqLdt1YlQeu51PDp Zs0pmc7nkHojxjKyxJ++xl4eUUiJhn8ecyNGcEMCZNo3bT4aU59Ft5uhQ7L7ziN9 MfkN/+27My+mx1V3m36+ioAe8wD8xUJ1l1fBAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUXAdRX0EPNYRSxLiUlSaE6BTZ3VYwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1hBZFJYMEVQTllSU3hM aVVsU2FFNkJUWjNWWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QQwDQYJKoZIhvcNAQELBQADggEBAKEMUt8pxYq6Gj1blntWCaLorITVPwqi 0qBGnD+vrXdGuNXhZU/62J6OXJWGrcwLQ3bmO8d4pu0BLcQ4FQBFdHL6aM94R+hU eJNIu4DSaaomxmhwfew2ZpxQ0PVy13LZoZr5VcrAzMiYDPrWUEso6TbVtBzBbtx2 GjYWGGRdiHWNnTUJAadAy4AFyuQ/vLdfF8bToee5gGl8QbO2TQn9xA/JiiKn+SGC l4rcPeOcTcVaNdOYtC1byB2oDNPw3ib6rD7e1VqefdumGE/CbW73y+5GedrWmeTG fK5XioLTCoxBD9wMOjkC5p7C+rRbOiF1ARVUsNUJIifwj0n8dUg1S3U= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org