$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/Y9H6Jdbgv1nYdbdVxhVcEc8XeRE.roa File: Y9H6Jdbgv1nYdbdVxhVcEc8XeRE.roa (raw, json) Hash identifier: EBMx835HKWD2VaWajIpLfO0BMaJHOZci99+Nz3393ec= Subject key identifier: 63:D1:FA:25:D6:E0:BF:59:D8:75:B7:55:C6:15:5C:11:CF:17:79:11 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14FF Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Y9H6Jdbgv1nYdbdVxhVcEc8XeRE.roa Signing time: Wed 11 Sep 2024 02:27:30 +0000 ROA not before: Wed 11 Sep 2024 02:27:30 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5375 (0x14ff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:27:30 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=63D1FA25D6E0BF59D875B755C6155C11CF177911 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:c0:80:44:f2:9f:9b:85:f5:6f:d9:70:dd:f4: 88:1a:8a:f2:46:94:2f:58:57:ef:70:60:e5:0e:c3: 7a:54:45:de:f2:3b:46:a6:30:a0:f8:40:4a:19:a3: 2a:69:a1:2a:94:7a:77:f9:25:0b:22:ca:c0:2a:4f: f9:72:60:5a:a4:0e:d3:e4:2d:cb:38:8a:53:ad:3d: c3:43:c3:8a:30:52:76:2e:65:a9:d7:00:16:ef:bf: cf:e5:8c:4d:40:8a:66:10:83:08:bc:22:67:4a:74: 3d:29:26:a1:dd:5b:60:ae:26:a2:10:0b:e2:1c:8c: cb:59:45:3c:db:d6:42:d2:09:34:bc:31:96:97:1a: a9:58:37:e9:2a:32:b0:11:f4:b0:b5:c2:c0:f6:c2: 31:62:91:b8:25:bb:8c:a6:93:51:67:a6:0c:12:44: d2:c4:c9:1d:3e:d4:37:f3:da:11:1d:74:cb:7f:85: 54:3b:38:ec:9f:66:9e:64:b5:9e:d3:04:79:16:66: 3c:58:f9:87:97:26:f6:3d:f7:2e:55:fa:e0:99:d5: a0:70:b8:c9:e1:b9:59:c4:7a:3c:4c:01:8a:98:dc: e3:26:54:96:2f:3e:e1:9e:cc:20:20:1b:85:53:49: be:70:84:78:7f:cb:4d:98:be:8d:56:c5:d5:48:fd: 96:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:D1:FA:25:D6:E0:BF:59:D8:75:B7:55:C6:15:5C:11:CF:17:79:11 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/Y9H6Jdbgv1nYdbdVxhVcEc8XeRE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.38.0/24 Signature Algorithm: sha256WithRSAEncryption 85:a3:21:ca:ac:04:36:37:85:63:6b:19:e2:78:2d:d6:87:7f: a5:f8:ca:76:45:77:15:dc:0a:20:e0:c2:c3:e2:96:61:42:9b: 20:fb:2b:ee:2d:e1:f3:bf:63:ee:7b:af:9f:80:6a:d3:86:d5: 8d:b8:69:f4:2c:a2:4e:dd:06:41:86:c1:cf:7d:d8:49:fe:61: a2:aa:fe:e7:88:e4:59:e7:6f:ef:ec:a9:8c:be:9f:fc:54:85: cf:54:90:4a:ee:44:d7:ca:8c:11:7d:1f:20:d9:71:a2:43:18: a6:46:c1:27:9b:99:e5:4b:71:3e:ec:68:0e:69:63:88:25:65: 80:79:6b:93:cc:e4:9e:e6:0f:53:4a:70:93:58:2d:a4:93:dd: 05:ff:8b:39:69:47:8e:cd:f9:16:21:d6:7f:61:4f:19:df:86: 78:d6:9b:3a:51:1b:a8:5f:e3:7d:75:b9:c4:aa:18:aa:53:24: 59:e8:70:ee:b7:c5:3c:70:44:e8:5e:b6:73:e8:3c:29:91:aa: 6b:5e:7a:04:28:91:d3:db:88:a1:b8:76:ee:b7:1a:17:e3:e7: cb:d5:c0:10:f4:77:a9:12:a8:31:8d:14:74:ac:e1:a4:f2:35: a1:48:c5:06:3f:68:85:d4:de:fe:b7:70:5b:de:6a:36:be:2d: 2e:f3:31:bb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFP8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjI3MzBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYzRDFGQTI1RDZFMEJG NTlEODc1Qjc1NUM2MTU1QzExQ0YxNzc5MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFwIBE8p+bhfVv2XDd9IgaivJGlC9YV+9wYOUOw3pURd7yO0am MKD4QEoZoyppoSqUenf5JQsiysAqT/lyYFqkDtPkLcs4ilOtPcNDw4owUnYuZanX ABbvv8/ljE1AimYQgwi8ImdKdD0pJqHdW2CuJqIQC+IcjMtZRTzb1kLSCTS8MZaX GqlYN+kqMrAR9LC1wsD2wjFikbglu4ymk1FnpgwSRNLEyR0+1Dfz2hEddMt/hVQ7 OOyfZp5ktZ7TBHkWZjxY+YeXJvY99y5V+uCZ1aBwuMnhuVnEejxMAYqY3OMmVJYv PuGezCAgG4VTSb5whHh/y02Yvo1WxdVI/Za5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUY9H6Jdbgv1nYdbdVxhVcEc8XeREwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L1k5SDZKZGJndjFuWWRi ZFZ4aFZjRWM4WGVSRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SYwDQYJKoZIhvcNAQELBQADggEBAIWjIcqsBDY3hWNrGeJ4LdaHf6X4ynZF dxXcCiDgwsPilmFCmyD7K+4t4fO/Y+57r5+AatOG1Y24afQsok7dBkGGwc992En+ YaKq/ueI5Fnnb+/sqYy+n/xUhc9UkEruRNfKjBF9HyDZcaJDGKZGwSebmeVLcT7s aA5pY4glZYB5a5PM5J7mD1NKcJNYLaST3QX/izlpR47N+RYh1n9hTxnfhnjWmzpR G6hf4311ucSqGKpTJFnocO63xTxwROhetnPoPCmRqmteegQokdPbiKG4du63Ghfj 58vVwBD0d6kSqDGNFHSs4aTyNaFIxQY/aIXU3v63cFveaja+LS7zMbs= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:47 2024 by rpki-client on console-ams.rpki-client.org