$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/bSCOKjVPedPqWAcXUrHyCc43CDE.roa File: bSCOKjVPedPqWAcXUrHyCc43CDE.roa (raw, json) Hash identifier: JWtxss9/lTap9AMFZkMuJmWdIJ4f1LlD3D9V3JnhFEE= Subject key identifier: 6D:20:8E:2A:35:4F:79:D3:EA:58:07:17:52:B1:F2:09:CE:37:08:31 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14A8 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/bSCOKjVPedPqWAcXUrHyCc43CDE.roa Signing time: Wed 11 Sep 2024 02:23:36 +0000 ROA not before: Wed 11 Sep 2024 02:23:36 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24373 IP address blocks: 103.221.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5288 (0x14a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:36 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6D208E2A354F79D3EA58071752B1F209CE370831 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:97:9c:11:79:68:27:0d:bb:03:82:f7:c4:24: 49:9c:08:c1:62:ba:b5:ba:62:2d:19:c7:33:bd:f7: f4:ec:05:02:b0:fb:af:fb:b5:87:d6:74:51:8e:52: 2a:f7:a5:56:9e:94:1b:76:ae:7a:02:53:e0:38:e6: a0:90:60:45:31:46:5f:fe:9f:90:ab:42:de:9a:a0: 34:8a:59:7c:a6:44:6c:87:09:bb:3b:5e:d4:83:34: ac:d1:4c:0c:09:41:81:7e:3e:7f:10:c7:e1:51:f2: 73:13:50:1d:78:4f:7f:74:04:3d:9f:2c:0c:7c:bc: 3e:38:76:71:a1:28:d9:45:17:bd:f0:0f:9f:c2:71: 77:5a:a8:01:1d:5e:18:a8:a9:55:84:2f:02:ab:24: cc:d2:10:7b:f8:5d:5e:56:2a:8e:df:e5:42:f3:8b: 51:8c:fd:f2:24:02:58:72:81:83:f8:b2:dc:0d:60: fd:96:26:0b:45:38:b7:80:b7:69:4c:58:d6:08:94: 33:e7:e6:21:e1:1f:5d:bd:c0:f7:c3:87:72:0a:16: 76:6f:ce:28:51:40:d1:86:cb:34:2c:56:41:03:cb: df:14:a3:1b:6d:35:b6:21:08:1a:6e:2c:8c:83:9d: 00:91:56:a7:92:0f:a8:7c:10:6e:8b:30:bb:91:a6: 48:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:20:8E:2A:35:4F:79:D3:EA:58:07:17:52:B1:F2:09:CE:37:08:31 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/bSCOKjVPedPqWAcXUrHyCc43CDE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.92.0/22 Signature Algorithm: sha256WithRSAEncryption 3d:70:72:89:bf:a5:23:08:60:c4:88:aa:eb:69:e7:97:48:48: 88:fb:6e:09:24:b3:e4:96:45:a3:9a:30:a4:3a:77:1a:06:ca: 87:56:30:20:b0:58:76:ca:94:f4:ab:d7:31:b1:c8:16:d7:08: b0:e0:ff:81:d3:e5:e5:80:9b:09:a5:a2:48:76:18:fc:bd:74: 77:df:f1:49:86:80:96:6c:2b:34:a7:b0:dd:de:1e:8a:dc:56: 0d:20:22:60:15:6e:16:26:23:86:50:43:a2:6a:e0:10:5c:8b: fd:44:bd:93:d2:3b:c2:c3:56:b7:89:ea:ca:70:06:42:88:6d: 7c:fe:bc:3d:34:4f:23:93:9e:7c:bd:b0:ca:b1:be:ad:af:68: 8c:2a:ab:0f:54:44:1e:f1:9b:17:a6:7c:fb:03:9a:6d:a5:c6: d9:6b:3d:01:ec:f8:93:9d:05:63:4a:79:0f:25:21:3b:52:34: 96:90:0c:83:ca:35:c7:31:ba:18:bb:90:59:8d:e8:d2:1d:61: 9b:e7:89:a4:2b:2e:0e:d4:40:34:bd:fa:c0:4b:c5:f8:bb:78: 8f:ec:03:3f:fa:d4:72:75:c7:61:26:b1:d9:54:e5:21:1b:cb: 0f:a7:ed:fb:8e:de:d2:76:a8:74:d5:09:49:94:db:f5:75:3e: 72:c8:a0:4e -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDZEMjA4RTJBMzU0Rjc5 RDNFQTU4MDcxNzUyQjFGMjA5Q0UzNzA4MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCal5wReWgnDbsDgvfEJEmcCMFiurW6Yi0ZxzO99/TsBQKw+6/7 tYfWdFGOUir3pVaelBt2rnoCU+A45qCQYEUxRl/+n5CrQt6aoDSKWXymRGyHCbs7 XtSDNKzRTAwJQYF+Pn8Qx+FR8nMTUB14T390BD2fLAx8vD44dnGhKNlFF73wD5/C cXdaqAEdXhioqVWELwKrJMzSEHv4XV5WKo7f5ULzi1GM/fIkAlhygYP4stwNYP2W JgtFOLeAt2lMWNYIlDPn5iHhH129wPfDh3IKFnZvzihRQNGGyzQsVkEDy98Uoxtt NbYhCBpuLIyDnQCRVqeSD6h8EG6LMLuRpkgDAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUbSCOKjVPedPqWAcXUrHyCc43CDEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2JTQ09LalZQZWRQcVdB Y1hVckh5Q2M0M0NERS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3VwwDQYJKoZIhvcNAQELBQADggEBAD1wcom/pSMIYMSIqutp55dISIj7bgkk s+SWRaOaMKQ6dxoGyodWMCCwWHbKlPSr1zGxyBbXCLDg/4HT5eWAmwmlokh2GPy9 dHff8UmGgJZsKzSnsN3eHorcVg0gImAVbhYmI4ZQQ6Jq4BBci/1EvZPSO8LDVreJ 6spwBkKIbXz+vD00TyOTnny9sMqxvq2vaIwqqw9URB7xmxemfPsDmm2lxtlrPQHs +JOdBWNKeQ8lITtSNJaQDIPKNccxuhi7kFmN6NIdYZvniaQrLg7UQDS9+sBLxfi7 eI/sAz/61HJ1x2EmsdlU5SEbyw+n7fuO3tJ2qHTVCUmU2/V1PnLIoE4= -----END CERTIFICATE-----Generated at Fri Nov 22 14:30:56 2024 by rpki-client on console-ams.rpki-client.org