$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/cnXrVaoVs_V5nmb8NEhnspWEFA8.roa File: cnXrVaoVs_V5nmb8NEhnspWEFA8.roa (raw, json) Hash identifier: BHvF1hhPYtaXNC/iFdVDrWU8fKbfZarL+JOVgruP/Rg= Subject key identifier: 72:75:EB:55:AA:15:B3:F5:79:9E:66:FC:34:48:67:B2:95:84:14:0F Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1538 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cnXrVaoVs_V5nmb8NEhnspWEFA8.roa Signing time: Wed 11 Sep 2024 03:57:54 +0000 ROA not before: Wed 11 Sep 2024 03:57:54 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.5.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5432 (0x1538) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:57:54 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=7275EB55AA15B3F5799E66FC344867B29584140F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:5c:4a:fe:c2:8c:a4:9c:f3:09:6f:52:8a:76: 42:97:a7:9c:52:f3:fc:13:8d:41:fa:be:48:2c:be: 6b:cd:ae:df:c4:ed:bb:f1:76:4a:cd:db:29:47:3d: 2a:75:08:76:a8:18:d1:1e:22:03:03:ff:33:a8:61: 7d:58:75:22:5a:19:70:03:8d:2c:b0:9b:40:52:fa: be:81:12:95:35:a7:93:20:e9:fc:b6:94:f3:4e:48: 1d:df:fa:c6:c4:02:0b:91:c0:f8:5c:46:51:bb:1d: 5d:c3:3a:57:71:46:66:f2:c8:a5:4c:db:b3:29:9d: 74:28:62:9d:c6:14:be:7c:b6:29:ac:64:7e:b9:e7: 96:ab:b3:35:3a:81:ef:86:6f:32:db:38:b4:3f:a9: 86:52:2a:b4:52:8b:16:6d:68:97:b5:e3:47:93:61: 7c:9e:68:ad:c6:5a:a9:b1:cc:6b:2b:0b:a2:5b:5a: 39:65:b1:d9:d2:dc:8c:f9:fa:4a:33:3e:e3:bd:a1: d7:07:19:9a:ea:23:87:5b:36:67:26:1e:d0:9f:cc: 75:b9:f9:b8:1e:93:00:60:73:7e:7c:7b:6e:d6:fb: ae:a8:18:2c:63:6b:ea:81:eb:cc:85:b4:92:b4:14: 02:52:11:e7:3f:02:18:3a:fa:c3:78:87:6b:62:d1: 5c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:75:EB:55:AA:15:B3:F5:79:9E:66:FC:34:48:67:B2:95:84:14:0F X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/cnXrVaoVs_V5nmb8NEhnspWEFA8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.5.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:a3:52:20:0f:53:db:b7:ae:ef:15:84:ee:98:b3:51:87:50: 73:e7:df:69:da:a2:14:94:19:9b:2a:da:e1:db:1b:6a:f4:70: c7:15:dc:ae:e0:e5:bd:0a:43:54:c2:64:0b:16:85:4d:dd:7d: a7:36:2b:e0:ec:0c:ee:e9:a0:e2:06:09:ac:e2:26:52:30:bf: aa:7d:78:5d:9a:6f:87:f3:30:7b:a1:18:f4:54:12:22:e9:d5: 57:11:c8:91:54:8c:7d:f6:97:31:6f:48:8d:d8:67:7f:3e:1b: 65:25:2f:35:b6:1c:12:7a:b8:d8:31:c0:37:3b:0a:00:24:a0: eb:70:97:6d:cb:28:7b:bf:f7:2f:88:17:99:bf:8e:61:10:08: f9:62:be:47:cf:0f:82:aa:32:11:79:bb:5b:14:2f:c4:e8:0c: a0:dc:fc:79:1f:b4:53:72:4e:b2:2b:5c:bb:63:b1:07:25:a8: ec:53:9f:6f:16:ae:0a:91:0f:df:22:67:fd:d4:65:c7:d0:5e: c5:17:4d:f0:5a:69:67:ba:43:ef:2f:30:e1:1b:0e:6f:e4:55: d5:86:5e:e4:63:29:0d:86:5e:c0:c6:99:ea:31:f8:36:7e:4e: c0:bf:fe:30:88:f2:65:37:5a:d3:07:c8:6c:de:a2:1d:69:33: ac:67:68:b5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFTgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU3NTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDcyNzVFQjU1QUExNUIz RjU3OTlFNjZGQzM0NDg2N0IyOTU4NDE0MEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCYXEr+woyknPMJb1KKdkKXp5xS8/wTjUH6vkgsvmvNrt/E7bvx dkrN2ylHPSp1CHaoGNEeIgMD/zOoYX1YdSJaGXADjSywm0BS+r6BEpU1p5Mg6fy2 lPNOSB3f+sbEAguRwPhcRlG7HV3DOldxRmbyyKVM27MpnXQoYp3GFL58timsZH65 55arszU6ge+GbzLbOLQ/qYZSKrRSixZtaJe140eTYXyeaK3GWqmxzGsrC6JbWjll sdnS3Iz5+kozPuO9odcHGZrqI4dbNmcmHtCfzHW5+bgekwBgc358e27W+66oGCxj a+qB68yFtJK0FAJSEec/Ahg6+sN4h2ti0VzPAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUcnXrVaoVs/V5nmb8NEhnspWEFA8wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2NuWHJWYW9Wc19WNW5t YjhORWhuc3BXRUZBOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QUwDQYJKoZIhvcNAQELBQADggEBAE6jUiAPU9u3ru8VhO6Ys1GHUHPn32na ohSUGZsq2uHbG2r0cMcV3K7g5b0KQ1TCZAsWhU3dfac2K+DsDO7poOIGCaziJlIw v6p9eF2ab4fzMHuhGPRUEiLp1VcRyJFUjH32lzFvSI3YZ38+G2UlLzW2HBJ6uNgx wDc7CgAkoOtwl23LKHu/9y+IF5m/jmEQCPlivkfPD4KqMhF5u1sUL8ToDKDc/Hkf tFNyTrIrXLtjsQclqOxTn28WrgqRD98iZ/3UZcfQXsUXTfBaaWe6Q+8vMOEbDm/k VdWGXuRjKQ2GXsDGmeox+DZ+TsC//jCI8mU3WtMHyGzeoh1pM6xnaLU= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org