$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/hix66ESmO_3PHv0jjDARfhUNq-Q.roa File: hix66ESmO_3PHv0jjDARfhUNq-Q.roa (raw, json) Hash identifier: sI2DxgVcdLIIJ297JeAobbxCUo2O9rT2ZX+imVsaFwI= Subject key identifier: 86:2C:7A:E8:44:A6:3B:FD:CF:1E:FD:23:8C:30:11:7E:15:0D:AB:E4 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14D3 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hix66ESmO_3PHv0jjDARfhUNq-Q.roa Signing time: Wed 11 Sep 2024 02:23:52 +0000 ROA not before: Wed 11 Sep 2024 02:23:52 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24373 IP address blocks: 103.221.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5331 (0x14d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:52 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=862C7AE844A63BFDCF1EFD238C30117E150DABE4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5a:f7:3a:26:38:b8:03:7e:a3:fc:19:27:05: 68:ea:bf:d7:8f:66:2f:0e:14:fe:4f:b5:e0:70:22: 95:4d:fb:6f:bf:eb:9a:c8:07:8f:5d:8a:6f:b2:a4: ff:07:8f:a4:18:2a:54:63:98:a9:aa:54:6f:8e:f4: 31:78:04:a5:94:00:1c:9b:51:97:cd:1b:03:2b:6a: fc:9d:5a:0c:79:37:e1:e2:19:68:76:5f:71:a5:38: fc:3c:20:f9:df:87:09:02:26:45:58:84:a9:89:65: 55:fe:d4:42:12:88:74:09:9b:53:5f:8f:d3:c8:6a: 71:cd:9d:66:c3:9c:88:77:75:b5:89:7b:f5:62:f6: 28:b6:3e:fd:11:b7:db:20:7c:b0:65:ab:b6:91:9b: bb:b1:d2:d3:4f:d9:90:44:22:d1:f2:a2:88:11:4f: 17:0a:54:ed:73:f4:22:b2:7c:55:0d:9f:d8:ad:47: e8:53:c0:a7:a3:3d:88:75:a2:a9:9d:8b:65:a5:cb: a4:28:37:58:5e:24:38:65:b2:b0:a8:9d:15:1a:a5: bb:c3:a0:44:4f:dc:8e:f6:3f:07:ee:ef:48:27:e0: 2d:23:11:de:a9:0c:df:ed:43:85:72:ba:41:92:a9: 81:a7:37:2b:d1:9b:be:8a:dc:16:6e:3b:a1:c9:ca: 73:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:2C:7A:E8:44:A6:3B:FD:CF:1E:FD:23:8C:30:11:7E:15:0D:AB:E4 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/hix66ESmO_3PHv0jjDARfhUNq-Q.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.44.0/22 Signature Algorithm: sha256WithRSAEncryption 3c:dd:d4:bf:d8:16:6e:7e:3a:ab:63:b9:51:f8:22:82:14:f6: 8c:c1:c8:6b:fe:69:49:a6:ad:c1:42:00:11:2b:b3:78:23:93: 70:5b:8b:94:46:d9:9f:8e:e1:dd:d7:2d:0b:22:ee:15:38:16: de:03:80:d3:f7:97:28:4e:7e:10:c0:b0:34:31:23:27:d7:a4: 28:be:28:8d:c4:92:6e:e6:0f:05:5d:a7:68:f4:2f:56:fa:d6: 27:c1:84:49:b0:04:2b:5a:af:e0:74:92:3a:07:59:ea:bd:06: a4:46:4e:7a:ab:6b:de:56:4f:24:24:95:b0:3e:84:6b:38:36: 9c:37:64:39:3a:52:eb:58:b2:e0:02:01:27:09:a9:23:b4:04: ac:8d:c9:dc:78:7c:ed:92:81:2f:2d:23:ae:08:a3:61:9e:96: 72:5b:1a:c9:1b:66:70:16:37:40:e4:6f:46:d5:d7:7c:04:6a: 4d:de:dc:a1:a7:c3:d5:22:31:2b:53:74:f2:14:18:4d:91:b6: 72:46:e7:60:1c:36:dd:a0:6f:10:81:5d:51:9d:ba:d8:72:43: 9e:b3:e7:df:b7:08:34:cb:ca:6f:9c:08:39:34:77:4a:ba:68: 7a:c0:9e:93:25:4e:1b:6d:6e:5d:1c:84:e6:55:04:03:2e:43: a5:c7:ed:12 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFNMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzNTJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg2MkM3QUU4NDRBNjNC RkRDRjFFRkQyMzhDMzAxMTdFMTUwREFCRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1Wvc6Jji4A36j/BknBWjqv9ePZi8OFP5PteBwIpVN+2+/65rI B49dim+ypP8Hj6QYKlRjmKmqVG+O9DF4BKWUABybUZfNGwMravydWgx5N+HiGWh2 X3GlOPw8IPnfhwkCJkVYhKmJZVX+1EISiHQJm1Nfj9PIanHNnWbDnIh3dbWJe/Vi 9ii2Pv0Rt9sgfLBlq7aRm7ux0tNP2ZBEItHyoogRTxcKVO1z9CKyfFUNn9itR+hT wKejPYh1oqmdi2Wly6QoN1heJDhlsrConRUapbvDoERP3I72Pwfu70gn4C0jEd6p DN/tQ4VyukGSqYGnNyvRm76K3BZuO6HJynMXAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUhix66ESmO/3PHv0jjDARfhUNq+QwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2hpeDY2RVNtT18zUEh2 MGpqREFSZmhVTnEtUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SwwDQYJKoZIhvcNAQELBQADggEBADzd1L/YFm5+OqtjuVH4IoIU9ozByGv+ aUmmrcFCABErs3gjk3Bbi5RG2Z+O4d3XLQsi7hU4Ft4DgNP3lyhOfhDAsDQxIyfX pCi+KI3Ekm7mDwVdp2j0L1b61ifBhEmwBCtar+B0kjoHWeq9BqRGTnqra95WTyQk lbA+hGs4Npw3ZDk6UutYsuACAScJqSO0BKyNydx4fO2SgS8tI64Io2GelnJbGskb ZnAWN0Dkb0bV13wEak3e3KGnw9UiMStTdPIUGE2RtnJG52AcNt2gbxCBXVGduthy Q56z59+3CDTLym+cCDk0d0q6aHrAnpMlThttbl0chOZVBAMuQ6XH7RI= -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:41 2024 by rpki-client on console-fra.rpki-client.org