$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/jmBFcnxb-s6K367ZDGVIxVShBUE.roa File: jmBFcnxb-s6K367ZDGVIxVShBUE.roa (raw, json) Hash identifier: c0FBYaD3aXYvciPcOmEm3clk0Tl+gKl07WtKzqow6JA= Subject key identifier: 8E:60:45:72:7C:5B:FA:CE:8A:DF:AE:D9:0C:65:48:C5:54:A1:05:41 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1535 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jmBFcnxb-s6K367ZDGVIxVShBUE.roa Signing time: Wed 11 Sep 2024 03:57:53 +0000 ROA not before: Wed 11 Sep 2024 03:57:53 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5429 (0x1535) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:57:53 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=8E6045727C5BFACE8ADFAED90C6548C554A10541 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e4:cd:5f:af:56:ab:f9:87:ee:5a:da:18:62: 6d:40:2c:f6:a9:37:c5:9e:09:45:f2:8e:c0:18:d6: c7:8e:b1:77:9e:c6:62:fa:c6:66:dd:51:2f:2c:cb: c8:ec:44:4d:37:27:44:6a:b1:1d:74:a4:70:76:bf: 8d:86:b7:22:72:3e:a0:76:8e:31:9c:96:86:8e:50: dd:84:c2:7c:62:f9:dc:e3:74:3a:1b:dd:cb:63:77: d4:ad:cd:68:9e:f2:43:e9:be:1f:b4:f0:5f:e8:9d: c2:bb:ef:a8:ae:8e:69:50:05:f7:cd:59:38:b0:da: c3:22:88:f6:af:b3:fe:59:97:60:aa:38:16:0f:68: ad:31:a7:c2:87:76:bf:d6:88:2e:90:7c:fd:6d:ef: 39:60:29:15:94:c5:39:b2:9a:7a:3e:31:fe:1c:51: 7d:ab:a3:1a:b7:a2:0b:93:36:eb:a0:5c:a7:c0:02: f7:00:2d:ec:ba:0c:df:d3:e3:e3:a4:d1:e9:b5:f4: 20:aa:84:43:a4:eb:89:5f:48:4f:ce:e2:40:76:fc: 97:c2:7f:1e:e7:67:00:3c:d5:07:92:72:03:4a:5d: 46:af:eb:66:fd:3b:0c:9d:6a:af:f1:c3:92:53:da: 36:b6:b1:9b:9d:d2:ce:ea:b4:e0:cc:51:ae:d3:55: a4:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:60:45:72:7C:5B:FA:CE:8A:DF:AE:D9:0C:65:48:C5:54:A1:05:41 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jmBFcnxb-s6K367ZDGVIxVShBUE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.1.0/24 Signature Algorithm: sha256WithRSAEncryption 98:4e:00:fd:e2:3f:75:26:0a:c4:44:88:a6:d2:2b:34:7e:c0: db:6a:57:2e:4c:b4:c0:21:90:ba:f8:9f:28:ea:98:86:48:82: 38:f1:17:92:5e:08:36:20:6e:b0:ff:1d:ff:a9:6e:d5:c0:f1: 3b:af:97:7c:8e:04:81:e7:af:34:b1:9b:8c:30:df:e6:57:6f: 95:1b:a6:0b:43:79:10:f5:37:98:ac:c0:a3:79:57:07:f6:16: 34:ae:b8:60:74:79:9d:f7:b8:a5:62:15:37:cc:33:90:7f:01: b9:70:ae:5c:63:2f:1e:f1:fa:46:e8:1f:95:61:d2:6d:cb:1c: a9:a2:21:57:fa:0b:7e:01:a2:bd:20:b2:15:6e:df:af:12:cc: e6:be:ad:8d:ac:e8:ae:23:38:19:ee:bb:4b:61:56:51:24:91: f2:08:11:99:8d:55:e5:54:5e:fc:5b:57:d4:ce:ee:7d:bb:cb: 5a:e6:04:ed:42:3e:86:31:a6:b0:4c:9c:a5:7f:ee:03:37:16: 8e:0f:dd:82:52:0c:05:fd:38:ac:40:4c:a0:5b:88:45:fe:01: ca:ec:d1:9a:da:bd:52:88:c9:d4:e1:9d:0b:af:4a:50:0d:62: 5b:86:c9:62:43:d7:01:06:bd:40:8d:87:7a:d1:fd:fc:09:fe: 7c:f8:49:13 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFTUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU3NTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhFNjA0NTcyN0M1QkZB Q0U4QURGQUVEOTBDNjU0OEM1NTRBMTA1NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCw5M1fr1ar+YfuWtoYYm1ALPapN8WeCUXyjsAY1seOsXeexmL6 xmbdUS8sy8jsRE03J0RqsR10pHB2v42GtyJyPqB2jjGcloaOUN2Ewnxi+dzjdDob 3ctjd9StzWie8kPpvh+08F/oncK776iujmlQBffNWTiw2sMiiPavs/5Zl2CqOBYP aK0xp8KHdr/WiC6QfP1t7zlgKRWUxTmymno+Mf4cUX2roxq3oguTNuugXKfAAvcA Ley6DN/T4+Ok0em19CCqhEOk64lfSE/O4kB2/JfCfx7nZwA81QeScgNKXUav62b9 Owydaq/xw5JT2ja2sZud0s7qtODMUa7TVaRrAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjmBFcnxb+s6K367ZDGVIxVShBUEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2ptQkZjbnhiLXM2SzM2 N1pER1ZJeFZTaEJVRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QEwDQYJKoZIhvcNAQELBQADggEBAJhOAP3iP3UmCsREiKbSKzR+wNtqVy5M tMAhkLr4nyjqmIZIgjjxF5JeCDYgbrD/Hf+pbtXA8Tuvl3yOBIHnrzSxm4ww3+ZX b5UbpgtDeRD1N5iswKN5Vwf2FjSuuGB0eZ33uKViFTfMM5B/AblwrlxjLx7x+kbo H5Vh0m3LHKmiIVf6C34Bor0gshVu368SzOa+rY2s6K4jOBnuu0thVlEkkfIIEZmN VeVUXvxbV9TO7n27y1rmBO1CPoYxprBMnKV/7gM3Fo4P3YJSDAX9OKxATKBbiEX+ Acrs0ZravVKIydThnQuvSlANYluGyWJD1wEGvUCNh3rR/fwJ/nz4SRM= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:47 2024 by rpki-client on console-ams.rpki-client.org