$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/jzwrPUZg0yhg5ZIYsMPlZFLZGzI.roa File: jzwrPUZg0yhg5ZIYsMPlZFLZGzI.roa (raw, json) Hash identifier: kogY1PBVN6jHrCkbEckEINM1YAeo+PkUI0oivmKPIrY= Subject key identifier: 8F:3C:2B:3D:46:60:D3:28:60:E5:92:18:B0:C3:E5:64:52:D9:1B:32 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1539 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jzwrPUZg0yhg5ZIYsMPlZFLZGzI.roa Signing time: Wed 11 Sep 2024 03:57:54 +0000 ROA not before: Wed 11 Sep 2024 03:57:54 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.220.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5433 (0x1539) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:57:54 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=8F3C2B3D4660D32860E59218B0C3E56452D91B32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:39:2b:44:eb:bc:1d:85:5d:24:08:0c:53:66: 5f:92:81:3e:9b:9f:12:2f:4b:6f:3f:ec:ea:fa:32: c1:bf:49:46:84:72:39:56:64:ca:6c:a2:c9:16:b6: fe:d6:ca:b7:f4:a3:4e:c6:a6:a1:35:80:89:ec:1c: 7f:7e:03:91:4f:1f:63:65:60:9c:49:f6:e6:3f:90: 62:4b:2c:55:b5:16:a7:cc:9b:a2:25:3e:c7:d6:65: cc:f8:5e:06:2c:d0:64:f0:02:02:91:a3:2a:d8:b3: 63:f8:c5:15:89:bd:d8:25:30:9a:23:47:87:5e:fa: 6c:03:12:17:41:69:a7:63:b0:2d:2b:52:65:c5:90: d9:4b:9e:52:c4:81:33:1e:2e:9c:49:47:c7:9a:55: 7a:2f:19:50:66:55:8a:7a:b4:ed:3e:68:83:f1:f4: 42:3e:cd:a3:84:d0:5b:44:aa:ef:3a:b0:ad:bd:a6: de:0e:2c:42:3d:cf:37:b1:79:cd:df:ee:5c:fd:22: 54:90:85:d2:ec:be:f6:25:d4:cb:57:7b:ed:96:65: 15:e6:9f:83:86:d3:a2:9c:b0:0b:bb:5c:18:7b:b2: a5:5f:af:2c:77:bf:31:0a:1f:e4:5b:13:5e:ad:e6: 95:6b:29:3b:5a:be:c8:11:53:04:b4:41:81:d5:16: 50:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:3C:2B:3D:46:60:D3:28:60:E5:92:18:B0:C3:E5:64:52:D9:1B:32 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/jzwrPUZg0yhg5ZIYsMPlZFLZGzI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.252.0/24 Signature Algorithm: sha256WithRSAEncryption d7:75:93:e5:4d:e1:a4:57:af:9d:8d:aa:b2:d1:b9:7a:2d:54: bd:87:3e:55:eb:a2:ce:90:f9:a2:39:4f:51:2e:91:0d:93:6c: e7:f6:8b:58:69:57:ff:8b:fb:c7:d7:34:7c:e0:94:38:b6:2e: e3:9b:cc:45:5d:50:8a:09:0a:51:46:04:bf:57:6a:22:d4:82: d0:e8:89:56:50:68:70:e7:ee:11:f6:12:02:c0:26:ec:c0:74: b2:f9:b0:b1:e8:4e:7f:f3:96:c1:f0:fd:40:f8:f1:33:ef:7f: 6a:23:5b:79:c4:f5:64:bd:ad:0e:18:b7:e8:40:f4:8a:dd:c1: b2:bb:fc:4d:8e:bb:a0:2e:b2:23:05:c1:6b:85:9a:c5:40:67: 2f:c4:1f:b8:26:e3:ec:36:4a:57:35:2c:51:04:8e:b0:b4:3f: 03:40:ff:9e:ba:0f:38:f9:f6:03:f5:c3:65:86:7f:d2:fe:24: 5d:85:23:5b:a2:41:56:dd:ed:35:02:7a:1a:69:ae:cb:33:6d: 65:27:39:07:b8:04:f6:d7:93:a6:04:bc:51:66:b2:0d:34:1d: 12:33:39:f4:50:bf:0d:02:d1:47:f1:53:0a:af:2e:ce:44:6c: 38:b4:ec:e7:1c:4e:d3:d2:61:cf:ee:ca:be:1a:9f:e0:13:e2: 0d:26:1d:58 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFTkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU3NTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhGM0MyQjNENDY2MEQz Mjg2MEU1OTIxOEIwQzNFNTY0NTJEOTFCMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkOStE67wdhV0kCAxTZl+SgT6bnxIvS28/7Or6MsG/SUaEcjlW ZMpsoskWtv7Wyrf0o07GpqE1gInsHH9+A5FPH2NlYJxJ9uY/kGJLLFW1FqfMm6Il PsfWZcz4XgYs0GTwAgKRoyrYs2P4xRWJvdglMJojR4de+mwDEhdBaadjsC0rUmXF kNlLnlLEgTMeLpxJR8eaVXovGVBmVYp6tO0+aIPx9EI+zaOE0FtEqu86sK29pt4O LEI9zzexec3f7lz9IlSQhdLsvvYl1MtXe+2WZRXmn4OG06KcsAu7XBh7sqVfryx3 vzEKH+RbE16t5pVrKTtavsgRUwS0QYHVFlA/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUjzwrPUZg0yhg5ZIYsMPlZFLZGzIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2p6d3JQVVpnMHloZzVa SVlzTVBsWkZMWkd6SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3PwwDQYJKoZIhvcNAQELBQADggEBANd1k+VN4aRXr52NqrLRuXotVL2HPlXr os6Q+aI5T1EukQ2TbOf2i1hpV/+L+8fXNHzglDi2LuObzEVdUIoJClFGBL9XaiLU gtDoiVZQaHDn7hH2EgLAJuzAdLL5sLHoTn/zlsHw/UD48TPvf2ojW3nE9WS9rQ4Y t+hA9IrdwbK7/E2Ou6AusiMFwWuFmsVAZy/EH7gm4+w2Slc1LFEEjrC0PwNA/566 Dzj59gP1w2WGf9L+JF2FI1uiQVbd7TUCehpprsszbWUnOQe4BPbXk6YEvFFmsg00 HRIzOfRQvw0C0UfxUwqvLs5EbDi07OccTtPSYc/uyr4an+AT4g0mHVg= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:47 2024 by rpki-client on console-ams.rpki-client.org