$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/l1wL_xD24NiGwh73XkUMg8OXCVw.roa File: l1wL_xD24NiGwh73XkUMg8OXCVw.roa (raw, json) Hash identifier: rCNT3pQXqJ+c4qiVGadProLHMobrYUyudacYiRstHug= Subject key identifier: 97:5C:0B:FF:10:F6:E0:D8:86:C2:1E:F7:5E:45:0C:83:C3:97:09:5C Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1504 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l1wL_xD24NiGwh73XkUMg8OXCVw.roa Signing time: Wed 11 Sep 2024 02:27:32 +0000 ROA not before: Wed 11 Sep 2024 02:27:32 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5380 (0x1504) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:27:32 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=975C0BFF10F6E0D886C21EF75E450C83C397095C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:19:19:0e:41:f8:65:94:c9:94:9c:16:8b:18: c2:f3:99:ce:62:eb:7e:20:17:1d:49:4a:36:c6:f1: 45:52:b9:56:e1:ae:f9:0d:d6:38:2b:7e:32:cd:60: c3:22:09:c0:2e:88:cf:24:8b:bb:2f:b8:6f:48:16: 28:89:5e:3f:c7:45:38:65:48:df:14:df:f3:a3:a0: 00:d5:34:e4:66:80:88:26:54:33:f2:dc:0e:c7:22: 1d:64:89:d7:18:df:d1:1d:f1:32:ee:89:89:08:25: 06:a8:75:ff:50:8f:d4:e2:41:a7:ed:46:1a:b6:b8: 34:b5:12:d0:b6:85:ef:18:df:c6:62:62:72:30:35: 6b:f2:b8:4e:b3:f2:f5:23:03:28:f4:5c:20:16:58: e4:aa:a0:8b:1c:98:6b:70:0e:9c:30:ec:89:4a:32: 6c:be:be:4c:66:7f:9e:53:94:98:52:f4:59:06:01: c8:17:a6:71:98:f4:e3:a1:e7:53:21:d4:6d:37:1a: 15:80:52:09:4c:26:db:ba:c5:57:f7:f0:cb:19:2f: f9:bf:d3:15:cb:8f:8b:e9:11:af:ff:e9:8a:16:34: e6:cf:4e:b7:0f:2e:79:17:3d:9a:0b:b5:ab:e3:f3: 3d:63:ba:d4:2d:d4:cd:a3:37:82:31:2a:44:5c:a1: a5:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:5C:0B:FF:10:F6:E0:D8:86:C2:1E:F7:5E:45:0C:83:C3:97:09:5C X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/l1wL_xD24NiGwh73XkUMg8OXCVw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.21.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:d9:7f:50:62:b8:8a:d8:66:61:cd:2f:3e:0c:d3:37:2b:90: ba:c7:20:fa:e9:01:f3:85:ba:cd:ae:c3:26:ce:a4:56:6d:4a: 7e:d0:2b:cc:cf:32:2a:bf:8d:c5:93:5c:2c:65:d1:ef:95:c0: 3d:0c:1b:ee:8b:8b:3c:8f:90:bb:4d:3d:33:87:54:f9:ff:3d: ee:63:ef:21:5f:d9:a2:cb:7a:4f:e6:3b:17:09:63:33:34:a3: a4:8a:c3:4e:68:5a:2e:29:8f:9c:9b:13:ab:fc:80:2c:c1:94: 21:f2:f1:74:7c:47:fe:69:1f:b1:e2:e9:74:f8:23:86:dd:98: 6a:2f:fc:99:ea:48:57:18:35:03:30:1b:2d:72:4f:0c:5c:e8: 0b:6e:4e:ca:1c:8b:a2:ca:a8:e3:02:01:bf:98:d0:64:fc:34: 44:00:24:d9:e3:86:80:44:bf:89:e5:83:73:a4:cf:18:24:38: d6:24:74:53:78:b6:d9:ea:6e:20:9f:d3:40:6f:3e:d8:fa:12: 17:24:69:e0:21:cd:9b:f6:16:7e:46:6d:33:f3:a0:a4:d9:fe: 86:1d:a0:0d:76:6f:5b:98:ba:8f:85:18:92:14:2b:e2:d1:b3: 38:80:9b:c7:c9:cb:22:94:37:43:60:a5:e1:30:65:64:69:97: 93:80:af:d7 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjI3MzJaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3NUMwQkZGMTBGNkUw RDg4NkMyMUVGNzVFNDUwQzgzQzM5NzA5NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDYGRkOQfhllMmUnBaLGMLzmc5i634gFx1JSjbG8UVSuVbhrvkN 1jgrfjLNYMMiCcAuiM8ki7svuG9IFiiJXj/HRThlSN8U3/OjoADVNORmgIgmVDPy 3A7HIh1kidcY39Ed8TLuiYkIJQaodf9Qj9TiQaftRhq2uDS1EtC2he8Y38ZiYnIw NWvyuE6z8vUjAyj0XCAWWOSqoIscmGtwDpww7IlKMmy+vkxmf55TlJhS9FkGAcgX pnGY9OOh51Mh1G03GhWAUglMJtu6xVf38MsZL/m/0xXLj4vpEa//6YoWNObPTrcP LnkXPZoLtavj8z1jutQt1M2jN4IxKkRcoaXRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUl1wL/xD24NiGwh73XkUMg8OXCVwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L2wxd0xfeEQyNE5pR3do NzNYa1VNZzhPWENWdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RUwDQYJKoZIhvcNAQELBQADggEBAA7Zf1BiuIrYZmHNLz4M0zcrkLrHIPrp AfOFus2uwybOpFZtSn7QK8zPMiq/jcWTXCxl0e+VwD0MG+6LizyPkLtNPTOHVPn/ Pe5j7yFf2aLLek/mOxcJYzM0o6SKw05oWi4pj5ybE6v8gCzBlCHy8XR8R/5pH7Hi 6XT4I4bdmGov/JnqSFcYNQMwGy1yTwxc6AtuTsoci6LKqOMCAb+Y0GT8NEQAJNnj hoBEv4nlg3OkzxgkONYkdFN4ttnqbiCf00BvPtj6EhckaeAhzZv2Fn5GbTPzoKTZ /oYdoA12b1uYuo+FGJIUK+LRsziAm8fJyyKUN0NgpeEwZWRpl5OAr9c= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:48 2024 by rpki-client on console-ams.rpki-client.org