$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/mnE2_OQkEjol34mD-fQ5Zue1WK4.roa File: mnE2_OQkEjol34mD-fQ5Zue1WK4.roa (raw, json) Hash identifier: vDQovrtBEKcjncf8i/cGV4m/WmDQmEFBHaBCf4vUe5Q= Subject key identifier: 9A:71:36:FC:E4:24:12:3A:25:DF:89:83:F9:F4:39:66:E7:B5:58:AE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1481 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mnE2_OQkEjol34mD-fQ5Zue1WK4.roa Signing time: Wed 11 Sep 2024 02:23:24 +0000 ROA not before: Wed 11 Sep 2024 02:23:24 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.8.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5249 (0x1481) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:24 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=9A7136FCE424123A25DF8983F9F43966E7B558AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a3:40:95:83:1d:47:b4:bf:8a:fa:ad:71:84: b6:ac:96:66:7d:34:03:43:09:67:1f:00:b4:bb:0a: 3e:dd:fe:18:46:36:7d:9e:4e:13:e2:58:d8:38:53: 72:1f:6a:62:f5:20:99:18:6d:6a:63:6c:05:67:a4: 46:33:ad:9c:da:e0:70:d7:df:5c:27:c9:6e:2d:62: d3:17:16:fb:c0:10:30:46:c0:8a:fd:be:64:b2:63: 07:92:74:ee:8b:30:32:bc:77:3e:da:48:6c:35:bf: 4d:9e:6a:1a:7e:97:13:f1:81:51:b1:b6:e9:94:05: 8c:fa:f6:29:fa:28:c1:02:0e:75:bc:95:96:48:51: a4:73:cb:e5:21:a6:84:35:b3:77:44:83:05:5e:84: 34:3a:9a:0a:27:ae:f3:9b:99:2e:04:8b:7e:36:ef: 5c:71:e6:03:82:5c:19:47:ea:84:92:b4:71:ef:cf: 10:e2:fa:6e:57:59:50:e8:02:55:20:fd:06:00:6b: 02:c5:af:9b:19:16:55:b5:fd:53:77:3f:e6:d6:ca: b3:b4:c0:ae:a5:a9:bc:9f:b3:32:39:e7:c8:c8:19: 5a:b7:95:41:b5:c2:9a:32:41:18:01:95:dd:96:fb: 14:a0:e6:ff:8c:6c:b9:7f:dd:9a:9e:e8:c6:ad:d9: a7:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:71:36:FC:E4:24:12:3A:25:DF:89:83:F9:F4:39:66:E7:B5:58:AE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/mnE2_OQkEjol34mD-fQ5Zue1WK4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.8.0/22 Signature Algorithm: sha256WithRSAEncryption c5:d5:47:df:dd:08:0c:c3:13:62:97:ec:58:6c:12:ca:4a:0c: 75:f0:81:0c:8d:71:b1:96:82:cc:46:be:e2:cd:32:b8:24:78: 6d:30:23:18:61:7d:88:8b:76:11:9d:65:d5:e8:fe:b0:4f:14: d0:d5:06:4f:36:20:13:bf:0d:76:3a:b8:4f:dc:03:7b:c4:35: 37:2b:e4:7b:21:57:34:0d:c0:da:16:67:4e:ea:4c:f7:72:5f: 56:07:a9:1a:da:59:83:3a:70:37:99:4e:e9:87:df:10:bd:12: 3b:26:9c:5c:f4:ef:ae:23:c1:64:e6:65:35:aa:9f:36:bb:05: 17:a5:8c:fd:b7:53:13:08:3a:97:e4:16:53:7c:07:49:a4:04: 4c:c6:9d:a1:5d:f9:03:57:f3:07:78:53:74:26:8f:c8:99:47: d1:de:a0:ff:cd:ce:95:f6:d0:cd:ea:06:03:3a:e4:da:38:7d: 3d:71:ed:e9:21:5d:16:cc:d4:70:5e:f2:ee:b5:cb:d6:e5:21: b9:6c:d4:78:85:3e:2a:54:8a:70:05:8b:88:82:d3:3a:d8:2c: 78:24:30:90:83:7e:f0:01:a3:9a:41:dc:d2:82:6f:f2:81:98: a1:19:2d:0e:d4:10:4f:f6:a0:fc:03:61:fd:61:f7:82:26:7f: f4:a2:ef:0b -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFIEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDlBNzEzNkZDRTQyNDEy M0EyNURGODk4M0Y5RjQzOTY2RTdCNTU4QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7o0CVgx1HtL+K+q1xhLaslmZ9NANDCWcfALS7Cj7d/hhGNn2e ThPiWNg4U3IfamL1IJkYbWpjbAVnpEYzrZza4HDX31wnyW4tYtMXFvvAEDBGwIr9 vmSyYweSdO6LMDK8dz7aSGw1v02eahp+lxPxgVGxtumUBYz69in6KMECDnW8lZZI UaRzy+UhpoQ1s3dEgwVehDQ6mgonrvObmS4Ei34271xx5gOCXBlH6oSStHHvzxDi +m5XWVDoAlUg/QYAawLFr5sZFlW1/VN3P+bWyrO0wK6lqbyfszI558jIGVq3lUG1 wpoyQRgBld2W+xSg5v+MbLl/3Zqe6Mat2acJAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUmnE2/OQkEjol34mD+fQ5Zue1WK4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L21uRTJfT1FrRWpvbDM0 bUQtZlE1WnVlMVdLNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3QgwDQYJKoZIhvcNAQELBQADggEBAMXVR9/dCAzDE2KX7FhsEspKDHXwgQyN cbGWgsxGvuLNMrgkeG0wIxhhfYiLdhGdZdXo/rBPFNDVBk82IBO/DXY6uE/cA3vE NTcr5HshVzQNwNoWZ07qTPdyX1YHqRraWYM6cDeZTumH3xC9EjsmnFz0764jwWTm ZTWqnza7BReljP23UxMIOpfkFlN8B0mkBEzGnaFd+QNX8wd4U3Qmj8iZR9HeoP/N zpX20M3qBgM65No4fT1x7ekhXRbM1HBe8u61y9blIbls1HiFPipUinAFi4iC0zrY LHgkMJCDfvABo5pB3NKCb/KBmKEZLQ7UEE/2oPwDYf1h94Imf/Si7ws= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org