$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/o4vkVp0FCwug32iOj7xA0dqzvjE.roa File: o4vkVp0FCwug32iOj7xA0dqzvjE.roa (raw, json) Hash identifier: yG9PvstQ5eqVGosD0UWD6VqNOZcoCAijNLh9tg8BR6M= Subject key identifier: A3:8B:E4:56:9D:05:0B:0B:A0:DF:68:8E:8F:BC:40:D1:DA:B3:BE:31 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 14FA Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/o4vkVp0FCwug32iOj7xA0dqzvjE.roa Signing time: Wed 11 Sep 2024 02:26:13 +0000 ROA not before: Wed 11 Sep 2024 02:26:13 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5370 (0x14fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:26:13 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A38BE4569D050B0BA0DF688E8FBC40D1DAB3BE31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:18:24:1f:8c:b0:a4:b1:12:21:d7:9b:a4:dd: 5e:ef:6f:ed:9c:d4:54:53:69:7a:b0:a4:2a:24:a8: 1d:6a:f1:be:46:82:8f:29:4a:13:8e:1b:6c:b5:b6: 40:d4:15:0a:a0:79:46:bd:5e:40:49:0e:5d:5b:91: 3b:0f:ad:da:17:7b:d7:e8:2b:c2:b1:36:c7:97:01: 89:b9:94:55:1f:7a:0a:85:71:8e:f4:d1:b1:5c:8d: 87:cf:51:fd:ed:e5:53:79:71:f3:9c:85:ff:5a:79: fa:1c:5b:d7:d1:45:c1:0e:8e:fa:f8:95:91:6d:f3: 97:98:e3:b7:99:24:45:d0:40:f5:6a:7a:aa:83:5e: 0e:03:7d:90:56:7f:0a:dd:9e:4b:3c:19:a7:cc:dc: 6b:c3:b8:ac:3f:35:14:e8:c9:c9:c7:ca:4f:e4:04: 1b:56:55:3d:c6:5c:37:47:4f:46:57:c7:7e:23:86: d7:8d:e6:27:61:d8:16:03:84:e0:e6:86:aa:4b:2d: f2:22:88:c4:cd:8f:f5:ba:81:31:77:7c:3d:66:3c: 87:f0:bb:bd:ad:8d:56:3e:7e:55:0c:36:b2:eb:ec: b3:87:42:d2:ea:9a:ff:5b:4f:bb:6d:61:ca:ba:f0: fc:2a:33:cb:49:aa:72:d3:cb:62:a4:83:4a:e3:e6: a6:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:8B:E4:56:9D:05:0B:0B:A0:DF:68:8E:8F:BC:40:D1:DA:B3:BE:31 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/o4vkVp0FCwug32iOj7xA0dqzvjE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.12.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:f2:a0:75:94:21:f2:09:6b:3b:5f:42:cb:80:54:a3:83:c7: 92:43:ca:21:23:9e:cc:61:91:28:db:7e:f0:93:03:27:d4:63: 40:10:18:a6:1f:e6:11:96:ef:12:09:e4:11:2b:dc:0e:57:12: bd:93:2e:92:58:de:57:cd:aa:43:86:c4:9c:c7:4e:32:d4:98: bf:7d:b7:0d:19:d3:97:a7:6b:e2:fa:ea:ad:95:7c:36:85:53: dd:8f:cd:0f:dc:57:b3:57:4e:9c:ce:ee:73:50:1c:14:9d:5e: 62:eb:62:3d:cc:4b:1a:a1:96:d2:46:b4:6d:f9:e9:d1:4e:20: a4:bd:ba:1e:48:9c:ef:e3:dc:85:26:32:32:8c:66:ec:50:25: 96:db:ce:75:48:21:b6:b0:2d:f5:d6:15:88:b2:1a:1c:28:e1: cf:2d:19:2f:f3:5e:d6:24:2a:9e:15:b5:cf:fe:01:83:9b:64: 29:94:41:4a:72:b1:57:ab:5e:5e:ad:cd:84:79:3a:00:1f:18: c4:32:26:7c:28:18:72:a1:27:10:bd:9c:e2:05:de:37:7f:d6: 88:fe:b3:0c:c0:d2:4d:47:2b:03:65:5a:07:f6:58:7c:1a:13: cc:ed:6a:ca:9f:f8:2a:eb:bc:6f:93:24:83:cf:02:4f:ec:5e: dd:e9:d1:15 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjI2MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEzOEJFNDU2OUQwNTBC MEJBMERGNjg4RThGQkM0MEQxREFCM0JFMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGGCQfjLCksRIh15uk3V7vb+2c1FRTaXqwpCokqB1q8b5Ggo8p ShOOG2y1tkDUFQqgeUa9XkBJDl1bkTsPrdoXe9foK8KxNseXAYm5lFUfegqFcY70 0bFcjYfPUf3t5VN5cfOchf9aefocW9fRRcEOjvr4lZFt85eY47eZJEXQQPVqeqqD Xg4DfZBWfwrdnks8GafM3GvDuKw/NRToycnHyk/kBBtWVT3GXDdHT0ZXx34jhteN 5idh2BYDhODmhqpLLfIiiMTNj/W6gTF3fD1mPIfwu72tjVY+flUMNrLr7LOHQtLq mv9bT7ttYcq68PwqM8tJqnLTy2Kkg0rj5qY5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUo4vkVp0FCwug32iOj7xA0dqzvjEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L280dmtWcDBGQ3d1ZzMy aU9qN3hBMGRxenZqRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3QwwDQYJKoZIhvcNAQELBQADggEBAE3yoHWUIfIJaztfQsuAVKODx5JDyiEj nsxhkSjbfvCTAyfUY0AQGKYf5hGW7xIJ5BEr3A5XEr2TLpJY3lfNqkOGxJzHTjLU mL99tw0Z05ena+L66q2VfDaFU92PzQ/cV7NXTpzO7nNQHBSdXmLrYj3MSxqhltJG tG356dFOIKS9uh5InO/j3IUmMjKMZuxQJZbbznVIIbawLfXWFYiyGhwo4c8tGS/z XtYkKp4Vtc/+AYObZCmUQUpysVerXl6tzYR5OgAfGMQyJnwoGHKhJxC9nOIF3jd/ 1oj+swzA0k1HKwNlWgf2WHwaE8ztasqf+CrrvG+TJIPPAk/sXt3p0RU= -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:41 2024 by rpki-client on console-fra.rpki-client.org