$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/oF2zl8-ifq3Ps6FLFXEgM7hkd_4.roa File: oF2zl8-ifq3Ps6FLFXEgM7hkd_4.roa (raw, json) Hash identifier: NvSqa6YWkVrV8PGWhUjRAbI94jZ/qEmoSCwNPvkjSfc= Subject key identifier: A0:5D:B3:97:CF:A2:7E:AD:CF:B3:A1:4B:15:71:20:33:B8:64:77:FE Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1472 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/oF2zl8-ifq3Ps6FLFXEgM7hkd_4.roa Signing time: Wed 11 Sep 2024 02:23:19 +0000 ROA not before: Wed 11 Sep 2024 02:23:19 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5234 (0x1472) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:19 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A05DB397CFA27EADCFB3A14B15712033B86477FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:5e:4d:89:03:19:93:3b:f0:ba:c1:dc:39:cf: 41:15:72:3f:09:c6:9f:af:e5:44:30:ea:ff:05:20: 68:a5:76:18:5b:b5:00:33:be:0b:f0:d9:86:75:74: 91:46:35:09:b6:ff:85:a9:59:fb:f6:21:79:5e:bd: b7:44:f4:ac:93:8f:35:c7:69:3e:6f:9f:97:23:35: f9:4b:01:9f:67:a2:2c:29:70:92:0a:ef:42:f9:7c: 43:91:0f:a3:8d:f2:15:0e:48:5b:f4:51:c6:3a:65: cf:c7:eb:80:0c:f3:7d:c8:f5:a4:16:c7:c6:98:78: 92:61:b3:a1:95:00:bd:a4:0e:84:69:d4:9c:94:42: f4:50:5e:c8:41:6c:1e:6f:b1:d7:0c:a3:17:bf:c4: 09:f8:c1:4a:9a:2a:ac:79:b6:81:94:60:37:90:bb: e1:8c:93:81:06:a3:c4:12:4c:94:10:12:fe:0c:19: 3f:e7:29:a5:7b:cc:81:f7:ed:8b:fe:32:73:23:c4: cf:cc:fe:31:d4:41:2d:64:c7:b1:59:b2:e5:d1:ac: 66:e9:a7:ba:6a:03:79:8d:50:a0:95:8a:fa:9d:dc: 33:fe:b1:57:d0:23:d3:7c:6c:3d:3d:cd:4b:af:0d: 6f:5e:98:66:7e:d0:30:ec:39:61:d0:67:2a:36:5a: 50:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:5D:B3:97:CF:A2:7E:AD:CF:B3:A1:4B:15:71:20:33:B8:64:77:FE X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/oF2zl8-ifq3Ps6FLFXEgM7hkd_4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.16.0/22 Signature Algorithm: sha256WithRSAEncryption 06:c7:52:c4:c2:d4:08:70:5d:0b:af:68:72:63:10:80:59:1b: 35:80:99:90:03:6b:4f:d1:12:c0:5d:01:fe:0e:e9:d9:86:55: 7e:99:48:14:4b:8c:63:e0:a5:87:02:5d:c5:0a:31:60:97:33: 75:15:9b:27:91:be:60:fe:8b:6d:a0:1c:9d:8c:9d:a7:18:e9: 2b:b0:1d:0a:35:2c:bb:7c:79:b1:4d:e0:3e:94:dc:ed:18:ed: 92:5b:ee:6d:8a:66:a0:dc:03:0c:04:df:30:83:5d:ed:0e:74: 1a:6e:23:71:2f:97:2a:30:1e:8c:0a:4e:56:4f:1b:87:d6:ba: df:42:7a:6c:1c:39:f2:c8:8c:eb:f4:bc:18:c8:1e:c9:63:c4: d6:bc:e1:63:51:dd:d3:38:49:19:18:b6:89:0e:b9:cb:af:c8: c3:10:2b:7c:42:91:80:61:4b:64:79:78:0b:6c:f2:01:04:15: 29:c3:b8:a4:30:d9:f1:1f:55:75:d4:5c:98:a7:aa:2a:fe:ae: d1:ae:3a:65:07:5a:36:64:1b:94:dd:aa:3b:0f:b4:cf:90:3d: 8f:f9:e1:d9:97:b1:a7:e9:1b:60:b4:be:b2:ba:62:51:c4:18: 78:3e:ee:e8:20:5e:a3:d7:18:ca:bf:72:6f:f5:da:a9:93:a9: 8c:e8:36:cb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEEwNURCMzk3Q0ZBMjdF QURDRkIzQTE0QjE1NzEyMDMzQjg2NDc3RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7Xk2JAxmTO/C6wdw5z0EVcj8Jxp+v5UQw6v8FIGildhhbtQAz vgvw2YZ1dJFGNQm2/4WpWfv2IXlevbdE9KyTjzXHaT5vn5cjNflLAZ9noiwpcJIK 70L5fEORD6ON8hUOSFv0UcY6Zc/H64AM833I9aQWx8aYeJJhs6GVAL2kDoRp1JyU QvRQXshBbB5vsdcMoxe/xAn4wUqaKqx5toGUYDeQu+GMk4EGo8QSTJQQEv4MGT/n KaV7zIH37Yv+MnMjxM/M/jHUQS1kx7FZsuXRrGbpp7pqA3mNUKCVivqd3DP+sVfQ I9N8bD09zUuvDW9emGZ+0DDsOWHQZyo2WlDTAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUoF2zl8+ifq3Ps6FLFXEgM7hkd/4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L29GMnpsOC1pZnEzUHM2 RkxGWEVnTTdoa2RfNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3RAwDQYJKoZIhvcNAQELBQADggEBAAbHUsTC1AhwXQuvaHJjEIBZGzWAmZAD a0/REsBdAf4O6dmGVX6ZSBRLjGPgpYcCXcUKMWCXM3UVmyeRvmD+i22gHJ2MnacY 6SuwHQo1LLt8ebFN4D6U3O0Y7ZJb7m2KZqDcAwwE3zCDXe0OdBpuI3EvlyowHowK TlZPG4fWut9CemwcOfLIjOv0vBjIHsljxNa84WNR3dM4SRkYtokOucuvyMMQK3xC kYBhS2R5eAts8gEEFSnDuKQw2fEfVXXUXJinqir+rtGuOmUHWjZkG5TdqjsPtM+Q PY/54dmXsafpG2C0vrK6YlHEGHg+7uggXqPXGMq/cm/12qmTqYzoNss= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:47 2024 by rpki-client on console-ams.rpki-client.org