$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/pf3BLAZeQ0sqrckMMFWKC4lh5J4.roa File: pf3BLAZeQ0sqrckMMFWKC4lh5J4.roa (raw, json) Hash identifier: D1lBwRuzhqAJqIcvYiFEdC/jBjVMImzL26aBtYeteOc= Subject key identifier: A5:FD:C1:2C:06:5E:43:4B:2A:AD:C9:0C:30:55:8A:0B:89:61:E4:9E Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1557 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/pf3BLAZeQ0sqrckMMFWKC4lh5J4.roa Signing time: Wed 11 Sep 2024 04:01:43 +0000 ROA not before: Wed 11 Sep 2024 04:01:43 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.36.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5463 (0x1557) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 04:01:43 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A5FDC12C065E434B2AADC90C30558A0B8961E49E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ac:23:84:62:99:34:4d:30:2c:04:c1:13:b1: c1:eb:1b:ae:7f:16:74:63:c0:e6:9c:06:39:73:28: 1e:49:1c:0e:9d:d6:21:58:78:8e:b8:1c:aa:9c:0a: 77:59:ca:93:e7:80:f1:ff:92:5d:3d:93:c0:e6:6e: b1:38:d9:5d:58:83:4a:68:91:98:c0:e3:0c:d2:e8: 9c:10:79:06:77:98:9d:99:a3:a3:22:eb:52:52:38: cf:57:2b:c5:91:42:3d:99:3e:21:71:c8:47:15:b8: 1f:8b:77:f4:98:af:46:89:cb:1e:d9:f3:87:70:9b: 33:0e:f5:27:5b:8f:11:7b:a2:55:64:1f:2f:62:5c: de:1e:49:82:88:b7:c5:18:20:ea:5b:40:1f:99:ef: 0a:f1:7b:db:14:a5:0a:94:fd:4c:92:f2:af:08:83: ca:df:10:22:7b:bd:e4:59:fb:18:d1:8b:25:cb:07: 87:50:73:b9:4f:97:71:28:95:9b:61:7e:6a:bb:cd: 05:92:38:74:45:44:38:7c:bf:fe:ce:15:90:2d:02: 9b:8f:8c:3f:1d:43:05:dd:e3:d4:39:26:47:30:8b: 7d:92:ca:e4:98:f2:ba:92:ad:9a:c2:07:83:4d:ee: b8:19:f3:34:91:07:72:14:1b:50:e1:6d:30:11:00: 36:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:FD:C1:2C:06:5E:43:4B:2A:AD:C9:0C:30:55:8A:0B:89:61:E4:9E X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/pf3BLAZeQ0sqrckMMFWKC4lh5J4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.36.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:3b:73:26:ab:ee:e8:95:06:65:00:93:59:09:9e:0c:03:fd: 44:3a:f2:57:33:fe:69:68:c1:9f:85:1a:53:55:fc:02:a2:ef: f8:fc:a9:43:10:2f:f1:8e:5d:ef:1f:04:2e:45:14:f3:7f:e4: aa:20:46:1b:36:79:95:9e:01:cf:91:80:c8:1b:cd:16:b1:6d: a8:1c:67:2f:a6:7b:0a:61:38:e6:ab:1f:a5:98:93:46:63:ea: 17:3a:71:d6:11:f3:5b:f6:12:f6:92:54:78:1d:20:10:42:0d: 4e:63:39:82:4a:92:a2:b3:79:02:07:67:00:a9:f1:b4:41:19: 4a:4c:49:d4:3d:17:eb:9e:81:77:75:2f:32:63:a0:cc:2f:b5: fa:1e:d0:9e:48:a6:50:67:18:1a:2e:68:23:45:6d:d4:93:a3: 2e:1c:da:ad:45:de:ba:ef:37:17:42:30:07:25:e2:64:db:ac: 02:c9:51:23:af:b4:f3:26:26:72:66:a4:d4:7e:0e:c5:a5:76: 07:b6:11:0b:49:63:2c:1a:c4:c8:6a:42:1a:61:2c:a8:d3:d3: 35:ab:4e:de:2e:58:35:9e:7e:71:ae:8a:ad:74:e5:77:70:93: 27:ca:73:9c:be:d2:b7:6e:67:5c:59:2e:74:45:ae:4c:9a:03: 0d:42:cc:69 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw NDAxNDNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE1RkRDMTJDMDY1RTQz NEIyQUFEQzkwQzMwNTU4QTBCODk2MUU0OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1rCOEYpk0TTAsBMETscHrG65/FnRjwOacBjlzKB5JHA6d1iFY eI64HKqcCndZypPngPH/kl09k8DmbrE42V1Yg0pokZjA4wzS6JwQeQZ3mJ2Zo6Mi 61JSOM9XK8WRQj2ZPiFxyEcVuB+Ld/SYr0aJyx7Z84dwmzMO9SdbjxF7olVkHy9i XN4eSYKIt8UYIOpbQB+Z7wrxe9sUpQqU/UyS8q8Ig8rfECJ7veRZ+xjRiyXLB4dQ c7lPl3EolZthfmq7zQWSOHRFRDh8v/7OFZAtApuPjD8dQwXd49Q5Jkcwi32SyuSY 8rqSrZrCB4NN7rgZ8zSRB3IUG1DhbTARADbhAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUpf3BLAZeQ0sqrckMMFWKC4lh5J4wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3BmM0JMQVplUTBzcXJj a01NRldLQzRsaDVKNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3SQwDQYJKoZIhvcNAQELBQADggEBAH47cyar7uiVBmUAk1kJngwD/UQ68lcz /mlowZ+FGlNV/AKi7/j8qUMQL/GOXe8fBC5FFPN/5KogRhs2eZWeAc+RgMgbzRax bagcZy+mewphOOarH6WYk0Zj6hc6cdYR81v2EvaSVHgdIBBCDU5jOYJKkqKzeQIH ZwCp8bRBGUpMSdQ9F+uegXd1LzJjoMwvtfoe0J5IplBnGBouaCNFbdSToy4c2q1F 3rrvNxdCMAcl4mTbrALJUSOvtPMmJnJmpNR+DsWldge2EQtJYywaxMhqQhphLKjT 0zWrTt4uWDWefnGuiq105XdwkyfKc5y+0rduZ1xZLnRFrkyaAw1CzGk= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org