$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/qI02t6NQVmHlTJgoqp3tfhpTwXw.roa File: qI02t6NQVmHlTJgoqp3tfhpTwXw.roa (raw, json) Hash identifier: byR1UN3ETO5ujs9NEI0uuHfYPotZmCD3UoMhIKNPt18= Subject key identifier: A8:8D:36:B7:A3:50:56:61:E5:4C:98:28:AA:9D:ED:7E:1A:53:C1:7C Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1520 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/qI02t6NQVmHlTJgoqp3tfhpTwXw.roa Signing time: Wed 11 Sep 2024 02:30:10 +0000 ROA not before: Wed 11 Sep 2024 02:30:10 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5408 (0x1520) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:30:10 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=A88D36B7A3505661E54C9828AA9DED7E1A53C17C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:11:26:ec:b7:e5:c6:20:ba:1f:08:7b:2f:59: 98:3b:71:6a:9d:b0:94:61:cd:51:a5:c8:65:f9:c0: 3a:73:a4:e6:3f:9a:12:61:64:aa:3f:08:5a:75:3b: fe:d8:50:3e:a6:3a:27:a5:b4:22:55:61:dc:82:16: d2:02:3e:b3:1d:f9:6b:01:07:36:4e:35:f7:49:5e: 63:dc:82:af:41:de:ad:77:04:b0:94:3d:ff:b7:70: c4:a1:ee:a8:fd:a7:b2:02:98:05:c0:77:22:f0:d2: 29:97:f3:83:f6:4f:d0:60:17:ee:fc:46:29:20:6c: 1c:59:de:db:bb:33:0f:dd:b2:22:96:e5:55:ca:36: 99:24:74:46:e2:e6:b6:ff:d5:56:1b:b3:3e:bf:95: e0:8c:f7:91:ec:64:10:68:d5:53:12:6f:d1:26:34: e7:1d:cd:00:e9:2e:52:2e:98:f2:eb:7a:0d:f4:3e: 7c:51:0e:78:a7:06:e1:4f:32:40:dd:d0:f9:14:1c: 6b:3f:a3:b2:ed:64:2e:d6:d0:0e:6e:42:a8:e3:d5: 10:d2:a1:ce:de:4f:b0:3b:ff:55:ea:ec:b1:93:4c: 9b:b1:57:b4:52:bd:5e:46:53:2d:78:9c:2a:cb:ce: dd:69:3f:d7:f1:4e:04:7d:4e:6e:d0:60:e8:c2:74: fe:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:8D:36:B7:A3:50:56:61:E5:4C:98:28:AA:9D:ED:7E:1A:53:C1:7C X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/qI02t6NQVmHlTJgoqp3tfhpTwXw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.48.0/24 Signature Algorithm: sha256WithRSAEncryption 30:17:b9:80:5e:41:4b:59:f8:7b:3e:47:6a:4a:11:88:c5:ed: 48:49:33:24:73:d5:ae:62:39:48:29:1a:b2:13:14:4f:e7:73: 54:d2:b4:fd:90:16:c4:98:ca:22:94:ee:e8:00:7d:35:23:ea: a2:3f:ae:7d:0d:51:bf:0f:67:c0:29:9c:d6:e5:60:cd:18:22: ae:21:87:07:48:1d:c1:fd:8c:4d:e2:ad:52:3c:29:f1:8b:91: 11:39:c9:15:26:e4:f4:79:76:16:e8:af:3b:8e:a9:b6:45:76: cf:17:89:ab:83:bc:d6:b4:c9:a6:fb:7d:04:04:fe:c7:42:f1: f2:16:35:94:91:f8:dc:9e:4e:f4:50:58:bb:30:4e:7f:ba:f0: 7f:c1:c5:0c:94:48:8e:c1:7a:91:ef:9e:c9:19:0e:c1:ac:53: 23:77:ae:f5:4c:6d:1e:a0:e8:9a:d3:90:30:41:f2:ef:6f:7b: 02:e4:99:82:2a:29:bc:02:2c:b6:26:61:24:dc:c2:c0:f1:35: cc:dd:37:ba:a5:c2:c6:72:a1:6a:68:67:f7:3b:c5:18:d4:31: 6d:e4:4e:34:d9:b3:ca:1f:fe:77:bc:59:6f:b9:91:ea:d1:24: 55:66:45:f1:e3:30:4b:39:9d:a6:72:e6:aa:9f:c3:aa:86:d5: 09:5b:a6:65 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFSAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjMwMTBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEE4OEQzNkI3QTM1MDU2 NjFFNTRDOTgyOEFBOURFRDdFMUE1M0MxN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCxESbst+XGILofCHsvWZg7cWqdsJRhzVGlyGX5wDpzpOY/mhJh ZKo/CFp1O/7YUD6mOieltCJVYdyCFtICPrMd+WsBBzZONfdJXmPcgq9B3q13BLCU Pf+3cMSh7qj9p7ICmAXAdyLw0imX84P2T9BgF+78RikgbBxZ3tu7Mw/dsiKW5VXK NpkkdEbi5rb/1VYbsz6/leCM95HsZBBo1VMSb9EmNOcdzQDpLlIumPLreg30PnxR DninBuFPMkDd0PkUHGs/o7LtZC7W0A5uQqjj1RDSoc7eT7A7/1Xq7LGTTJuxV7RS vV5GUy14nCrLzt1pP9fxTgR9Tm7QYOjCdP5vAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUqI02t6NQVmHlTJgoqp3tfhpTwXwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3FJMDJ0Nk5RVm1IbFRK Z29xcDN0ZmhwVHdYdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3TAwDQYJKoZIhvcNAQELBQADggEBADAXuYBeQUtZ+Hs+R2pKEYjF7UhJMyRz 1a5iOUgpGrITFE/nc1TStP2QFsSYyiKU7ugAfTUj6qI/rn0NUb8PZ8ApnNblYM0Y Iq4hhwdIHcH9jE3irVI8KfGLkRE5yRUm5PR5dhborzuOqbZFds8XiauDvNa0yab7 fQQE/sdC8fIWNZSR+NyeTvRQWLswTn+68H/BxQyUSI7BepHvnskZDsGsUyN3rvVM bR6g6JrTkDBB8u9vewLkmYIqKbwCLLYmYSTcwsDxNczdN7qlwsZyoWpoZ/c7xRjU MW3kTjTZs8of/ne8WW+5kerRJFVmRfHjMEs5naZy5qqfw6qG1QlbpmU= -----END CERTIFICATE-----Generated at Fri Nov 22 17:36:48 2024 by rpki-client on console-ams.rpki-client.org