$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/qkljyAI-ZFXMvJEOV19HGy0uZvI.roa File: qkljyAI-ZFXMvJEOV19HGy0uZvI.roa (raw, json) Hash identifier: DVdyTkLDU2dxIfEeB/Ix9twzwwS6yrZXB9D4zi/miTY= Subject key identifier: AA:49:63:C8:02:3E:64:55:CC:BC:91:0E:57:5F:47:1B:2D:2E:66:F2 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1548 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/qkljyAI-ZFXMvJEOV19HGy0uZvI.roa Signing time: Wed 11 Sep 2024 03:59:20 +0000 ROA not before: Wed 11 Sep 2024 03:59:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5448 (0x1548) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:59:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=AA4963C8023E6455CCBC910E575F471B2D2E66F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:6b:c7:d6:c1:d8:5a:3f:71:eb:a6:47:6c:d6: af:fc:58:58:dc:5f:a6:9b:64:e1:c7:0e:d0:a1:1a: 1c:e3:0d:43:24:77:b9:fe:f4:d2:b3:64:62:2b:cf: a6:e2:a0:16:b2:df:31:5e:33:0a:98:1c:b7:8f:12: 3e:e9:e2:49:d3:3d:da:7c:49:49:d3:9d:41:11:59: 71:6d:0a:7e:b7:ce:2f:ea:40:99:67:dc:6f:78:b6: 39:01:af:6e:13:3a:e8:d5:8a:bb:8d:2d:92:56:8a: 07:83:c9:31:f3:dc:77:ce:38:d9:04:84:00:ab:96: 33:34:cd:f4:95:f7:d3:3c:32:8b:fd:a4:11:37:58: 56:2a:ce:63:ab:8c:18:92:0d:26:c0:ed:05:60:34: 4e:d6:3c:aa:e3:84:32:13:b1:d1:a2:2b:f2:a1:65: 63:67:03:f3:7d:71:bf:72:54:cd:e0:51:92:47:c1: 94:cf:73:53:b8:11:98:9f:e3:fb:90:d9:0e:c2:eb: f4:2e:5b:5c:97:a5:7b:c2:eb:14:bb:0c:ea:ab:0c: be:86:3d:6a:fa:86:d6:11:15:35:63:51:fd:6b:a4: 3c:6f:a8:c9:49:d0:44:61:b9:4a:27:88:bd:16:46: 9f:07:d5:e3:ad:d7:0b:8d:33:04:e1:a6:8e:a7:93: e2:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:49:63:C8:02:3E:64:55:CC:BC:91:0E:57:5F:47:1B:2D:2E:66:F2 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/qkljyAI-ZFXMvJEOV19HGy0uZvI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.14.0/24 Signature Algorithm: sha256WithRSAEncryption 88:5b:52:bb:d8:94:93:1c:31:a1:b4:a0:80:6b:da:1a:91:1d: 57:5f:32:d2:94:07:31:9d:2f:20:b7:d8:17:37:66:30:e8:29: 57:cc:a3:0b:c1:56:50:91:36:41:66:3d:0a:04:f3:7b:49:6d: f4:70:0f:f3:64:57:3c:f9:6a:95:e7:f2:f4:52:43:75:30:46: ed:bc:d8:af:71:9d:74:3e:53:41:41:6b:dd:7b:47:0d:d4:45: a4:ce:60:11:05:16:f8:b9:78:30:57:b4:f2:0c:47:72:3d:78: 23:9d:d1:a9:a5:4b:2f:4f:b6:ef:23:59:c6:f0:0b:d5:f6:1d: 19:5a:56:14:64:ba:ad:a5:31:eb:f9:45:fa:33:e6:0a:17:69: 13:ae:f4:5e:cc:67:98:eb:51:c1:33:86:8e:36:38:e2:cc:47: 45:a8:ff:5b:ee:2f:52:92:ae:89:f4:53:10:e7:45:69:3a:bb: d5:3e:75:0d:fe:ec:a2:57:28:11:b3:53:f5:59:a6:b1:c3:e2: 98:fd:e3:cf:14:e5:48:4b:37:f4:50:28:2a:64:85:e7:cd:84: f6:2c:79:bd:a6:c2:2c:14:a9:60:de:45:77:af:c6:d3:2c:d0: 1f:2a:ac:ae:ac:30:1c:7f:df:01:04:45:95:ff:7e:22:4c:20: 07:c9:fb:d4 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFUgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU5MjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFBNDk2M0M4MDIzRTY0 NTVDQ0JDOTEwRTU3NUY0NzFCMkQyRTY2RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIa8fWwdhaP3Hrpkds1q/8WFjcX6abZOHHDtChGhzjDUMkd7n+ 9NKzZGIrz6bioBay3zFeMwqYHLePEj7p4knTPdp8SUnTnUERWXFtCn63zi/qQJln 3G94tjkBr24TOujViruNLZJWigeDyTHz3HfOONkEhACrljM0zfSV99M8Mov9pBE3 WFYqzmOrjBiSDSbA7QVgNE7WPKrjhDITsdGiK/KhZWNnA/N9cb9yVM3gUZJHwZTP c1O4EZif4/uQ2Q7C6/QuW1yXpXvC6xS7DOqrDL6GPWr6htYRFTVjUf1rpDxvqMlJ 0ERhuUoniL0WRp8H1eOt1wuNMwThpo6nk+LzAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUqkljyAI+ZFXMvJEOV19HGy0uZvIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3FrbGp5QUktWkZYTXZK RU9WMTlIR3kwdVp2SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3Q4wDQYJKoZIhvcNAQELBQADggEBAIhbUrvYlJMcMaG0oIBr2hqRHVdfMtKU BzGdLyC32Bc3ZjDoKVfMowvBVlCRNkFmPQoE83tJbfRwD/NkVzz5apXn8vRSQ3Uw Ru282K9xnXQ+U0FBa917Rw3URaTOYBEFFvi5eDBXtPIMR3I9eCOd0amlSy9Ptu8j WcbwC9X2HRlaVhRkuq2lMev5Rfoz5goXaROu9F7MZ5jrUcEzho42OOLMR0Wo/1vu L1KSron0UxDnRWk6u9U+dQ3+7KJXKBGzU/VZprHD4pj9488U5UhLN/RQKCpkhefN hPYseb2mwiwUqWDeRXevxtMs0B8qrK6sMBx/3wEERZX/fiJMIAfJ+9Q= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org