$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/sCLd0PX5RMQ-lJbMXtm1-jzIuvE.roa File: sCLd0PX5RMQ-lJbMXtm1-jzIuvE.roa (raw, json) Hash identifier: EofVaVZ7pDXk5E0KPgMT/55GwPvgwq311dRS8riuvQU= Subject key identifier: B0:22:DD:D0:F5:F9:44:C4:3E:94:96:CC:5E:D9:B5:FA:3C:C8:BA:F1 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 153F Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sCLd0PX5RMQ-lJbMXtm1-jzIuvE.roa Signing time: Wed 11 Sep 2024 03:57:56 +0000 ROA not before: Wed 11 Sep 2024 03:57:56 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.220.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5439 (0x153f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:57:56 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B022DDD0F5F944C43E9496CC5ED9B5FA3CC8BAF1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:9b:a2:e9:e3:60:48:7d:44:74:9a:78:29:70: c0:fc:48:90:30:71:8d:c5:f1:0c:26:ae:c6:a4:00: 30:7e:3c:58:bd:4f:3b:f2:14:b2:fb:97:f6:ae:6b: 06:df:96:8f:c2:5a:f8:d6:90:90:5e:1c:7a:06:84: 86:a4:f6:79:3b:ab:a2:55:05:a5:93:e0:a4:cb:cd: 45:a7:9b:ae:5e:14:84:87:ee:0b:3c:a9:c0:56:67: 08:2d:c0:db:9f:4f:87:8c:83:d1:b9:14:d2:af:51: 5f:73:5e:25:7e:ea:e1:f0:df:60:bc:57:42:04:a1: 72:04:d1:1a:dc:0c:99:2b:e0:e6:99:ab:de:22:81: d2:fe:1f:77:60:df:88:72:59:c2:29:77:be:3d:ce: 95:08:35:e3:22:17:72:45:bf:9f:03:e3:49:52:56: d1:8b:9b:a5:6f:05:41:21:5e:b6:b6:0d:94:a4:d4: c6:73:f2:00:0b:b9:c2:05:06:14:6b:bc:de:21:3f: 43:bb:5f:12:aa:21:41:88:68:ee:44:cd:8f:db:59: 01:0d:b3:e1:e1:c9:df:c8:e7:bd:dd:d6:0f:f8:ef: aa:10:96:a2:b6:ff:e8:51:3b:06:7f:5e:e9:08:0a: 7c:f4:24:92:99:74:24:56:f5:d4:78:f9:ce:0c:3e: 8b:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:22:DD:D0:F5:F9:44:C4:3E:94:96:CC:5E:D9:B5:FA:3C:C8:BA:F1 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/sCLd0PX5RMQ-lJbMXtm1-jzIuvE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.220.253.0/24 Signature Algorithm: sha256WithRSAEncryption 86:ea:0b:26:b3:ea:a8:c4:17:72:06:e4:3e:38:07:e7:b3:5d: 38:6a:d4:cb:c6:ab:cd:df:2e:64:2c:eb:76:01:04:35:8a:cd: eb:4c:7c:7d:d6:eb:b5:a8:86:3b:51:a7:16:b5:03:65:7c:10: b3:07:cb:a4:ab:19:bd:a6:e9:5b:61:9b:43:3e:2a:4d:f6:1f: 0d:52:e8:2d:11:58:31:9e:e6:17:2c:0a:73:b5:22:3d:e4:57: 44:f9:b8:1c:4b:f6:12:71:c2:8f:e5:03:1a:04:5e:4f:25:6a: 00:2e:2a:f1:fb:f9:86:4a:55:2d:04:76:05:26:28:9e:e0:85: 90:c2:da:62:26:13:1d:5d:3c:3f:ae:b9:23:e8:7f:00:ce:31: f3:19:a6:1a:b7:4a:10:48:0d:c0:44:ec:13:28:a0:63:42:63: 69:cc:07:3a:41:fb:36:72:dd:4c:31:67:b8:47:c8:f6:bc:5d: b4:95:68:4d:9f:a6:56:a2:a0:e3:c6:43:48:0d:cf:bf:be:98: 23:b5:1f:74:55:14:7a:10:1a:e8:38:40:30:1a:ea:0d:b8:52: 97:1f:44:a0:98:0c:32:8a:17:1d:da:60:72:e3:41:7d:92:b5: 1e:e0:d3:98:54:29:fa:00:b2:bd:8b:27:54:05:01:f6:c1:91: ab:c0:b8:fb -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFT8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU3NTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEIwMjJEREQwRjVGOTQ0 QzQzRTk0OTZDQzVFRDlCNUZBM0NDOEJBRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDLm6Lp42BIfUR0mngpcMD8SJAwcY3F8QwmrsakADB+PFi9Tzvy FLL7l/auawbflo/CWvjWkJBeHHoGhIak9nk7q6JVBaWT4KTLzUWnm65eFISH7gs8 qcBWZwgtwNufT4eMg9G5FNKvUV9zXiV+6uHw32C8V0IEoXIE0RrcDJkr4OaZq94i gdL+H3dg34hyWcIpd749zpUINeMiF3JFv58D40lSVtGLm6VvBUEhXra2DZSk1MZz 8gALucIFBhRrvN4hP0O7XxKqIUGIaO5EzY/bWQENs+Hhyd/I573d1g/476oQlqK2 /+hROwZ/XukICnz0JJKZdCRW9dR4+c4MPouFAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUsCLd0PX5RMQ+lJbMXtm1+jzIuvEwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3NDTGQwUFg1Uk1RLWxK Yk1YdG0xLWp6SXV2RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3P0wDQYJKoZIhvcNAQELBQADggEBAIbqCyaz6qjEF3IG5D44B+ezXThq1MvG q83fLmQs63YBBDWKzetMfH3W67WohjtRpxa1A2V8ELMHy6SrGb2m6Vthm0M+Kk32 Hw1S6C0RWDGe5hcsCnO1Ij3kV0T5uBxL9hJxwo/lAxoEXk8lagAuKvH7+YZKVS0E dgUmKJ7ghZDC2mImEx1dPD+uuSPofwDOMfMZphq3ShBIDcBE7BMooGNCY2nMBzpB +zZy3UwxZ7hHyPa8XbSVaE2fplaioOPGQ0gNz7++mCO1H3RVFHoQGug4QDAa6g24 UpcfRKCYDDKKFx3aYHLjQX2StR7g05hUKfoAsr2LJ1QFAfbBkavAuPs= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:47 2024 by rpki-client on console-ams.rpki-client.org