$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/t3T7IA66m3LVZtqI5BAOOXiZ1Aw.roa File: t3T7IA66m3LVZtqI5BAOOXiZ1Aw.roa (raw, json) Hash identifier: UenNPs4ViEYZWgJD+4ll2lJe14tI051kLcDU7ajGroc= Subject key identifier: B7:74:FB:20:0E:BA:9B:72:D5:66:DA:88:E4:10:0E:39:78:99:D4:0C Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 151A Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/t3T7IA66m3LVZtqI5BAOOXiZ1Aw.roa Signing time: Wed 11 Sep 2024 02:30:08 +0000 ROA not before: Wed 11 Sep 2024 02:30:08 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5402 (0x151a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:30:08 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B774FB200EBA9B72D566DA88E4100E397899D40C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:8a:d7:da:8d:be:25:39:2a:25:89:9e:32:dd: 4b:cf:b3:b5:48:3c:69:f2:1f:99:76:dc:ec:3d:59: cb:c2:66:ba:8b:54:eb:f1:3f:2d:da:58:15:fd:5f: 14:c5:55:f3:ad:dc:85:3b:1a:2c:92:0f:f8:2a:54: c8:e6:e5:34:8d:8a:67:b8:5e:d5:9a:e7:67:11:0e: a5:05:ab:3a:03:04:f8:90:68:03:11:fd:95:e5:d0: 6e:b7:54:3d:ec:ae:c7:ad:b8:b1:67:0c:a6:c6:08: 95:eb:62:21:87:16:10:13:3c:fd:6f:e6:10:9d:39: 77:19:38:fd:ff:22:14:75:3a:e3:d3:23:95:a1:31: 62:4d:a2:83:e7:51:66:1c:74:ae:09:00:86:2e:95: 88:09:b6:4a:27:fc:4c:50:f0:09:5b:e5:0c:88:2f: 2b:2f:d9:57:77:df:fa:e0:e9:cd:a0:f4:07:c3:9f: 77:38:07:0d:c4:08:4e:43:66:98:d0:03:cd:67:5b: 81:5e:40:dc:c0:ee:ae:84:a4:e2:e3:15:d5:73:0d: af:64:d6:69:8f:58:4d:2b:3a:cc:ca:2e:3e:65:4b: 10:ef:96:06:84:5c:f8:7e:0f:07:03:e6:85:c8:7e: 7c:53:56:00:d2:fd:13:89:ef:78:79:c1:b8:c3:3d: 15:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:74:FB:20:0E:BA:9B:72:D5:66:DA:88:E4:10:0E:39:78:99:D4:0C X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/t3T7IA66m3LVZtqI5BAOOXiZ1Aw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.95.0/24 Signature Algorithm: sha256WithRSAEncryption 6b:ba:c4:b7:2b:73:97:24:de:34:ad:d4:69:b8:54:20:ee:03: d6:db:ca:09:32:4c:d0:ce:90:cf:99:a3:6d:a0:ff:5d:ff:00: db:e6:4a:48:06:1a:c8:df:fb:cc:d6:b2:b4:a0:0c:bd:f4:a0: bc:51:90:2c:65:13:1b:46:43:2b:1c:04:4a:c7:e8:13:b7:40: 04:bb:65:78:09:12:9e:7d:ef:3f:a5:cf:35:00:28:1a:a1:53: 6c:f5:ff:ad:a6:7d:3c:74:fd:b7:68:0c:33:a2:05:2e:a3:5c: a3:44:76:c4:88:f2:de:71:33:65:f3:01:56:6e:b8:7d:16:6f: fb:13:d6:17:73:aa:e7:28:78:bf:71:8e:cd:68:07:50:3d:0f: d8:4f:cc:c0:a6:a9:28:c8:d6:ef:5e:92:9f:59:c3:b8:c0:80: 72:ef:ad:35:e3:af:b2:5e:7e:84:98:b0:8a:e9:57:6c:04:e8: ba:08:b5:24:c8:86:12:c6:5d:02:1d:6f:72:06:32:f9:12:b1: b6:74:a8:2e:c5:12:14:c8:67:1f:57:b5:91:50:3a:38:27:04: c4:e4:54:4b:36:e8:b6:05:e0:29:4e:9a:c8:01:b8:71:8d:a3: 85:ad:f6:19:54:6a:22:50:66:bd:ed:84:b2:48:a8:cd:a0:3e: 0a:18:4a:f5 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFRowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjMwMDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI3NzRGQjIwMEVCQTlC NzJENTY2REE4OEU0MTAwRTM5Nzg5OUQ0MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDkitfajb4lOSoliZ4y3UvPs7VIPGnyH5l23Ow9WcvCZrqLVOvx Py3aWBX9XxTFVfOt3IU7GiySD/gqVMjm5TSNime4XtWa52cRDqUFqzoDBPiQaAMR /ZXl0G63VD3srsetuLFnDKbGCJXrYiGHFhATPP1v5hCdOXcZOP3/IhR1OuPTI5Wh MWJNooPnUWYcdK4JAIYulYgJtkon/ExQ8Alb5QyILysv2Vd33/rg6c2g9AfDn3c4 Bw3ECE5DZpjQA81nW4FeQNzA7q6EpOLjFdVzDa9k1mmPWE0rOszKLj5lSxDvlgaE XPh+DwcD5oXIfnxTVgDS/ROJ73h5wbjDPRWfAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUt3T7IA66m3LVZtqI5BAOOXiZ1AwwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3QzVDdJQTY2bTNMVlp0 cUk1QkFPT1hpWjFBdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3V8wDQYJKoZIhvcNAQELBQADggEBAGu6xLcrc5ck3jSt1Gm4VCDuA9bbygky TNDOkM+Zo22g/13/ANvmSkgGGsjf+8zWsrSgDL30oLxRkCxlExtGQyscBErH6BO3 QAS7ZXgJEp597z+lzzUAKBqhU2z1/62mfTx0/bdoDDOiBS6jXKNEdsSI8t5xM2Xz AVZuuH0Wb/sT1hdzqucoeL9xjs1oB1A9D9hPzMCmqSjI1u9ekp9Zw7jAgHLvrTXj r7JefoSYsIrpV2wE6LoItSTIhhLGXQIdb3IGMvkSsbZ0qC7FEhTIZx9XtZFQOjgn BMTkVEs26LYF4ClOmsgBuHGNo4Wt9hlUaiJQZr3thLJIqM2gPgoYSvU= -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:43 2024 by rpki-client on console-fra.rpki-client.org