$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/uPbKJhtV3-s3AeFXjw9SZXlgXQI.roa File: uPbKJhtV3-s3AeFXjw9SZXlgXQI.roa (raw, json) Hash identifier: GRCJxEqFM54dmHXXDBg/vni53y1tACEzypTqxoyEkXQ= Subject key identifier: B8:F6:CA:26:1B:55:DF:EB:37:01:E1:57:8F:0F:52:65:79:60:5D:02 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1554 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/uPbKJhtV3-s3AeFXjw9SZXlgXQI.roa Signing time: Wed 11 Sep 2024 03:59:24 +0000 ROA not before: Wed 11 Sep 2024 03:59:24 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.25.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5460 (0x1554) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:59:24 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=B8F6CA261B55DFEB3701E1578F0F526579605D02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8a:95:22:ae:42:a2:15:e4:2b:41:94:87:6a: 3b:fe:d2:c2:da:b7:22:68:f5:6f:d3:7e:19:cf:cc: 16:23:c9:50:3a:f0:8d:85:6b:a6:34:d4:63:1a:f9: a1:fc:4b:38:bd:46:95:3f:6d:e9:f0:f1:39:39:be: 9c:c7:2e:8c:70:50:29:62:35:97:6c:25:56:aa:c6: e2:18:b8:19:e3:3b:89:7d:b0:c0:6d:4e:68:cd:5f: 16:68:a3:f5:d9:ed:2d:29:d6:46:5e:53:31:f2:59: be:e3:39:e7:40:7a:27:87:ea:61:41:e1:9f:d9:09: ce:60:8e:05:c6:a6:43:4d:1e:e3:8d:1a:56:97:2b: 25:df:4d:25:ef:8d:86:c0:e2:54:75:8f:b7:5a:6a: 76:6d:87:84:84:e2:2f:d1:ce:19:24:c7:67:c8:b1: d2:d5:25:45:7c:4a:b8:d0:ba:6f:9c:2b:63:e7:aa: f0:3e:89:a7:5e:22:da:32:f3:d2:b8:5a:93:24:4e: 33:8b:2b:c3:d1:a7:a2:73:84:e6:52:1e:ed:b4:f7: 41:56:48:e3:af:c1:8d:48:82:08:50:1f:74:d3:3e: d1:da:c2:d8:c5:42:48:a9:33:f2:5d:2f:fb:ac:0e: 58:18:93:00:e5:78:57:c3:5e:40:38:ed:22:b5:98: 10:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:F6:CA:26:1B:55:DF:EB:37:01:E1:57:8F:0F:52:65:79:60:5D:02 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/uPbKJhtV3-s3AeFXjw9SZXlgXQI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.25.0/24 Signature Algorithm: sha256WithRSAEncryption 06:79:f9:e0:0c:78:67:13:14:fd:3a:d0:34:53:48:ab:16:57: 41:95:d2:37:ae:0b:16:64:25:bf:94:2a:5e:93:13:de:10:00: a0:15:81:f1:e1:5e:9e:2c:6d:5b:6b:69:77:1e:66:e4:07:73: 94:a7:0e:f9:41:09:e4:0a:e9:1b:99:00:03:0c:01:5b:0b:89: 60:46:11:f2:41:7d:7c:bc:95:34:85:0c:52:e5:76:c1:00:a2: 1d:f7:bb:e6:14:06:a3:ec:81:cc:c4:5d:cb:c4:5d:32:71:f7: 85:9f:91:51:55:ab:72:e8:75:36:78:05:a1:00:74:6c:30:a2: e9:b1:b0:02:99:da:64:6f:db:b8:00:64:ba:f5:b7:87:c9:97: 74:11:a6:cc:5a:60:88:ea:5c:82:01:bf:88:95:6e:f5:24:68: 83:4e:47:ae:f0:1f:3b:b3:35:a6:68:9b:25:86:ce:f8:6c:00: 04:e8:a0:75:75:b5:6a:d5:e4:b5:ab:97:b6:c0:00:95:4a:53: 75:1e:52:9b:62:2c:f5:54:49:5f:01:be:bf:75:28:97:ae:6a: 73:a7:b2:01:54:a5:3b:1a:2a:fc:d6:ed:28:bc:ab:c2:92:eb: cf:b5:15:dc:e5:af:4b:22:a4:f7:79:ef:41:30:12:e7:9c:79: 89:d1:2c:16 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFVQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU5MjRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEI4RjZDQTI2MUI1NURG RUIzNzAxRTE1NzhGMEY1MjY1Nzk2MDVEMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC2ipUirkKiFeQrQZSHajv+0sLatyJo9W/TfhnPzBYjyVA68I2F a6Y01GMa+aH8Szi9RpU/benw8Tk5vpzHLoxwUCliNZdsJVaqxuIYuBnjO4l9sMBt TmjNXxZoo/XZ7S0p1kZeUzHyWb7jOedAeieH6mFB4Z/ZCc5gjgXGpkNNHuONGlaX KyXfTSXvjYbA4lR1j7daanZth4SE4i/Rzhkkx2fIsdLVJUV8SrjQum+cK2PnqvA+ iadeItoy89K4WpMkTjOLK8PRp6JzhOZSHu2090FWSOOvwY1IgghQH3TTPtHawtjF QkipM/JdL/usDlgYkwDleFfDXkA47SK1mBD5AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUuPbKJhtV3+s3AeFXjw9SZXlgXQIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3VQYktKaHRWMy1zM0Fl RlhqdzlTWlhsZ1hRSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RkwDQYJKoZIhvcNAQELBQADggEBAAZ5+eAMeGcTFP060DRTSKsWV0GV0jeu CxZkJb+UKl6TE94QAKAVgfHhXp4sbVtraXceZuQHc5SnDvlBCeQK6RuZAAMMAVsL iWBGEfJBfXy8lTSFDFLldsEAoh33u+YUBqPsgczEXcvEXTJx94WfkVFVq3LodTZ4 BaEAdGwwoumxsAKZ2mRv27gAZLr1t4fJl3QRpsxaYIjqXIIBv4iVbvUkaINOR67w HzuzNaZomyWGzvhsAATooHV1tWrV5LWrl7bAAJVKU3UeUptiLPVUSV8Bvr91KJeu anOnsgFUpTsaKvzW7Si8q8KS68+1Fdzlr0sipPd570EwEueceYnRLBY= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:47 2024 by rpki-client on console-ams.rpki-client.org