$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/x9L5mK_iLxY70QIZC5Sd_r2HeqA.roa File: x9L5mK_iLxY70QIZC5Sd_r2HeqA.roa (raw, json) Hash identifier: bQrz7CVygqu718dgeNhHeWSkTzY5+WPeZYvZnNSynSg= Subject key identifier: C7:D2:F9:98:AF:E2:2F:16:3B:D1:02:19:0B:94:9D:FE:BD:87:7A:A0 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1509 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/x9L5mK_iLxY70QIZC5Sd_r2HeqA.roa Signing time: Wed 11 Sep 2024 02:27:33 +0000 ROA not before: Wed 11 Sep 2024 02:27:33 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 13444 IP address blocks: 103.221.25.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 18:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5385 (0x1509) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:27:33 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=C7D2F998AFE22F163BD102190B949DFEBD877AA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ea:31:46:e5:17:b6:d4:d4:63:63:47:7f:c2: 76:6d:5e:58:e9:4f:ab:43:58:a9:e1:5a:4f:f9:52: d4:01:75:3b:b8:74:55:d3:26:e6:fe:67:51:51:71: 1a:cb:ad:62:5e:ed:bc:6d:f9:9f:5a:87:46:93:b1: 6a:87:99:d9:04:2b:d6:53:4b:ee:18:1e:a4:dd:96: 4f:1f:41:d0:aa:8e:20:38:69:94:b0:93:12:08:d9: 86:b1:eb:18:ae:43:e2:2c:a7:ed:aa:62:37:2d:f2: f9:b4:a0:0d:84:91:4f:6e:6b:2a:d7:2d:1a:f2:0e: 84:4f:4d:a2:54:12:71:6d:1b:1f:15:8c:96:66:99: 21:1a:78:f2:55:ef:b0:fb:3c:02:4a:d9:15:31:a5: 1d:f3:83:37:89:7b:b7:bc:56:62:f1:b5:74:fe:44: 20:8a:d7:cf:cb:82:ab:e6:f4:6b:21:04:29:27:83: cb:e2:ff:fc:e1:31:ed:18:cc:a0:cb:b9:3b:42:f6: 60:15:14:d3:5c:9c:f0:52:88:ca:2b:8c:52:ee:d2: 1a:dc:80:7c:e5:e0:0b:68:e4:40:b1:57:2a:41:9f: a2:70:45:73:2e:e1:1d:7e:9a:b1:37:42:69:85:82: cf:fb:9c:f1:52:cd:d1:39:8c:e5:0a:e4:12:49:53: 9e:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:D2:F9:98:AF:E2:2F:16:3B:D1:02:19:0B:94:9D:FE:BD:87:7A:A0 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/x9L5mK_iLxY70QIZC5Sd_r2HeqA.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.25.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:28:4c:14:e1:92:9a:e8:d6:13:f0:d2:61:4a:db:de:ac:a4: 6e:78:1d:4e:20:c1:e7:b8:0f:53:12:5b:5c:b2:5f:b7:34:53: 4f:db:fc:0e:f5:31:7c:21:4b:87:12:3b:f2:01:1c:fc:e0:6f: 8f:47:82:f7:a2:72:f7:c5:c1:27:c6:2b:7e:a9:0d:f0:eb:2a: 5a:0c:59:68:8a:b7:d5:af:20:7c:c8:2c:1d:1f:b0:c6:55:19: 8a:0c:92:80:80:71:ae:85:f0:ab:2b:b3:ef:39:7e:f3:5f:58: 52:91:a9:7b:4c:40:28:40:0a:0c:71:58:f3:c6:eb:2b:ae:3c: fd:43:f3:2c:a5:d5:b9:e1:79:0d:19:55:45:d8:25:e4:72:5b: 73:38:d9:8c:99:e9:4f:da:06:46:5a:4f:5a:ac:d5:bd:de:fd: 0b:ea:46:91:93:02:77:39:00:99:23:b0:8e:d6:21:b7:1d:98: 36:c4:dc:41:c4:1e:be:45:8c:e9:2c:23:4c:e7:87:ce:d9:ea: 4f:ce:ce:17:fd:cf:42:17:94:2c:f1:b7:84:81:60:28:dd:f0: 68:4d:a8:38:31:a1:42:cc:80:67:20:cb:a5:da:3f:99:9d:b8: 6e:22:cc:de:dd:82:2b:80:a1:d4:1d:89:b6:e6:9d:37:89:d5: c5:e2:4c:a9 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjI3MzNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3RDJGOTk4QUZFMjJG MTYzQkQxMDIxOTBCOTQ5REZFQkQ4NzdBQTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDI6jFG5Re21NRjY0d/wnZtXljpT6tDWKnhWk/5UtQBdTu4dFXT Jub+Z1FRcRrLrWJe7bxt+Z9ah0aTsWqHmdkEK9ZTS+4YHqTdlk8fQdCqjiA4aZSw kxII2Yax6xiuQ+Isp+2qYjct8vm0oA2EkU9uayrXLRryDoRPTaJUEnFtGx8VjJZm mSEaePJV77D7PAJK2RUxpR3zgzeJe7e8VmLxtXT+RCCK18/Lgqvm9GshBCkng8vi //zhMe0YzKDLuTtC9mAVFNNcnPBSiMorjFLu0hrcgHzl4Ato5ECxVypBn6JwRXMu 4R1+mrE3QmmFgs/7nPFSzdE5jOUK5BJJU57VAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUx9L5mK/iLxY70QIZC5Sd/r2HeqAwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3g5TDVtS19pTHhZNzBR SVpDNVNkX3IySGVxQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3RkwDQYJKoZIhvcNAQELBQADggEBAEsoTBThkpro1hPw0mFK296spG54HU4g wee4D1MSW1yyX7c0U0/b/A71MXwhS4cSO/IBHPzgb49HgveicvfFwSfGK36pDfDr KloMWWiKt9WvIHzILB0fsMZVGYoMkoCAca6F8Ksrs+85fvNfWFKRqXtMQChACgxx WPPG6yuuPP1D8yyl1bnheQ0ZVUXYJeRyW3M42YyZ6U/aBkZaT1qs1b3e/QvqRpGT Anc5AJkjsI7WIbcdmDbE3EHEHr5FjOksI0znh87Z6k/Ozhf9z0IXlCzxt4SBYCjd 8GhNqDgxoULMgGcgy6XaP5mduG4izN7dgiuAodQdibbmnTeJ1cXiTKk= -----END CERTIFICATE-----Generated at Fri Nov 22 18:01:43 2024 by rpki-client on console-fra.rpki-client.org