$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/yoVFpgkw3WPg8PvGSSJy-FDxNoI.roa File: yoVFpgkw3WPg8PvGSSJy-FDxNoI.roa (raw, json) Hash identifier: LdkxDd/j1X+2qNahwyPkPTskeoACZGtsFn1lEnchIXQ= Subject key identifier: CA:85:45:A6:09:30:DD:63:E0:F0:FB:C6:49:22:72:F8:50:F1:36:82 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1544 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yoVFpgkw3WPg8PvGSSJy-FDxNoI.roa Signing time: Wed 11 Sep 2024 03:59:19 +0000 ROA not before: Wed 11 Sep 2024 03:59:19 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.17.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5444 (0x1544) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 03:59:19 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CA8545A60930DD63E0F0FBC6492272F850F13682 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:f1:2e:a1:96:8e:67:41:70:cd:e5:df:69:b9: 6c:93:fc:fa:f4:82:d9:cf:c8:70:86:70:3a:a3:a4: 05:0b:58:e0:8c:78:cf:66:a3:80:e5:56:2c:4c:51: ee:fa:16:f3:07:aa:24:39:bd:0f:bf:3a:c7:b9:e3: 89:5a:26:af:f0:58:3d:d1:84:2d:f5:4f:c4:b3:a5: 99:13:20:24:39:4d:46:e2:63:f1:e9:40:33:e1:80: d9:62:90:56:df:31:01:5f:1c:28:a6:a8:aa:87:7d: a4:22:88:16:45:bf:6b:9c:37:0f:67:17:e6:02:fc: 37:24:56:0f:87:aa:55:de:c4:a5:10:36:b0:d9:b9: 29:b7:47:7c:79:49:16:48:f8:74:e7:5e:39:d9:aa: 30:0f:73:c7:6f:63:95:1f:67:4c:7b:66:99:37:c8: 43:43:c5:ad:e6:b6:36:0d:9d:2f:4f:00:f9:d0:0d: 8d:58:37:b2:4a:d5:ab:e3:20:fa:d0:81:0c:92:fb: 0d:56:63:8f:d5:01:69:1c:14:3e:77:41:54:d1:5b: 9c:8b:ec:79:2e:6c:32:c8:2f:2f:d8:1d:3f:b8:f9: 9a:ec:63:c3:b6:f0:6c:8d:09:fc:e5:6d:e0:94:f0: f2:d2:6d:f3:9d:83:b7:91:9d:f9:ea:44:df:71:ab: 7f:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:85:45:A6:09:30:DD:63:E0:F0:FB:C6:49:22:72:F8:50:F1:36:82 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/yoVFpgkw3WPg8PvGSSJy-FDxNoI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.17.0/24 Signature Algorithm: sha256WithRSAEncryption 29:d8:0c:ee:c7:97:91:e6:8f:8d:f8:af:8e:82:99:c8:0e:51: 38:54:1a:9b:30:30:42:bc:a2:bd:58:ad:2f:ef:8a:c7:60:80: 6b:d5:d9:08:8e:dd:d7:33:9b:b2:a3:55:fe:66:b2:94:b4:75: d2:92:fb:2f:1a:31:a4:09:66:89:b2:04:97:0b:2e:5b:77:0f: d4:d6:0f:7e:eb:a2:76:94:ce:92:f4:46:90:36:65:d8:58:99: 5e:27:43:d4:f5:fc:57:f3:09:29:97:34:97:99:8b:b8:6c:ec: 94:07:70:75:94:17:c2:64:b8:91:09:8f:83:38:68:01:1f:17: f6:c1:dd:2f:78:ca:f4:28:01:6d:c2:77:41:3d:3d:dc:6f:5c: a4:6d:47:a3:b4:be:27:31:30:90:e5:50:be:8a:31:c0:56:c4: 49:1b:4e:1b:67:d8:0a:8f:42:11:4a:a9:c6:b1:23:d2:fc:9f: 8f:5a:76:52:88:ac:df:5a:06:fc:79:be:0b:53:d3:c8:c7:98: b1:1f:67:9b:98:df:49:8c:2e:26:0a:27:fd:a1:9b:1a:6e:a4: 9b:0a:1c:14:88:84:dd:4c:44:a8:f1:94:ee:4c:1c:ee:cd:d3: 28:e9:25:2f:51:d5:bc:55:4a:09:92:04:61:d3:05:16:f9:fd: e2:63:28:22 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MzU5MTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBODU0NUE2MDkzMERE NjNFMEYwRkJDNjQ5MjI3MkY4NTBGMTM2ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDp8S6hlo5nQXDN5d9puWyT/Pr0gtnPyHCGcDqjpAULWOCMeM9m o4DlVixMUe76FvMHqiQ5vQ+/Ose544laJq/wWD3RhC31T8SzpZkTICQ5TUbiY/Hp QDPhgNlikFbfMQFfHCimqKqHfaQiiBZFv2ucNw9nF+YC/DckVg+HqlXexKUQNrDZ uSm3R3x5SRZI+HTnXjnZqjAPc8dvY5UfZ0x7Zpk3yENDxa3mtjYNnS9PAPnQDY1Y N7JK1avjIPrQgQyS+w1WY4/VAWkcFD53QVTRW5yL7HkubDLILy/YHT+4+ZrsY8O2 8GyNCfzlbeCU8PLSbfOdg7eRnfnqRN9xq3+BAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUyoVFpgkw3WPg8PvGSSJy+FDxNoIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3lvVkZwZ2t3M1dQZzhQ dkdTU0p5LUZEeE5vSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3REwDQYJKoZIhvcNAQELBQADggEBACnYDO7Hl5Hmj434r46CmcgOUThUGpsw MEK8or1YrS/visdggGvV2QiO3dczm7KjVf5mspS0ddKS+y8aMaQJZomyBJcLLlt3 D9TWD37ronaUzpL0RpA2ZdhYmV4nQ9T1/FfzCSmXNJeZi7hs7JQHcHWUF8JkuJEJ j4M4aAEfF/bB3S94yvQoAW3Cd0E9PdxvXKRtR6O0vicxMJDlUL6KMcBWxEkbThtn 2AqPQhFKqcaxI9L8n49adlKIrN9aBvx5vgtT08jHmLEfZ5uY30mMLiYKJ/2hmxpu pJsKHBSIhN1MRKjxlO5MHO7N0yjpJS9R1bxVSgmSBGHTBRb5/eJjKCI= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:47 2024 by rpki-client on console-ams.rpki-client.org