$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/ysBb3LDvdjhqyzNnMr2Wc4Vl0iI.roa File: ysBb3LDvdjhqyzNnMr2Wc4Vl0iI.roa (raw, json) Hash identifier: Sp5WqxtbP5VBFw11+83rV1lZd1llOS5XUitKVQDXm0c= Subject key identifier: CA:C0:5B:DC:B0:EF:76:38:6A:CB:33:67:32:BD:96:73:85:65:D2:22 Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1461 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ysBb3LDvdjhqyzNnMr2Wc4Vl0iI.roa Signing time: Wed 11 Sep 2024 02:23:14 +0000 ROA not before: Wed 11 Sep 2024 02:23:14 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 138527 IP address blocks: 103.198.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5217 (0x1461) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:14 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CAC05BDCB0EF76386ACB336732BD96738565D222 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:8d:dc:d5:e3:fb:32:fa:85:ad:b0:bd:5a:b0: b5:af:90:89:91:2a:91:21:bc:a3:08:38:1d:6b:90: ad:cb:a6:72:6c:41:91:db:6e:85:df:92:19:25:b8: fe:6c:0c:d9:b8:cd:a8:d1:02:08:23:a4:b5:d9:82: 27:38:08:70:f1:9a:29:42:d2:b4:89:b5:80:17:b1: a9:d9:0b:5e:5d:52:fd:42:93:9b:d4:6d:e3:46:9c: 74:b3:1f:98:00:d9:0c:11:90:57:56:3e:d3:10:71: 3d:86:60:f1:32:c9:2a:1d:51:7c:d2:b1:90:e0:60: 69:01:3b:dc:7a:b6:da:22:32:2d:09:90:7f:15:6a: 11:9a:d0:70:44:0a:3b:f1:42:98:ae:58:6c:8e:07: 57:8c:7e:c6:9a:47:c0:ad:4c:09:ae:a3:51:72:7e: b3:0b:55:dc:98:49:55:9d:35:7c:b3:32:ad:b5:60: e9:f6:e2:01:3c:5a:87:ed:70:e1:0f:50:8f:68:3a: 4e:84:ef:d2:97:29:57:c9:71:05:5a:96:da:01:15: 95:7a:56:cf:1f:1d:31:03:c5:73:1f:8d:9c:d2:03: 8f:55:de:17:d1:a9:e8:82:cc:fa:94:09:97:4e:d9: 49:36:e1:9a:e0:50:3b:b8:f1:8f:39:06:06:e4:1c: cd:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:C0:5B:DC:B0:EF:76:38:6A:CB:33:67:32:BD:96:73:85:65:D2:22 X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/ysBb3LDvdjhqyzNnMr2Wc4Vl0iI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.198.240.0/22 Signature Algorithm: sha256WithRSAEncryption b3:29:4c:31:9a:b9:cb:ca:d7:f1:df:3a:df:aa:76:3c:b4:42: a4:20:ac:dc:69:67:e7:44:89:e3:46:c0:d5:9b:61:1e:1b:30: e9:a9:4a:37:cf:ce:7b:49:82:2d:47:5a:bb:9a:36:42:23:ae: 5c:3a:4c:ea:90:f9:a9:ec:3d:b3:71:6f:67:4d:7c:30:d2:88: 45:78:20:a3:06:22:f3:cc:aa:e8:16:81:ab:b1:49:2a:24:ba: f8:7b:88:7e:bf:a1:f0:7c:8a:77:e0:20:65:f0:78:97:7a:cb: e8:03:dc:73:4e:79:0f:fc:c0:6c:78:b1:2c:b1:8b:3e:f7:c7: 76:f0:6a:70:d4:35:8c:b9:52:e7:b9:18:99:e3:22:61:3f:0f: e3:f1:1f:13:05:11:03:5d:95:45:94:74:e0:8a:c0:75:69:a6: d7:ce:6f:4a:50:25:e5:87:18:75:21:ad:ad:2d:11:54:9f:3d: 98:42:39:a9:92:49:37:61:d7:71:29:fe:85:f9:30:24:0f:ab: 5f:47:a2:85:8e:59:da:2c:6e:a7:e9:c3:1f:e8:d8:8e:34:a4: cc:c5:50:51:bb:01:60:ea:60:b0:be:8b:f9:18:5d:79:cf:ff: c1:46:d3:76:f1:5d:29:e9:c3:60:af:44:ab:11:f1:6b:77:23: e7:d1:05:60 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFGEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENBQzA1QkRDQjBFRjc2 Mzg2QUNCMzM2NzMyQkQ5NjczODU2NUQyMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDPjdzV4/sy+oWtsL1asLWvkImRKpEhvKMIOB1rkK3LpnJsQZHb boXfkhkluP5sDNm4zajRAggjpLXZgic4CHDxmilC0rSJtYAXsanZC15dUv1Ck5vU beNGnHSzH5gA2QwRkFdWPtMQcT2GYPEyySodUXzSsZDgYGkBO9x6ttoiMi0JkH8V ahGa0HBECjvxQpiuWGyOB1eMfsaaR8CtTAmuo1FyfrMLVdyYSVWdNXyzMq21YOn2 4gE8WoftcOEPUI9oOk6E79KXKVfJcQValtoBFZV6Vs8fHTEDxXMfjZzSA49V3hfR qeiCzPqUCZdO2Uk24ZrgUDu48Y85BgbkHM1ZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUysBb3LDvdjhqyzNnMr2Wc4Vl0iIwHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L3lzQmIzTER2ZGpocXl6 Tm5NcjJXYzRWbDBpSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnxvAwDQYJKoZIhvcNAQELBQADggEBALMpTDGaucvK1/HfOt+qdjy0QqQgrNxp Z+dEieNGwNWbYR4bMOmpSjfPzntJgi1HWruaNkIjrlw6TOqQ+ansPbNxb2dNfDDS iEV4IKMGIvPMqugWgauxSSokuvh7iH6/ofB8infgIGXweJd6y+gD3HNOeQ/8wGx4 sSyxiz73x3bwanDUNYy5Uue5GJnjImE/D+PxHxMFEQNdlUWUdOCKwHVpptfOb0pQ JeWHGHUhra0tEVSfPZhCOamSSTdh13Ep/oX5MCQPq19HooWOWdosbqfpwx/o2I40 pMzFUFG7AWDqYLC+i/kYXXnP/8FG03bxXSnpw2CvRKsR8Wt3I+fRBWA= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org