$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/H_sNX_9y0kZwIsnVLsMAQMfkEY4.roa File: H_sNX_9y0kZwIsnVLsMAQMfkEY4.roa (raw, json) Hash identifier: GWcksK6asZuMaUGmBzZsX8kdmEWGv0Vp3NDA4bcb4qE= Subject key identifier: 1F:FB:0D:5F:FF:72:D2:46:70:22:C9:D5:2E:C3:00:40:C7:E4:11:8E Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B90 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/H_sNX_9y0kZwIsnVLsMAQMfkEY4.roa Signing time: Thu 21 Nov 2024 09:32:20 +0000 ROA not before: Thu 21 Nov 2024 09:32:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 7018 IP address blocks: 103.203.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 16:56:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7056 (0x1b90) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:20 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=1FFB0D5FFF72D2467022C9D52EC30040C7E4118E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e7:78:eb:47:87:07:17:c4:75:12:2a:45:84: 57:0a:78:c0:ff:59:0d:52:8d:14:3a:77:96:4b:75: e7:ea:f2:13:5d:70:b7:77:35:19:50:34:7e:73:b9: e2:75:8c:f1:dd:c9:0a:f1:40:22:ed:b6:02:d5:8c: 63:2b:0d:8a:61:18:54:68:f5:b3:4d:6d:8f:cf:4b: 4e:17:16:09:7e:ae:14:89:6b:5d:50:1a:f8:53:60: 0b:24:5f:18:55:02:bc:89:8c:60:c3:1f:c1:15:09: 1b:a3:a0:66:ee:bf:33:69:4e:d6:83:fb:f9:61:83: 54:2e:e7:00:87:f8:c7:5d:2a:89:28:27:16:5b:cb: 7f:6c:2d:d7:aa:f3:1c:a0:17:37:20:80:6d:79:e2: c0:1a:3e:3e:88:bd:09:79:08:45:b1:55:d3:fe:55: db:f6:63:ee:a4:59:60:ca:fc:cb:a9:72:2b:bf:f1: 7f:20:7b:64:17:39:06:7f:bd:bc:ae:90:26:5d:18: 24:97:f7:40:c5:c5:70:d1:26:0d:d3:f7:32:a5:10: dd:16:35:6b:06:46:cc:aa:a8:81:98:13:6a:e3:24: 38:fb:0c:2d:52:3d:09:3e:5b:58:63:6b:19:50:fd: 0e:cc:cd:e4:42:7f:48:83:51:2d:1e:51:62:e8:50: 33:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:FB:0D:5F:FF:72:D2:46:70:22:C9:D5:2E:C3:00:40:C7:E4:11:8E X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/H_sNX_9y0kZwIsnVLsMAQMfkEY4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.203.100.0/22 Signature Algorithm: sha256WithRSAEncryption 29:48:0f:c0:d6:aa:f6:42:ad:38:83:40:59:98:7d:28:67:53: da:46:8a:8f:98:23:ea:c7:01:1d:8e:96:67:7f:8f:bd:a5:58: 65:3e:83:ae:b3:b5:d5:27:d1:9e:59:aa:05:b0:76:12:dd:f9: 56:c5:5e:55:24:58:51:1f:82:e4:89:79:b6:96:5a:a2:9d:0a: fd:be:f2:22:18:7e:ed:91:0e:76:35:ff:07:ea:6b:2d:46:c3: ba:61:44:78:aa:1a:38:dc:f9:0b:2b:08:22:d3:f5:97:2e:3e: 6a:c8:ad:f0:e0:8b:60:87:68:d4:3d:da:c7:e3:97:6d:17:d8: fa:37:66:6a:c9:a1:35:8b:ab:09:c4:ce:be:68:e9:13:0a:5d: 13:6f:c4:ad:4e:80:57:e6:57:c2:ec:d1:26:65:3e:b7:88:4e: e4:0b:1a:f3:d4:71:22:cb:76:ac:ef:ad:24:94:0e:7f:7a:6e: c3:26:48:b1:2b:39:22:ff:cb:13:e7:11:50:5c:39:60:86:80: eb:95:59:3f:8c:5e:a2:5e:41:11:11:20:08:34:b1:3f:db:93: a3:39:54:b0:6c:66:df:01:8e:d1:dc:e4:06:d2:4f:b6:0a:15: a8:4c:5c:e8:e8:b1:75:8f:b0:b6:a6:72:54:25:22:69:bb:56: 11:78:73:0a -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG5AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDFGRkIwRDVGRkY3MkQy NDY3MDIyQzlENTJFQzMwMDQwQzdFNDExOEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC553jrR4cHF8R1EipFhFcKeMD/WQ1SjRQ6d5ZLdefq8hNdcLd3 NRlQNH5zueJ1jPHdyQrxQCLttgLVjGMrDYphGFRo9bNNbY/PS04XFgl+rhSJa11Q GvhTYAskXxhVAryJjGDDH8EVCRujoGbuvzNpTtaD+/lhg1Qu5wCH+MddKokoJxZb y39sLdeq8xygFzcggG154sAaPj6IvQl5CEWxVdP+Vdv2Y+6kWWDK/Mupciu/8X8g e2QXOQZ/vbyukCZdGCSX90DFxXDRJg3T9zKlEN0WNWsGRsyqqIGYE2rjJDj7DC1S PQk+W1hjaxlQ/Q7MzeRCf0iDUS0eUWLoUDOvAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUH/sNX/9y0kZwIsnVLsMAQMfkEY4wHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0hfc05YXzl5MGtad0lz blZMc01BUU1ma0VZNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJny2QwDQYJKoZIhvcNAQELBQADggEBAClID8DWqvZCrTiDQFmYfShnU9pGio+Y I+rHAR2Olmd/j72lWGU+g66ztdUn0Z5ZqgWwdhLd+VbFXlUkWFEfguSJebaWWqKd Cv2+8iIYfu2RDnY1/wfqay1Gw7phRHiqGjjc+QsrCCLT9ZcuPmrIrfDgi2CHaNQ9 2sfjl20X2Po3ZmrJoTWLqwnEzr5o6RMKXRNvxK1OgFfmV8Ls0SZlPreITuQLGvPU cSLLdqzvrSSUDn96bsMmSLErOSL/yxPnEVBcOWCGgOuVWT+MXqJeQRERIAg0sT/b k6M5VLBsZt8BjtHc5AbST7YKFahMXOjosXWPsLamclQlImm7VhF4cwo= -----END CERTIFICATE-----Generated at Sun Feb 16 15:26:29 2025 by rpki-client