$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/Ip4wiMjQf7PPNiBUkcw-7E5cBM0.roa File: Ip4wiMjQf7PPNiBUkcw-7E5cBM0.roa (raw, json) Hash identifier: msr8Ocw28cNSQMRzLr1Lsc6EpxVgFXiyiQFHQUtLtc8= Subject key identifier: 22:9E:30:88:C8:D0:7F:B3:CF:36:20:54:91:CC:3E:EC:4E:5C:04:CD Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B8F Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/Ip4wiMjQf7PPNiBUkcw-7E5cBM0.roa Signing time: Thu 21 Nov 2024 09:32:20 +0000 ROA not before: Thu 21 Nov 2024 09:32:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 103.203.100.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7055 (0x1b8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:20 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=229E3088C8D07FB3CF36205491CC3EEC4E5C04CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:63:d3:40:94:ff:6a:c5:8c:10:0f:52:c9:fe: 4e:bb:93:a5:dc:9e:c9:ad:a1:19:3c:cd:1d:f7:08: 28:0c:7d:1f:d1:1b:4f:f6:5d:2a:84:ef:02:5d:36: 37:5b:b2:20:8a:8b:d5:88:38:89:c7:57:19:8a:bc: 15:c3:89:8b:7f:24:e0:80:2e:41:6c:7d:ca:5e:3d: 54:0b:69:06:da:bc:8d:fd:09:00:6c:74:2d:11:39: ab:35:fc:46:84:90:c1:ee:88:7d:cd:30:ce:eb:e8: 34:d9:d1:e7:7d:42:7e:2b:1b:e8:14:ad:fa:9f:c9: bd:c9:6f:72:e9:b8:4f:72:5f:15:91:b8:c9:05:3e: 36:03:08:b6:f1:a6:45:a5:09:e5:76:87:fb:e5:d8: 9d:88:e8:c0:b7:b9:48:73:0e:9a:1e:a2:57:32:13: 09:2d:b2:8b:2a:37:16:03:fd:7f:a7:8b:27:e2:af: f5:86:aa:a6:84:e5:76:19:05:a4:34:96:46:36:b0: 76:98:e5:ef:9d:a8:d0:d4:5a:18:cb:ba:e9:65:ea: c8:c8:4d:d4:1e:54:12:b8:a0:2c:37:8f:98:8b:ed: fa:cd:1b:b9:86:01:59:cd:27:cf:bb:8f:ed:31:0b: 51:fd:98:e9:da:ee:b8:87:de:19:32:85:5e:7b:16: 68:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:9E:30:88:C8:D0:7F:B3:CF:36:20:54:91:CC:3E:EC:4E:5C:04:CD X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/Ip4wiMjQf7PPNiBUkcw-7E5cBM0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.203.100.0/22 Signature Algorithm: sha256WithRSAEncryption 6e:c8:64:b5:93:c0:2d:86:af:26:2b:b9:c9:df:2c:68:e8:e3: a4:d1:a5:73:86:41:f8:f7:68:c5:be:fb:83:9c:b4:89:dd:e9: e6:3c:ad:5b:7c:e5:da:fa:73:2c:18:98:56:35:9c:c0:ff:5b: c9:b5:b3:de:5e:77:09:68:1a:4f:94:74:45:a2:79:1d:26:24: 72:38:1e:73:9a:23:53:45:56:bd:84:ff:98:c8:f1:4b:bf:bf: 55:98:2f:84:a4:bb:2f:18:50:a2:16:71:8f:b7:57:32:83:82: 73:1e:aa:27:cc:1c:8e:64:43:da:63:de:e8:a6:e3:a2:fe:ec: ac:33:03:be:3e:35:c6:df:b1:99:61:75:a2:8d:54:19:9f:86: 37:71:03:38:0b:5d:5c:ab:8a:6d:f1:58:74:93:3e:7d:a6:5b: 92:0d:93:4d:a2:c7:37:c7:34:f2:b8:13:6d:9d:b2:83:8b:5d: 7d:1b:80:c3:46:49:02:25:09:3f:fd:3c:90:d4:10:4f:f2:d3: 80:84:53:fd:d2:3d:10:3c:9b:f6:3a:70:9b:dd:89:70:aa:f0: 82:b3:3d:49:d2:65:b8:15:b1:8e:43:90:66:bb:b6:a5:ba:eb: 6f:31:0b:38:49:54:7b:86:d8:66:c1:7a:6e:e2:2e:26:ab:38: f3:28:84:20 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG48wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIyOUUzMDg4QzhEMDdG QjNDRjM2MjA1NDkxQ0MzRUVDNEU1QzA0Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCXY9NAlP9qxYwQD1LJ/k67k6XcnsmtoRk8zR33CCgMfR/RG0/2 XSqE7wJdNjdbsiCKi9WIOInHVxmKvBXDiYt/JOCALkFsfcpePVQLaQbavI39CQBs dC0ROas1/EaEkMHuiH3NMM7r6DTZ0ed9Qn4rG+gUrfqfyb3Jb3LpuE9yXxWRuMkF PjYDCLbxpkWlCeV2h/vl2J2I6MC3uUhzDpoeolcyEwktsosqNxYD/X+niyfir/WG qqaE5XYZBaQ0lkY2sHaY5e+dqNDUWhjLuull6sjITdQeVBK4oCw3j5iL7frNG7mG AVnNJ8+7j+0xC1H9mOna7riH3hkyhV57FmiNAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUIp4wiMjQf7PPNiBUkcw+7E5cBM0wHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL0lwNHdpTWpRZjdQUE5p QlVrY3ctN0U1Y0JNMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJny2QwDQYJKoZIhvcNAQELBQADggEBAG7IZLWTwC2GryYrucnfLGjo46TRpXOG Qfj3aMW++4OctInd6eY8rVt85dr6cywYmFY1nMD/W8m1s95edwloGk+UdEWieR0m JHI4HnOaI1NFVr2E/5jI8Uu/v1WYL4Skuy8YUKIWcY+3VzKDgnMeqifMHI5kQ9pj 3uim46L+7KwzA74+NcbfsZlhdaKNVBmfhjdxAzgLXVyrim3xWHSTPn2mW5INk02i xzfHNPK4E22dsoOLXX0bgMNGSQIlCT/9PJDUEE/y04CEU/3SPRA8m/Y6cJvdiXCq 8IKzPUnSZbgVsY5DkGa7tqW6628xCzhJVHuG2GbBem7iLiarOPMohCA= -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:13 2024 by rpki-client on console-ams.rpki-client.org