$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/PpUXGNPslCX0qyKJDnCSMSpzKwo.roa File: PpUXGNPslCX0qyKJDnCSMSpzKwo.roa (raw, json) Hash identifier: oluQaDkOyQXq2mFek2GyoUcx+6m7hZXDULeRxcmBAv4= Subject key identifier: 3E:95:17:18:D3:EC:94:25:F4:AB:22:89:0E:70:92:31:2A:73:2B:0A Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B8B Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/PpUXGNPslCX0qyKJDnCSMSpzKwo.roa Signing time: Thu 21 Nov 2024 09:32:19 +0000 ROA not before: Thu 21 Nov 2024 09:32:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 103.236.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7051 (0x1b8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:19 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=3E951718D3EC9425F4AB22890E7092312A732B0A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:44:d0:90:73:d9:b4:c6:ab:40:4f:07:a2:fd: a6:b1:ea:f3:1f:7c:46:b6:26:a8:4c:aa:5f:25:86: 8b:18:63:0b:fd:87:a1:07:91:90:e8:0a:d0:03:4e: 0e:4d:95:b7:35:e9:e2:9f:b2:69:a2:ad:da:24:5a: ce:3f:09:82:be:95:4d:57:6c:0b:bf:8b:e9:61:4d: 40:5c:f9:87:9e:68:6e:be:de:f1:17:69:46:a0:70: bc:67:59:58:69:b7:27:0f:8d:58:f5:8b:f8:d0:e0: c1:91:d4:d2:a1:36:0f:22:02:aa:e3:fb:98:16:2f: e0:94:07:67:b3:8b:97:61:84:f6:69:60:a2:75:f9: 64:7c:5d:cb:aa:3e:b9:44:4c:52:8c:60:76:d6:c9: 42:6e:c2:91:f2:95:8e:5d:2b:19:6f:6e:46:77:94: d8:4d:80:42:c5:aa:3a:83:f3:96:9c:28:82:c7:10: a0:be:c2:1c:b2:d6:21:28:77:ad:9d:d0:90:58:a5: 8f:0d:1a:7b:87:0f:54:28:be:01:71:cb:2b:b8:fc: fa:6f:5a:29:7e:e8:5f:01:ed:e2:f2:d0:68:0d:8e: 1e:17:01:c4:e7:5d:3e:69:5f:1e:bb:ba:60:d8:45: 9c:92:f7:a0:5f:7c:85:28:47:49:01:8b:b0:c3:5f: 8d:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:95:17:18:D3:EC:94:25:F4:AB:22:89:0E:70:92:31:2A:73:2B:0A X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/PpUXGNPslCX0qyKJDnCSMSpzKwo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.232.0/22 Signature Algorithm: sha256WithRSAEncryption 39:72:3a:df:d0:c6:00:4d:d0:94:67:9f:70:5d:f2:3d:5a:24: b5:69:bc:5d:a4:17:c0:3a:63:3a:dc:36:c9:d9:9b:58:12:c8: 03:a4:2c:e0:b9:22:0c:6b:f8:0a:63:ff:26:9a:52:32:12:54: bf:e0:19:32:d5:aa:ad:f7:61:84:67:1f:a1:40:57:c5:ae:76: 9b:9a:c6:c3:ef:2e:31:1b:19:f3:d8:ba:ca:a5:86:e5:db:a5: da:a2:bd:eb:52:36:ab:a9:e8:32:5c:6c:a7:9d:8b:83:9e:90: 55:52:0a:7c:13:0c:bc:82:07:cf:93:24:c5:a3:0c:6e:00:9a: 61:d8:79:3d:ba:ab:89:85:cd:78:f1:99:f3:c6:1f:6a:f8:0a: dc:d7:d5:47:d8:7f:49:b0:84:0b:2e:19:e9:ea:68:21:14:7b: 0a:1e:78:37:cc:a6:7c:c8:b4:df:f1:71:46:de:3d:71:e0:3e: 6c:e4:f6:0e:46:88:b4:f3:3d:ba:f0:26:68:a6:87:3e:60:91: 96:c9:16:f5:67:6d:6f:74:72:1f:bf:88:f9:fe:c7:66:08:a6: 4a:29:60:ee:f7:40:79:97:f8:96:56:50:af:06:40:91:c3:35: 87:18:16:d9:1c:3f:40:f1:be:d7:22:72:91:e8:ad:a0:0c:fb: f5:4a:e0:7f -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDNFOTUxNzE4RDNFQzk0 MjVGNEFCMjI4OTBFNzA5MjMxMkE3MzJCMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCiRNCQc9m0xqtATwei/aax6vMffEa2JqhMql8lhosYYwv9h6EH kZDoCtADTg5Nlbc16eKfsmmirdokWs4/CYK+lU1XbAu/i+lhTUBc+YeeaG6+3vEX aUagcLxnWVhptycPjVj1i/jQ4MGR1NKhNg8iAqrj+5gWL+CUB2ezi5dhhPZpYKJ1 +WR8XcuqPrlETFKMYHbWyUJuwpHylY5dKxlvbkZ3lNhNgELFqjqD85acKILHEKC+ whyy1iEod62d0JBYpY8NGnuHD1QovgFxyyu4/PpvWil+6F8B7eLy0GgNjh4XAcTn XT5pXx67umDYRZyS96BffIUoR0kBi7DDX417AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUPpUXGNPslCX0qyKJDnCSMSpzKwowHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL1BwVVhHTlBzbENYMHF5 S0pEbkNTTVNwekt3by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7OgwDQYJKoZIhvcNAQELBQADggEBADlyOt/QxgBN0JRnn3Bd8j1aJLVpvF2k F8A6YzrcNsnZm1gSyAOkLOC5Igxr+Apj/yaaUjISVL/gGTLVqq33YYRnH6FAV8Wu dpuaxsPvLjEbGfPYusqlhuXbpdqivetSNqup6DJcbKedi4OekFVSCnwTDLyCB8+T JMWjDG4AmmHYeT26q4mFzXjxmfPGH2r4CtzX1UfYf0mwhAsuGenqaCEUewoeeDfM pnzItN/xcUbePXHgPmzk9g5GiLTzPbrwJmimhz5gkZbJFvVnbW90ch+/iPn+x2YI pkopYO73QHmX+JZWUK8GQJHDNYcYFtkcP0DxvtcicpHoraAM+/VK4H8= -----END CERTIFICATE-----Generated at Fri Nov 22 06:38:13 2024 by rpki-client on console-ams.rpki-client.org