$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/UYKj6w8oc00gF7JMZ0EwSFtcBi0.roa File: UYKj6w8oc00gF7JMZ0EwSFtcBi0.roa (raw, json) Hash identifier: iPF47oq2G1H6nraaho7yTyXLa2vk3+qJjR/kxpbRaFY= Subject key identifier: 51:82:A3:EB:0F:28:73:4D:20:17:B2:4C:67:41:30:48:5B:5C:06:2D Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B8C Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/UYKj6w8oc00gF7JMZ0EwSFtcBi0.roa Signing time: Thu 21 Nov 2024 09:32:19 +0000 ROA not before: Thu 21 Nov 2024 09:32:19 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 7018 IP address blocks: 103.236.232.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 16:56:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7052 (0x1b8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:19 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=5182A3EB0F28734D2017B24C674130485B5C062D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8d:c1:d0:fb:d8:3e:e0:57:b8:2a:15:b5:10: 7a:94:68:4f:7e:c5:13:49:33:d9:b7:ee:1d:92:4c: 8d:05:94:03:fd:0f:2c:4e:00:23:f5:3e:6a:fd:45: 1c:06:70:32:07:5e:23:1a:0d:3c:63:d2:7c:94:83: 76:d9:ea:5f:ed:cd:92:9c:ea:16:a8:25:75:4e:6e: d9:af:e8:27:5c:b8:71:33:21:e7:3d:7c:b9:fc:95: 46:0a:aa:0b:69:c5:bd:72:7b:23:da:68:14:42:52: b8:bb:97:81:8f:b1:45:05:fa:be:a6:ba:2c:6c:b3: 10:47:df:39:00:48:f9:9a:2e:67:89:45:28:69:cb: f1:04:b4:3d:f1:8d:24:91:ef:ac:4e:97:f1:38:13: c3:ea:64:32:54:05:d1:6a:6c:bd:f9:3a:c8:57:f2: 73:1c:33:ee:f1:b6:3b:c9:da:34:8c:d0:85:e8:60: 6b:a9:08:c5:17:15:f7:86:d0:16:63:4f:1d:b8:46: 1b:19:26:fd:14:c7:66:5b:3e:0f:cb:28:6a:f9:40: 24:c1:dd:fd:ea:6d:46:c3:90:69:1b:72:a7:cc:9b: 55:23:2f:37:3a:28:03:b1:87:ed:0a:84:ce:4c:97: e8:be:cb:a8:8a:91:90:d7:97:76:c6:81:82:0b:d4: 8b:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:82:A3:EB:0F:28:73:4D:20:17:B2:4C:67:41:30:48:5B:5C:06:2D X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/UYKj6w8oc00gF7JMZ0EwSFtcBi0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.236.232.0/22 Signature Algorithm: sha256WithRSAEncryption 3a:30:70:9b:a9:70:59:2f:4b:73:f1:91:a2:5b:0a:01:c5:36: c5:7d:c0:8c:3c:fd:85:f6:87:ec:3d:72:bb:45:02:99:6b:17: 15:74:79:6b:3b:ed:e7:73:72:d6:b6:dc:2f:82:72:74:1f:0b: b8:8e:67:55:fb:26:aa:9d:53:3d:d8:f9:3c:ae:ea:ae:dd:8e: 23:f3:cd:c4:2a:c2:54:53:3a:4f:f1:bd:2b:9f:77:fc:27:93: 86:96:55:03:d9:b6:ff:e0:8f:2f:a4:e4:94:99:82:14:58:d9: e4:78:dd:1a:df:79:38:3c:fa:72:81:5d:4a:f4:75:11:89:d7: ab:d2:ae:d9:88:6b:c7:52:d2:04:fd:b2:97:9e:fe:e4:d0:9b: d8:99:b9:4f:23:1c:9b:6f:1f:b0:0c:ce:8b:9f:eb:de:00:58: 54:61:8e:c2:7b:3b:63:b5:5a:cb:a8:d6:7d:6f:d6:cb:49:08: 2a:e6:4f:bc:e3:a0:42:43:d8:20:67:55:47:92:9a:94:c8:0e: 13:5e:53:c3:bb:3b:31:75:1b:43:2b:f8:0d:c5:fc:1f:16:5f: 1a:6f:3c:05:9e:90:8b:27:0b:5e:84:b5:5f:d0:14:83:4e:49: ee:aa:38:52:23:b0:c6:43:aa:b6:62:ec:1a:49:8d:db:05:2f: 3d:f9:bb:d3 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMTlaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUxODJBM0VCMEYyODcz NEQyMDE3QjI0QzY3NDEzMDQ4NUI1QzA2MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDCjcHQ+9g+4Fe4KhW1EHqUaE9+xRNJM9m37h2STI0FlAP9DyxO ACP1Pmr9RRwGcDIHXiMaDTxj0nyUg3bZ6l/tzZKc6haoJXVObtmv6CdcuHEzIec9 fLn8lUYKqgtpxb1yeyPaaBRCUri7l4GPsUUF+r6muixssxBH3zkASPmaLmeJRShp y/EEtD3xjSSR76xOl/E4E8PqZDJUBdFqbL35OshX8nMcM+7xtjvJ2jSM0IXoYGup CMUXFfeG0BZjTx24RhsZJv0Ux2ZbPg/LKGr5QCTB3f3qbUbDkGkbcqfMm1UjLzc6 KAOxh+0KhM5Ml+i+y6iKkZDXl3bGgYIL1IszAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUUYKj6w8oc00gF7JMZ0EwSFtcBi0wHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL1VZS2o2dzhvYzAwZ0Y3 Sk1aMEV3U0Z0Y0JpMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn7OgwDQYJKoZIhvcNAQELBQADggEBADowcJupcFkvS3PxkaJbCgHFNsV9wIw8 /YX2h+w9crtFAplrFxV0eWs77edzcta23C+CcnQfC7iOZ1X7JqqdUz3Y+Tyu6q7d jiPzzcQqwlRTOk/xvSufd/wnk4aWVQPZtv/gjy+k5JSZghRY2eR43RrfeTg8+nKB XUr0dRGJ16vSrtmIa8dS0gT9spee/uTQm9iZuU8jHJtvH7AMzouf694AWFRhjsJ7 O2O1Wsuo1n1v1stJCCrmT7zjoEJD2CBnVUeSmpTIDhNeU8O7OzF1G0Mr+A3F/B8W XxpvPAWekIsnC16EtV/QFINOSe6qOFIjsMZDqrZi7BpJjdsFLz35u9M= -----END CERTIFICATE-----Generated at Sun Feb 16 15:29:52 2025 by rpki-client