$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/o3f2ejIWmEWnRAGwgEWEkjU2mZw.roa File: o3f2ejIWmEWnRAGwgEWEkjU2mZw.roa (raw, json) Hash identifier: 4YWEoF5J33LWnQsLz2wIgxd0EMSlrQAvAmrnsiiM1yM= Subject key identifier: A3:77:F6:7A:32:16:98:45:A7:44:01:B0:80:45:84:92:35:36:99:9C Certificate issuer: /CN=FFADC8DD61366CD84D99521B638380E8B502E6E4 Certificate serial: 115D Authority key identifier: FF:AD:C8:DD:61:36:6C:D8:4D:99:52:1B:63:83:80:E8:B5:02:E6:E4 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_63I3WE2bNhNmVIbY4OA6LUC5uQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/o3f2ejIWmEWnRAGwgEWEkjU2mZw.roa Signing time: Fri 15 Nov 2024 09:13:18 +0000 ROA not before: Fri 15 Nov 2024 09:13:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 63199 IP address blocks: 139.159.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/_63I3WE2bNhNmVIbY4OA6LUC5uQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/_63I3WE2bNhNmVIbY4OA6LUC5uQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_63I3WE2bNhNmVIbY4OA6LUC5uQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 08:54:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4445 (0x115d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=FFADC8DD61366CD84D99521B638380E8B502E6E4 Validity Not Before: Nov 15 09:13:18 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=A377F67A32169845A74401B0804584923536999C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ad:4b:0c:2c:9f:a5:35:59:ab:ac:f1:e2:34: 02:48:3b:5e:a1:a4:91:75:31:9f:2c:a1:13:e4:33: d1:3e:71:a5:c4:2f:f5:06:1c:b7:39:46:df:fb:96: 5a:79:b2:67:54:29:73:fd:f8:eb:23:7f:eb:dd:b2: 5f:84:06:af:a5:9a:ee:be:b7:84:de:4e:25:2d:fb: 22:65:df:fd:1f:1d:9f:25:b8:3a:85:c6:d9:9d:90: c5:7d:af:a6:4b:d3:21:98:cd:67:27:2e:fc:5d:72: 86:91:b3:2a:b5:0d:da:a1:57:43:0f:4a:2a:d6:19: 82:d3:64:35:da:89:d7:00:c4:a9:36:a9:6a:80:93: a1:30:c1:cb:a0:7c:52:60:79:47:21:1a:25:d0:b8: 7d:2e:e6:34:09:65:be:5b:aa:e3:cf:a6:94:0b:6e: e6:8c:9e:60:ae:22:0b:b3:b8:7b:31:bc:a4:98:ab: 8f:43:1b:61:4b:2e:93:d5:37:b9:30:f8:06:c9:e6: 88:ec:a2:0f:17:49:15:99:3a:5f:bc:15:2b:18:8e: e8:68:a4:91:b5:74:ac:5d:68:38:10:66:07:87:39: 35:31:8d:11:cd:53:17:dd:5e:e5:b8:c0:6f:26:e6: b0:27:3f:d1:07:e9:5b:d8:d1:6a:05:86:a8:c0:8a: fa:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:77:F6:7A:32:16:98:45:A7:44:01:B0:80:45:84:92:35:36:99:9C X509v3 Authority Key Identifier: keyid:FF:AD:C8:DD:61:36:6C:D8:4D:99:52:1B:63:83:80:E8:B5:02:E6:E4 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/_63I3WE2bNhNmVIbY4OA6LUC5uQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/_63I3WE2bNhNmVIbY4OA6LUC5uQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/o3f2ejIWmEWnRAGwgEWEkjU2mZw.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 139.159.51.0/24 Signature Algorithm: sha256WithRSAEncryption b1:51:fc:cc:50:1b:a2:73:63:12:bc:97:84:c4:55:47:77:d2: 99:81:37:28:a5:56:7e:23:bc:ba:f3:6e:02:52:f6:63:a3:47: ce:89:6a:b8:65:f4:3e:ac:04:da:a3:c3:0c:b3:85:00:54:93: 9a:19:8b:a0:55:18:91:17:e2:82:a6:a6:08:3f:61:a4:05:a7: ea:85:ad:9d:4c:38:61:1d:02:e4:92:e4:70:ce:c8:ff:ee:a9: 0d:1f:be:15:c0:20:1a:8c:cf:63:3c:9f:05:1a:9b:ad:e8:bd: 7a:e6:0e:12:c6:62:ad:66:bc:84:69:d1:32:3c:86:d1:4a:83: f2:77:b0:8c:cc:0a:ef:54:d0:3c:78:57:7c:79:34:63:4f:9f: a2:60:a7:fd:81:96:02:f7:2a:f2:87:45:84:a7:b9:02:c4:6f: 4b:84:c9:04:33:ad:1b:af:e0:71:b0:bd:1a:7f:52:3e:c4:05: d5:d0:7f:c4:f5:6d:76:02:2f:d1:25:01:51:b4:87:c6:c9:78: d2:22:1b:fd:f0:82:1b:68:ae:99:ba:c9:b5:25:53:e2:a3:f1: 8c:66:c3:a0:2b:bf:7c:98:3c:49:87:8a:e4:ee:35:99:06:0e: 6e:f4:3d:3f:10:6e:24:ca:3f:12:de:58:64:39:6e:84:b8:23: 78:05:a3:60 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkZB REM4REQ2MTM2NkNEODREOTk1MjFCNjM4MzgwRThCNTAyRTZFNDAeFw0yNDExMTUw OTEzMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEEzNzdGNjdBMzIxNjk4 NDVBNzQ0MDFCMDgwNDU4NDkyMzUzNjk5OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1rUsMLJ+lNVmrrPHiNAJIO16hpJF1MZ8soRPkM9E+caXEL/UG HLc5Rt/7llp5smdUKXP9+Osjf+vdsl+EBq+lmu6+t4TeTiUt+yJl3/0fHZ8luDqF xtmdkMV9r6ZL0yGYzWcnLvxdcoaRsyq1DdqhV0MPSirWGYLTZDXaidcAxKk2qWqA k6EwwcugfFJgeUchGiXQuH0u5jQJZb5bquPPppQLbuaMnmCuIguzuHsxvKSYq49D G2FLLpPVN7kw+AbJ5ojsog8XSRWZOl+8FSsYjuhopJG1dKxdaDgQZgeHOTUxjRHN UxfdXuW4wG8m5rAnP9EH6VvY0WoFhqjAivpPAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUo3f2ejIWmEWnRAGwgEWEkjU2mZwwHwYDVR0jBBgwFoAU/63I3WE2bNhNmVIb Y4OA6LUC5uQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 L182M0kzV0UyYk5oTm1WSWJZNE9BNkxVQzV1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvXzYzSTNXRTJiTmhObVZJYlk0T0E2TFVDNXVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0L28zZjJlaklXbUVXblJB R3dnRVdFa2pVMm1ady5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACLnzMwDQYJKoZIhvcNAQELBQADggEBALFR/MxQG6JzYxK8l4TEVUd30pmBNyil Vn4jvLrzbgJS9mOjR86Jarhl9D6sBNqjwwyzhQBUk5oZi6BVGJEX4oKmpgg/YaQF p+qFrZ1MOGEdAuSS5HDOyP/uqQ0fvhXAIBqMz2M8nwUam63ovXrmDhLGYq1mvIRp 0TI8htFKg/J3sIzMCu9U0Dx4V3x5NGNPn6Jgp/2BlgL3KvKHRYSnuQLEb0uEyQQz rRuv4HGwvRp/Uj7EBdXQf8T1bXYCL9ElAVG0h8bJeNIiG/3wghtorpm6ybUlU+Kj 8Yxmw6Arv3yYPEmHiuTuNZkGDm70PT8QbiTKPxLeWGQ5boS4I3gFo2A= -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:36 2024 by rpki-client on console-fra.rpki-client.org