$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/71/q3CYXHQMV0MNCWbS4KHiO7GTHLI.roa File: q3CYXHQMV0MNCWbS4KHiO7GTHLI.roa (raw, json) Hash identifier: BYck/hBXOHJzjkmGOnjFdLZHBBYbwce/KexJ2i2v1qM= Subject key identifier: AB:70:98:5C:74:0C:57:43:0D:09:66:D2:E0:A1:E2:3B:B1:93:1C:B2 Certificate issuer: /CN=706580629A7148E4B22189E7B91F146791116370 Certificate serial: 0CA6 Authority key identifier: 70:65:80:62:9A:71:48:E4:B2:21:89:E7:B9:1F:14:67:91:11:63:70 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/q3CYXHQMV0MNCWbS4KHiO7GTHLI.roa Signing time: Wed 13 Mar 2024 01:23:57 +0000 ROA not before: Wed 13 Mar 2024 01:23:57 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 63889 IP address blocks: 110.173.96.0/20 maxlen: 24 110.173.96.0/22 maxlen: 24 110.173.96.0/24 maxlen: 24 110.173.97.0/24 maxlen: 24 110.173.98.0/24 maxlen: 24 110.173.99.0/24 maxlen: 24 110.173.112.0/20 maxlen: 24 110.173.112.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/cGWAYppxSOSyIYnnuR8UZ5ERY3A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/cGWAYppxSOSyIYnnuR8UZ5ERY3A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 26 Jun 2024 17:59:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3238 (0xca6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=706580629A7148E4B22189E7B91F146791116370 Validity Not Before: Mar 13 01:23:57 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=AB70985C740C57430D0966D2E0A1E23BB1931CB2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d9:2e:e6:83:7b:5a:1f:c3:64:f1:e7:d5:14: 56:9f:63:df:4e:d1:46:38:d0:52:92:bf:d0:2c:fd: cd:22:12:e8:ae:8a:d6:b0:69:d2:e4:00:40:73:01: 3b:81:ab:7c:02:b5:24:f3:01:a2:d1:74:ed:d2:d0: dc:a7:27:33:7a:79:e7:eb:ab:0c:c2:a7:83:66:b2: 7a:25:cc:1a:bc:60:47:db:60:22:08:88:a8:13:c4: 2e:a5:8e:07:08:3b:7c:9e:9e:0c:98:92:f0:ac:98: fd:7a:2a:26:e6:76:3c:ca:f7:3c:d2:8b:e8:00:11: 13:56:b3:70:33:13:a2:cf:7c:1b:41:4f:18:3e:bf: 90:bd:cf:72:08:46:67:e1:f6:cb:be:1d:7a:c7:b1: 90:40:e5:bc:e4:47:f1:10:4b:bc:4f:c6:47:da:81: 9f:72:56:81:2f:b2:20:ef:ec:a0:58:bd:f0:b8:2c: 9e:60:35:90:be:89:68:6d:38:e6:e8:ca:68:56:5d: 09:83:5a:89:62:35:86:41:be:78:91:62:6d:e3:8b: fd:da:4e:ba:3a:84:cb:3c:40:7e:1b:d4:56:a8:05: 87:f7:03:ac:3d:75:f3:3e:6a:94:a3:a7:4f:4c:89: 47:50:6f:7f:14:6b:8a:93:05:8e:ed:a8:49:c4:c3: 5f:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:70:98:5C:74:0C:57:43:0D:09:66:D2:E0:A1:E2:3B:B1:93:1C:B2 X509v3 Authority Key Identifier: keyid:70:65:80:62:9A:71:48:E4:B2:21:89:E7:B9:1F:14:67:91:11:63:70 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/cGWAYppxSOSyIYnnuR8UZ5ERY3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/cGWAYppxSOSyIYnnuR8UZ5ERY3A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/71/q3CYXHQMV0MNCWbS4KHiO7GTHLI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 110.173.96.0/19 Signature Algorithm: sha256WithRSAEncryption 9e:ed:39:61:46:d0:ba:21:e3:15:f3:5d:a1:d9:a1:f0:86:6d: 6f:60:d5:36:c5:ea:ef:c1:22:77:dd:4e:30:5f:0c:dd:2a:95: c6:da:77:6a:64:b7:ee:a3:b6:24:15:48:16:0c:10:88:82:95: 76:89:67:05:a5:25:80:bf:1e:04:ba:01:bc:07:70:4c:d7:6e: 45:77:5d:06:5e:ac:ea:ca:5d:15:5c:3b:b6:a9:75:0b:5a:e8: 62:ac:3f:a4:9b:88:dc:17:c2:a9:b4:be:8a:fd:14:46:72:13: da:95:ad:75:06:5a:59:e3:08:d4:58:02:eb:9c:c2:8c:bc:6b: 5e:1c:8c:f3:8a:40:7c:92:18:74:73:2e:53:ff:b8:4c:57:0f: 52:fc:bb:52:3a:83:85:4c:16:0a:b8:fe:1a:72:fb:ca:5b:27: 31:c9:55:43:18:87:ee:2c:f7:a2:ec:84:dc:03:b2:c8:1e:0f: 3c:cf:5e:20:ba:c8:63:25:06:d8:dd:60:16:8f:2a:a5:99:f7: 6e:1b:7e:06:84:4d:9b:bb:86:e6:18:5f:d3:4e:c8:d2:8f:29: ef:0a:1e:00:f8:3a:d8:fc:40:1a:12:d0:2d:c9:57:0c:53:0a: d4:b8:95:68:f3:11:7e:17:98:60:be:a5:cb:ac:ca:4a:4e:31: 24:84:d7:88 -----BEGIN CERTIFICATE----- MIIE0zCCA7ugAwIBAgICDKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA2 NTgwNjI5QTcxNDhFNEIyMjE4OUU3QjkxRjE0Njc5MTExNjM3MDAeFw0yNDAzMTMw MTIzNTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCNzA5ODVDNzQwQzU3 NDMwRDA5NjZEMkUwQTFFMjNCQjE5MzFDQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDP2S7mg3taH8Nk8efVFFafY99O0UY40FKSv9As/c0iEuiuitaw adLkAEBzATuBq3wCtSTzAaLRdO3S0NynJzN6eefrqwzCp4NmsnolzBq8YEfbYCII iKgTxC6ljgcIO3yengyYkvCsmP16KibmdjzK9zzSi+gAERNWs3AzE6LPfBtBTxg+ v5C9z3IIRmfh9su+HXrHsZBA5bzkR/EQS7xPxkfagZ9yVoEvsiDv7KBYvfC4LJ5g NZC+iWhtOOboymhWXQmDWoliNYZBvniRYm3ji/3aTro6hMs8QH4b1FaoBYf3A6w9 dfM+apSjp09MiUdQb38Ua4qTBY7tqEnEw1+HAgMBAAGjggHvMIIB6zAdBgNVHQ4E FgQUq3CYXHQMV0MNCWbS4KHiO7GTHLIwHwYDVR0jBBgwFoAUcGWAYppxSOSyIYnn uR8UZ5ERY3AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzEv Y0dXQVlwcHhTT1N5SVlubnVSOFVaNUVSWTNBLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9jR1dBWXBweFNPU3lJWW5udVI4VVo1RVJZM0EuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83MS9xM0NZWEhRTVYwTU5DV2JT NEtIaU83R1RITEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF bq1gMA0GCSqGSIb3DQEBCwUAA4IBAQCe7TlhRtC6IeMV812h2aHwhm1vYNU2xerv wSJ33U4wXwzdKpXG2ndqZLfuo7YkFUgWDBCIgpV2iWcFpSWAvx4EugG8B3BM125F d10GXqzqyl0VXDu2qXULWuhirD+km4jcF8KptL6K/RRGchPala11BlpZ4wjUWALr nMKMvGteHIzzikB8khh0cy5T/7hMVw9S/LtSOoOFTBYKuP4acvvKWycxyVVDGIfu LPei7ITcA7LIHg88z14gushjJQbY3WAWjyqlmfduG34GhE2bu4bmGF/TTsjSjynv Ch4A+DrY/EAaEtAtyVcMUwrUuJVo8xF+F5hgvqXLrMpKTjEkhNeI -----END CERTIFICATE-----Generated at Wed Jun 26 16:18:26 2024 by rpki-client on console-ams.rpki-client.org