$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/gAfbD59axt_g53rR7MDELLID5sU.roa File: gAfbD59axt_g53rR7MDELLID5sU.roa (raw, json) Hash identifier: 9EVLJuL3qbmLwsstxAa2k3aFuCqTvyAP0AtOReuM1OM= Subject key identifier: 80:07:DB:0F:9F:5A:C6:DF:E0:E7:7A:D1:EC:C0:C4:2C:B2:03:E6:C5 Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Certificate serial: 17C3 Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/gAfbD59axt_g53rR7MDELLID5sU.roa Signing time: Tue 24 Sep 2024 00:18:54 +0000 ROA not before: Tue 24 Sep 2024 00:18:54 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 63199 IP address blocks: 103.210.160.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6083 (0x17c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A Validity Not Before: Sep 24 00:18:54 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=8007DB0F9F5AC6DFE0E77AD1ECC0C42CB203E6C5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:ed:93:85:8a:74:9d:f8:67:e6:03:33:bb:a1: 3d:37:89:b1:fb:bd:0e:2a:7f:24:96:20:3e:26:62: 14:31:ea:85:a9:35:14:f7:9c:d8:6c:a7:1b:44:75: 1d:2e:eb:e1:1a:7f:9e:a0:07:93:10:31:99:aa:ef: 49:93:b4:21:19:c6:02:eb:4b:c1:7d:44:a7:3e:12: 9f:41:a8:d4:2c:62:91:0e:c1:e1:32:44:07:ed:c0: 87:bb:42:4c:bc:90:1c:f3:9f:e4:ae:b6:b6:ce:f0: 14:67:b8:4a:b3:d7:b1:09:f9:25:ed:92:c8:5e:6d: 51:f7:de:c8:32:f3:30:43:3f:3d:08:57:e9:bf:fe: e7:e4:3c:fd:cd:1c:06:d3:36:fa:82:9a:1a:1c:54: da:d8:3e:42:6c:c4:d1:0e:de:d6:0a:bf:72:8c:44: f3:87:20:10:e7:46:15:f4:50:4d:1b:f7:4e:d4:52: d0:7a:09:61:e0:59:3d:19:5c:2b:d4:19:ca:99:7e: a2:03:d1:0f:30:66:c3:20:47:39:57:c4:13:6e:f8: d2:e1:47:02:25:9e:72:bd:c7:8a:5b:b1:04:68:38: f1:03:13:42:e7:51:58:ac:9a:0c:81:fc:c9:93:d2: 78:fb:ae:07:45:a7:44:d8:e0:63:53:dc:ac:62:68: 52:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:07:DB:0F:9F:5A:C6:DF:E0:E7:7A:D1:EC:C0:C4:2C:B2:03:E6:C5 X509v3 Authority Key Identifier: keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/gAfbD59axt_g53rR7MDELLID5sU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.210.160.0/22 Signature Algorithm: sha256WithRSAEncryption 7e:7c:c5:ef:f3:e1:47:e2:1a:62:cc:1a:89:1b:b9:e9:93:59: 87:61:f7:80:80:5c:47:2a:d6:c9:f9:1c:80:3c:eb:61:c0:1b: dd:8d:21:d5:f7:21:c5:f2:de:76:a1:ef:22:46:96:ad:67:8c: ed:4c:ab:0f:dd:bb:4d:e9:68:9e:8a:b1:4a:26:0b:31:90:f2: 39:a4:21:61:dc:bd:57:97:e8:86:20:a1:2c:6f:90:1c:53:0a: cf:26:f2:f1:90:18:58:4c:16:af:25:3f:f3:e8:9a:46:3d:76: e3:e7:55:3c:a8:26:1b:ff:13:ca:9a:b9:a1:48:67:e4:b8:e3: 64:5c:71:71:b7:af:88:0a:ff:02:e6:47:fe:f0:d3:b8:a8:28: 6d:4e:70:0f:1e:91:d1:50:e7:3d:0c:c7:83:25:53:73:de:a0: 81:21:db:b4:63:da:e3:be:01:5d:6c:bc:3b:25:32:bf:b7:53: 7f:ff:9d:c3:9d:7d:ef:21:ab:b6:8b:fb:85:80:6b:b5:11:00: f0:58:20:91:c3:e0:4e:46:e7:66:5b:27:89:9e:94:64:c8:85: 99:bc:66:a8:73:ee:1e:28:c9:9d:5d:18:6f:7a:75:2d:b4:ab: b9:00:0a:3b:35:31:fd:bf:11:7b:99:ed:34:a6:51:3e:6e:a3: 97:20:34:f3 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICF8MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4 ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yNDA5MjQw MDE4NTRaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDgwMDdEQjBGOUY1QUM2 REZFMEU3N0FEMUVDQzBDNDJDQjIwM0U2QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD37ZOFinSd+GfmAzO7oT03ibH7vQ4qfySWID4mYhQx6oWpNRT3 nNhspxtEdR0u6+Eaf56gB5MQMZmq70mTtCEZxgLrS8F9RKc+Ep9BqNQsYpEOweEy RAftwIe7Qky8kBzzn+SutrbO8BRnuEqz17EJ+SXtkshebVH33sgy8zBDPz0IV+m/ /ufkPP3NHAbTNvqCmhocVNrYPkJsxNEO3tYKv3KMRPOHIBDnRhX0UE0b907UUtB6 CWHgWT0ZXCvUGcqZfqID0Q8wZsMgRzlXxBNu+NLhRwIlnnK9x4pbsQRoOPEDE0Ln UVismgyB/MmT0nj7rgdFp0TY4GNT3KxiaFLtAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUgAfbD59axt/g53rR7MDELLID5sUwHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG 8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxL2dBZmJENTlheHRfZzUz clI3TURFTExJRDVzVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn0qAwDQYJKoZIhvcNAQELBQADggEBAH58xe/z4UfiGmLMGokbuemTWYdh94CA XEcq1sn5HIA862HAG92NIdX3IcXy3nah7yJGlq1njO1Mqw/du03paJ6KsUomCzGQ 8jmkIWHcvVeX6IYgoSxvkBxTCs8m8vGQGFhMFq8lP/PomkY9duPnVTyoJhv/E8qa uaFIZ+S442RccXG3r4gK/wLmR/7w07ioKG1OcA8ekdFQ5z0Mx4MlU3PeoIEh27Rj 2uO+AV1svDslMr+3U3//ncOdfe8hq7aL+4WAa7URAPBYIJHD4E5G52ZbJ4melGTI hZm8Zqhz7h4oyZ1dGG96dS20q7kACjs1Mf2/EXuZ7TSmUT5uo5cgNPM= -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:36 2024 by rpki-client on console-fra.rpki-client.org