$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/756/zXcOC2Rw8Y9Akc0iNL9_ZwC98d0.roa File: zXcOC2Rw8Y9Akc0iNL9_ZwC98d0.roa (raw, json) Hash identifier: vBYFBICstkZGzLNH2LbLDtsuTpkSschHUYRlRatNDaU= Subject key identifier: CD:77:0E:0B:64:70:F1:8F:40:91:CD:22:34:BF:7F:67:00:BD:F1:DD Certificate issuer: /CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Certificate serial: 1057 Authority key identifier: 59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/zXcOC2Rw8Y9Akc0iNL9_ZwC98d0.roa Signing time: Sat 14 Sep 2024 07:29:55 +0000 ROA not before: Sat 14 Sep 2024 07:29:55 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 63719 IP address blocks: 103.232.144.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4183 (0x1057) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=591C5B03C97CE0FE3EC78E23C6856F792C20D404 Validity Not Before: Sep 14 07:29:55 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CD770E0B6470F18F4091CD2234BF7F6700BDF1DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c7:a9:12:27:8c:f0:e1:29:4f:1f:c3:7b:59: 53:63:e3:ad:3a:e5:d9:8a:ce:e0:5c:ec:eb:4d:01: 18:75:5e:76:97:ba:a0:f9:89:4a:ae:c4:a4:21:e2: 32:72:f0:c7:1c:98:36:01:49:76:cb:54:3e:3b:f1: ef:89:de:99:6a:76:03:af:ff:47:cb:10:d5:41:3b: b9:52:1b:19:d2:ef:ba:48:a8:77:3e:51:62:c5:25: 82:66:4d:8b:83:7e:8d:56:ad:e5:e5:65:7b:19:d5: 75:c4:5d:11:7d:98:86:6a:5e:d1:18:a5:2e:50:d3: a3:1a:c2:f4:ea:f3:37:48:ea:76:d3:2c:34:25:8c: 02:b3:66:8e:0c:8f:d2:43:fb:32:1f:43:99:9d:f9: a3:b3:48:00:55:8e:24:29:a5:13:5f:f3:a9:4c:09: 68:05:a6:d2:db:73:2c:e3:bb:8a:70:17:21:79:07: b2:a9:1d:9d:ee:37:70:12:0d:0e:f7:0c:f9:e2:e1: 59:06:d7:f3:47:e4:21:08:d6:a9:02:ab:97:6d:7e: 7e:f0:ad:83:62:42:c1:5d:9d:b2:dc:cf:70:3b:f1: 72:c6:68:3a:8f:ce:9f:ae:a9:21:0a:2a:62:95:40: ff:01:6e:4e:56:d3:2e:08:ec:35:99:a2:aa:8f:68: 6e:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:77:0E:0B:64:70:F1:8F:40:91:CD:22:34:BF:7F:67:00:BD:F1:DD X509v3 Authority Key Identifier: keyid:59:1C:5B:03:C9:7C:E0:FE:3E:C7:8E:23:C6:85:6F:79:2C:20:D4:04 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/WRxbA8l84P4-x44jxoVveSwg1AQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/WRxbA8l84P4-x44jxoVveSwg1AQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/756/zXcOC2Rw8Y9Akc0iNL9_ZwC98d0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.232.144.0/22 Signature Algorithm: sha256WithRSAEncryption 33:e2:a2:71:0a:35:a3:72:11:71:bc:a6:f5:a5:49:07:80:88: 83:26:49:b9:13:db:4f:20:38:ec:fa:13:41:fa:23:35:a5:b7: 5a:2b:e1:53:f4:79:b4:b0:c0:75:87:b9:f9:99:03:a6:7b:5d: 12:49:b6:b6:c6:af:ff:0e:5c:fc:42:0a:9f:86:4a:a9:62:63: 88:91:55:b8:2e:e1:20:68:db:4b:01:b0:5a:e4:36:68:d4:c9: 44:31:a5:50:a4:09:5b:14:91:fc:db:a6:50:9c:0b:44:f2:4d: ee:6d:33:50:f7:38:48:71:88:2a:f5:e6:f4:cb:0d:cb:92:0d: 4f:74:6c:5a:aa:58:35:1d:92:e7:e6:23:57:3d:c0:15:8f:88: e6:8b:88:46:5f:5d:7f:ee:7d:18:4a:8e:ab:ff:23:1c:90:32: 18:ed:c9:2b:7c:14:55:53:9d:21:12:cf:3b:48:ed:90:93:a3: 52:1d:c1:ae:4b:4a:6e:ce:e5:54:db:08:7f:cf:05:e3:e5:35: f0:d7:04:68:65:b0:91:8b:dd:66:5d:e8:dd:83:44:85:60:e5: 1c:0d:1c:c5:e3:69:60:20:65:a4:8d:b9:6e:53:11:a9:aa:d6: 25:e2:d8:dc:3a:f2:bd:3a:99:89:85:63:e0:1d:50:3f:ca:f0: 44:fc:74:84 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICEFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTkx QzVCMDNDOTdDRTBGRTNFQzc4RTIzQzY4NTZGNzkyQzIwRDQwNDAeFw0yNDA5MTQw NzI5NTVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENENzcwRTBCNjQ3MEYx OEY0MDkxQ0QyMjM0QkY3RjY3MDBCREYxREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyx6kSJ4zw4SlPH8N7WVNj46065dmKzuBc7OtNARh1XnaXuqD5 iUquxKQh4jJy8MccmDYBSXbLVD478e+J3plqdgOv/0fLENVBO7lSGxnS77pIqHc+ UWLFJYJmTYuDfo1WreXlZXsZ1XXEXRF9mIZqXtEYpS5Q06MawvTq8zdI6nbTLDQl jAKzZo4Mj9JD+zIfQ5md+aOzSABVjiQppRNf86lMCWgFptLbcyzju4pwFyF5B7Kp HZ3uN3ASDQ73DPni4VkG1/NH5CEI1qkCq5dtfn7wrYNiQsFdnbLcz3A78XLGaDqP zp+uqSEKKmKVQP8Bbk5W0y4I7DWZoqqPaG7XAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUzXcOC2Rw8Y9Akc0iNL9/ZwC98d0wHwYDVR0jBBgwFoAUWRxbA8l84P4+x44j xoVveSwg1AQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2 L1dSeGJBOGw4NFA0LXg0NGp4b1Z2ZVN3ZzFBUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvV1J4YkE4bDg0UDQteDQ0anhvVnZlU3dnMUFRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzU2L3pYY09DMlJ3OFk5QWtj MGlOTDlfWndDOThkMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn6JAwDQYJKoZIhvcNAQELBQADggEBADPionEKNaNyEXG8pvWlSQeAiIMmSbkT 208gOOz6E0H6IzWlt1or4VP0ebSwwHWHufmZA6Z7XRJJtrbGr/8OXPxCCp+GSqli Y4iRVbgu4SBo20sBsFrkNmjUyUQxpVCkCVsUkfzbplCcC0TyTe5tM1D3OEhxiCr1 5vTLDcuSDU90bFqqWDUdkufmI1c9wBWPiOaLiEZfXX/ufRhKjqv/IxyQMhjtySt8 FFVTnSESzztI7ZCTo1Idwa5LSm7O5VTbCH/PBePlNfDXBGhlsJGL3WZd6N2DRIVg 5RwNHMXjaWAgZaSNuW5TEamq1iXi2Nw68r06mYmFY+AdUD/K8ET8dIQ= -----END CERTIFICATE-----Generated at Fri Nov 22 19:57:53 2024 by rpki-client on console-ams.rpki-client.org