$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/jGvq9VmGPleDjnp2shtdKdZ5LCk.roa File: jGvq9VmGPleDjnp2shtdKdZ5LCk.roa (raw, json) Hash identifier: KsxSEmoENpfc1tY8hUGupAGXT0cEqLkrVDmNiWhzgy8= Subject key identifier: 8C:6B:EA:F5:59:86:3E:57:83:8E:7A:76:B2:1B:5D:29:D6:79:2C:29 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1A3F Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/jGvq9VmGPleDjnp2shtdKdZ5LCk.roa Signing time: Thu 28 Mar 2024 11:31:19 +0000 ROA not before: Thu 28 Mar 2024 11:31:19 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 2914 IP address blocks: 49.128.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 22:23:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6719 (0x1a3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Mar 28 11:31:19 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=8C6BEAF559863E57838E7A76B21B5D29D6792C29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ff:37:fa:f1:bd:10:83:e6:ad:90:21:5a:33: 5c:3e:bf:92:41:19:90:6b:2f:c4:06:5f:24:ee:82: f2:bd:40:fa:70:11:cb:1a:fe:a4:87:6f:f4:ed:9c: 6e:15:a4:f0:6e:b4:d5:b9:57:71:23:9e:51:59:83: 7e:9d:69:25:15:47:e4:2c:03:dd:2d:a4:ea:43:6a: 9d:fe:17:b3:9e:ed:50:7c:cf:e9:81:fe:94:09:b1: f1:8c:bf:4e:b9:12:6a:66:7b:6b:6f:5f:04:af:47: b4:fc:70:4d:99:15:ca:a4:85:f8:7c:b2:04:53:92: f9:34:35:d4:2b:eb:71:f1:50:5b:bd:d9:5d:95:5e: c7:ca:b2:9d:1a:2d:25:bc:2b:5b:61:89:68:39:9b: 1c:49:a9:40:22:f4:d8:25:38:f3:22:e5:64:66:05: 17:36:80:8c:c2:43:83:b5:19:b1:9e:8f:fc:30:bd: 54:3a:b1:49:ae:85:8e:3d:01:c9:2b:83:a1:cd:95: ae:54:97:bf:ff:00:99:e9:de:2c:ca:32:61:d3:93: bd:35:1c:f7:da:f6:b5:9b:8f:0d:62:9b:e7:8c:95: 22:42:32:0a:78:de:9d:6c:a8:b6:51:b9:2d:c9:fd: 8d:74:32:9a:2a:77:bb:71:94:ae:b2:6b:1f:af:c2: cc:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:6B:EA:F5:59:86:3E:57:83:8E:7A:76:B2:1B:5D:29:D6:79:2C:29 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/jGvq9VmGPleDjnp2shtdKdZ5LCk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.128.4.0/22 Signature Algorithm: sha256WithRSAEncryption 22:3c:c8:3a:0c:83:cc:80:6a:0b:cf:96:71:b2:77:23:96:ae: 89:f3:74:4a:d6:6c:2c:ce:33:55:6c:b5:ba:fd:73:ca:fe:10: 21:ee:99:e5:15:e0:bd:9c:c5:7b:06:d1:6c:27:f2:ec:b5:b2: a1:a1:bf:50:6b:33:62:f2:b1:4e:91:7b:03:fd:17:8f:e3:76: 9c:0f:f0:82:81:0d:ed:8b:78:da:19:76:14:cf:a9:8e:a7:91: 47:0e:4a:37:10:da:75:a2:ae:42:5f:eb:3e:79:18:6a:64:fc: ab:1b:89:42:de:85:5e:a7:e2:e8:03:c8:12:ab:04:31:03:e2: 3e:89:1b:28:fb:90:61:54:25:0b:b1:ff:90:71:95:09:0b:b4: 29:0a:77:a0:4a:7c:41:14:46:30:0e:d7:f0:a7:80:7a:3f:f2: ce:a7:2b:bb:6c:c7:e2:f7:a9:62:e5:74:d7:83:1e:23:59:b4: d1:e4:a6:1e:94:75:9b:95:ce:eb:42:1e:27:d8:d2:e9:e8:33: e8:7a:84:97:5c:bc:4d:1f:80:81:aa:d6:fb:37:af:5d:b7:ed: f6:40:64:3a:db:b0:f0:2b:c4:c6:bd:48:a6:6c:4e:93:ef:eb: 62:57:ab:51:f5:7c:9c:f0:91:4b:92:61:d9:f4:df:ba:0b:09: 19:94:d9:4c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGj8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMjgx MTMxMTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDhDNkJFQUY1NTk4NjNF NTc4MzhFN0E3NkIyMUI1RDI5RDY3OTJDMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCr/zf68b0Qg+atkCFaM1w+v5JBGZBrL8QGXyTugvK9QPpwEcsa /qSHb/TtnG4VpPButNW5V3EjnlFZg36daSUVR+QsA90tpOpDap3+F7Oe7VB8z+mB /pQJsfGMv065Empme2tvXwSvR7T8cE2ZFcqkhfh8sgRTkvk0NdQr63HxUFu92V2V XsfKsp0aLSW8K1thiWg5mxxJqUAi9NglOPMi5WRmBRc2gIzCQ4O1GbGej/wwvVQ6 sUmuhY49Ackrg6HNla5Ul7//AJnp3izKMmHTk701HPfa9rWbjw1im+eMlSJCMgp4 3p1sqLZRuS3J/Y10Mpoqd7txlK6yax+vwsyHAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUjGvq9VmGPleDjnp2shtdKdZ5LCkwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvakd2cTlWbUdQbGVE am5wMnNodGRLZFo1TENrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAjGABDANBgkqhkiG9w0BAQsFAAOCAQEAIjzIOgyDzIBqC8+WcbJ3I5auifN0 StZsLM4zVWy1uv1zyv4QIe6Z5RXgvZzFewbRbCfy7LWyoaG/UGszYvKxTpF7A/0X j+N2nA/wgoEN7Yt42hl2FM+pjqeRRw5KNxDadaKuQl/rPnkYamT8qxuJQt6FXqfi 6APIEqsEMQPiPokbKPuQYVQlC7H/kHGVCQu0KQp3oEp8QRRGMA7X8KeAej/yzqcr u2zH4vepYuV014MeI1m00eSmHpR1m5XO60IeJ9jS6egz6HqEl1y8TR+AgarW+zev Xbft9kBkOtuw8CvExr1IpmxOk+/rYlerUfV8nPCRS5Jh2fTfugsJGZTZTA== -----END CERTIFICATE-----Generated at Sun May 5 18:35:57 2024 by rpki-client on console-fra.rpki-client.org