$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/HiKBPOx6zR7xeL06yHAcguhi3tc.roa File: HiKBPOx6zR7xeL06yHAcguhi3tc.roa (raw, json) Hash identifier: JXIP+Fyen7/TWjgXVQCeDIYkE4miEq0jLETY7LLePDg= Subject key identifier: 1E:22:81:3C:EC:7A:CD:1E:F1:78:BD:3A:C8:70:1C:82:E8:62:DE:D7 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 118A Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/HiKBPOx6zR7xeL06yHAcguhi3tc.roa Signing time: Mon 15 Jul 2024 15:12:29 +0000 ROA not before: Mon 15 Jul 2024 15:12:29 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 136897 IP address blocks: 180.223.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4490 (0x118a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jul 15 15:12:29 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=1E22813CEC7ACD1EF178BD3AC8701C82E862DED7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d9:90:c6:41:f2:bb:96:49:87:7a:f8:86:73: f5:85:45:47:86:79:6b:8d:c9:53:50:56:9e:00:ed: 56:cd:e5:2f:d2:89:ee:96:bf:3c:72:e4:00:2d:ef: 4d:b2:8f:22:de:b4:e5:5a:f6:bd:a4:30:e8:1c:f7: 17:48:45:32:c6:3a:4c:5c:08:e0:6f:d7:66:7c:d6: e1:e7:3d:81:5c:79:8f:48:2e:b8:a2:cd:c2:7b:f3: 4e:ba:f9:3b:9e:34:2c:c1:0b:3c:9a:6f:b5:df:23: 61:de:fd:8c:61:ce:e0:9f:1c:34:d0:77:82:dc:b6: 80:05:30:9f:96:18:5d:cf:82:fb:31:ab:5e:76:f5: 3d:00:a4:88:6b:f2:4c:70:8c:7e:b1:57:33:9f:6d: 1b:1e:27:1b:90:fa:e1:36:c3:db:21:10:49:7e:da: e8:28:4a:48:e5:82:22:52:db:3e:ff:a9:5b:e9:fd: df:a1:8c:d3:90:fa:91:fe:e7:ab:66:d8:22:89:9d: 9c:d0:2e:55:ca:22:3f:45:2d:9d:6b:59:dd:c4:1f: b5:83:a3:cd:76:95:03:04:9f:42:f6:44:d4:a5:b7: af:a6:ba:20:39:a6:c9:19:c0:2b:a7:98:3f:dd:3f: 20:f7:b8:6e:86:29:03:5b:a5:8b:05:ae:c3:76:06: 63:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:22:81:3C:EC:7A:CD:1E:F1:78:BD:3A:C8:70:1C:82:E8:62:DE:D7 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/HiKBPOx6zR7xeL06yHAcguhi3tc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.232.0/21 Signature Algorithm: sha256WithRSAEncryption 02:6d:63:87:be:ea:94:0d:ce:e9:fe:2f:92:24:e2:c2:af:5f: ff:ff:28:df:dd:d3:0f:48:a2:90:fd:08:13:ab:7d:cc:00:b1: ea:8d:ae:17:8f:3c:5e:af:31:49:06:32:5c:bf:20:c5:8f:8e: f3:8a:df:ba:8c:c1:67:f4:f8:0e:39:f4:85:d7:0c:f2:b4:1b: ac:80:12:f1:2a:2e:ad:7a:4f:a6:d7:17:69:4c:ee:c4:b9:c9: b8:10:e1:c5:f9:e3:31:f6:8f:69:4a:fc:e3:18:33:3f:54:c9: f4:5a:e6:20:f1:e8:dc:6b:a4:60:20:2c:97:16:b3:af:58:bb: 04:d2:01:f9:39:36:40:d5:73:78:a7:ee:36:a2:c4:59:68:96: 77:a1:fd:28:d4:39:69:3b:14:80:f3:0d:a3:89:ba:8a:87:48: 52:1e:f5:61:29:0c:42:b2:c6:ce:2d:2b:e9:08:50:4d:0d:fa: 9a:27:07:eb:34:86:49:29:ff:37:bb:d1:cb:9c:66:08:df:9e: d5:32:08:42:67:0e:87:d3:1f:f7:23:62:25:f4:b9:0a:53:16: 62:34:e5:82:c5:57:d6:2c:58:6e:67:51:ba:fc:44:6d:87:38: d9:a3:10:71:e4:98:4b:1c:ef:66:2c:1d:94:77:f8:71:82:96: e1:23:55:52 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA3MTUx NTEyMjlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDFFMjI4MTNDRUM3QUNE MUVGMTc4QkQzQUM4NzAxQzgyRTg2MkRFRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCr2ZDGQfK7lkmHeviGc/WFRUeGeWuNyVNQVp4A7VbN5S/Sie6W vzxy5AAt702yjyLetOVa9r2kMOgc9xdIRTLGOkxcCOBv12Z81uHnPYFceY9ILrii zcJ78066+TueNCzBCzyab7XfI2He/YxhzuCfHDTQd4LctoAFMJ+WGF3Pgvsxq152 9T0ApIhr8kxwjH6xVzOfbRseJxuQ+uE2w9shEEl+2ugoSkjlgiJS2z7/qVvp/d+h jNOQ+pH+56tm2CKJnZzQLlXKIj9FLZ1rWd3EH7WDo812lQMEn0L2RNSlt6+muiA5 pskZwCunmD/dPyD3uG6GKQNbpYsFrsN2BmMrAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUHiKBPOx6zR7xeL06yHAcguhi3tcwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvSGlLQlBPeDZ6Ujd4 ZUwwNnlIQWNndWhpM3RjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf6DANBgkqhkiG9w0BAQsFAAOCAQEAAm1jh77qlA3O6f4vkiTiwq9f//8o 393TD0iikP0IE6t9zACx6o2uF488Xq8xSQYyXL8gxY+O84rfuozBZ/T4Djn0hdcM 8rQbrIAS8SourXpPptcXaUzuxLnJuBDhxfnjMfaPaUr84xgzP1TJ9FrmIPHo3Guk YCAslxazr1i7BNIB+Tk2QNVzeKfuNqLEWWiWd6H9KNQ5aTsUgPMNo4m6iodIUh71 YSkMQrLGzi0r6QhQTQ36micH6zSGSSn/N7vRy5xmCN+e1TIIQmcOh9Mf9yNiJfS5 ClMWYjTlgsVX1ixYbmdRuvxEbYc42aMQceSYSxzvZiwdlHf4cYKW4SNVUg== -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:28 2024 by rpki-client on console-ams.rpki-client.org