$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/ISIbX_c6jX9KdatdwiwoBasv8Ac.roa File: ISIbX_c6jX9KdatdwiwoBasv8Ac.roa (raw, json) Hash identifier: /PCfepI3+ymEQo1lmJZeO8PwMLKHN/lknmMNj0EBI8s= Subject key identifier: 21:22:1B:5F:F7:3A:8D:7F:4A:75:AB:5D:C2:2C:28:05:AB:2F:F0:07 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 135B Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/ISIbX_c6jX9KdatdwiwoBasv8Ac.roa Signing time: Wed 09 Oct 2024 00:44:11 +0000 ROA not before: Wed 09 Oct 2024 00:44:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 180.223.200.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 01:23:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4955 (0x135b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 9 00:44:11 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=21221B5FF73A8D7F4A75AB5DC22C2805AB2FF007 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:01:e1:a1:90:98:64:7f:02:33:64:47:ef:57: 1e:0b:cb:62:e0:78:7c:1d:d8:28:ba:00:9d:93:b4: 79:55:01:5a:73:62:ca:63:a5:00:04:52:0a:14:52: 0d:67:07:ab:d4:f6:d7:46:86:99:49:af:dc:c9:18: cb:fb:bb:0c:02:ef:9d:c5:47:ed:cc:72:30:0f:86: 4a:8d:77:90:45:95:2a:36:95:40:cd:18:9b:57:d4: f9:2f:b1:7d:31:cb:0f:79:81:f9:aa:1b:f0:a3:6e: e1:f7:7c:52:31:47:f9:a3:cc:7d:de:65:e0:7f:70: 9d:ee:2a:3c:eb:f1:fa:df:9c:c5:c6:20:7a:12:6e: 5b:b4:38:a8:fe:82:b1:cd:95:d1:1f:01:ef:17:eb: 80:bc:11:20:0a:d7:c4:67:cf:3c:4b:92:ba:81:43: ba:63:3e:d2:37:b8:f3:35:74:ff:ad:19:a6:8b:3b: 2e:13:db:6b:c3:03:38:7d:d3:1b:7d:ab:64:f7:55: 8e:92:b0:ec:c9:55:80:18:40:9e:fb:05:64:87:e5: 4b:17:3e:03:b6:c0:39:c7:25:d2:bf:03:c3:b6:4e: ba:d2:00:da:0f:60:b7:be:bb:0d:d7:31:7a:dc:81: 7c:b7:ac:f6:82:6a:0b:e6:9f:0b:1f:ad:5c:f3:4a: 22:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:22:1B:5F:F7:3A:8D:7F:4A:75:AB:5D:C2:2C:28:05:AB:2F:F0:07 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/ISIbX_c6jX9KdatdwiwoBasv8Ac.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.200.0/24 Signature Algorithm: sha256WithRSAEncryption 96:ad:d8:90:4f:1c:b0:65:ae:18:9e:50:1a:d1:1c:c6:5d:25: 0d:e4:b9:80:fb:09:84:0d:a6:8c:0f:14:c0:77:1c:80:37:22: bb:6d:3c:83:cb:ed:f1:4e:c6:55:97:39:07:a7:d2:1b:05:49: 42:96:45:bd:da:46:43:fd:ff:37:28:d9:c3:8a:3b:3f:19:00: 6f:fb:dc:51:fa:f1:26:31:a2:62:40:aa:e5:96:88:e6:b0:34: a2:a6:86:86:04:f4:3e:c0:3e:5d:ec:89:01:b3:ea:71:8f:b6: 1b:2c:a9:c6:e1:f2:48:41:73:a4:ae:ab:0c:47:42:40:f8:20: a8:68:27:a4:d8:35:c9:3c:d8:1d:79:7e:bf:90:d8:b9:f0:33: b4:57:f5:2f:6c:f4:d1:6c:70:f0:c4:64:03:47:ec:ed:d5:78: ef:87:2f:ec:40:9b:91:c7:3e:9f:ce:69:42:7b:9a:fe:d9:2d: 9f:1e:5f:88:60:27:ee:52:6f:da:0b:c7:59:9e:32:1c:e3:9f: 98:c7:96:23:33:ac:9f:fc:46:51:6b:75:83:e5:57:32:8a:58: 9d:e3:b4:30:6a:06:c2:5a:ca:f6:37:13:6a:09:9a:c9:15:25: 9e:b1:ca:44:22:30:f5:c6:4e:08:1c:ec:86:dc:01:dc:a1:fd: 01:b7:44:8a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE1swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMDkw MDQ0MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDIxMjIxQjVGRjczQThE N0Y0QTc1QUI1REMyMkMyODA1QUIyRkYwMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDGAeGhkJhkfwIzZEfvVx4Ly2LgeHwd2Ci6AJ2TtHlVAVpzYspj pQAEUgoUUg1nB6vU9tdGhplJr9zJGMv7uwwC753FR+3McjAPhkqNd5BFlSo2lUDN GJtX1PkvsX0xyw95gfmqG/CjbuH3fFIxR/mjzH3eZeB/cJ3uKjzr8frfnMXGIHoS blu0OKj+grHNldEfAe8X64C8ESAK18RnzzxLkrqBQ7pjPtI3uPM1dP+tGaaLOy4T 22vDAzh90xt9q2T3VY6SsOzJVYAYQJ77BWSH5UsXPgO2wDnHJdK/A8O2TrrSANoP YLe+uw3XMXrcgXy3rPaCagvmnwsfrVzzSiLRAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUISIbX/c6jX9KdatdwiwoBasv8AcwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvSVNJYlhfYzZqWDlL ZGF0ZHdpd29CYXN2OEFjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfyDANBgkqhkiG9w0BAQsFAAOCAQEAlq3YkE8csGWuGJ5QGtEcxl0lDeS5 gPsJhA2mjA8UwHccgDciu208g8vt8U7GVZc5B6fSGwVJQpZFvdpGQ/3/NyjZw4o7 PxkAb/vcUfrxJjGiYkCq5ZaI5rA0oqaGhgT0PsA+XeyJAbPqcY+2GyypxuHySEFz pK6rDEdCQPggqGgnpNg1yTzYHXl+v5DYufAztFf1L2z00Wxw8MRkA0fs7dV474cv 7ECbkcc+n85pQnua/tktnx5fiGAn7lJv2gvHWZ4yHOOfmMeWIzOsn/xGUWt1g+VX MopYneO0MGoGwlrK9jcTagmayRUlnrHKRCIw9cZOCBzshtwB3KH9AbdEig== -----END CERTIFICATE-----Generated at Fri Nov 22 00:25:26 2024 by rpki-client on console-fra.rpki-client.org