$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/LwB8c3b2KgS3WKaA8gKZKuYEWOk.roa File: LwB8c3b2KgS3WKaA8gKZKuYEWOk.roa (raw, json) Hash identifier: djXJOwtgtDMeRLWUsvYm52Uw1/xjeEpc1NVORZSrQS4= Subject key identifier: 2F:00:7C:73:76:F6:2A:04:B7:58:A6:80:F2:02:99:2A:E6:04:58:E9 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 13D7 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/LwB8c3b2KgS3WKaA8gKZKuYEWOk.roa Signing time: Wed 30 Oct 2024 12:43:41 +0000 ROA not before: Wed 30 Oct 2024 12:43:41 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 152179 IP address blocks: 180.223.210.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5079 (0x13d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 30 12:43:41 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=2F007C7376F62A04B758A680F202992AE60458E9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:ac:a5:87:04:f8:d1:bb:c3:ca:fa:57:32:71: cc:91:15:19:d9:38:85:d2:d7:0b:f5:c0:7f:70:72: 08:bc:20:1a:0f:28:0b:89:09:c4:1e:55:7e:38:32: 87:98:38:2c:47:79:98:52:3c:93:85:8d:ac:6c:ef: c7:5f:8b:0a:15:69:06:29:fe:7c:8f:ad:a6:66:dd: 08:6f:81:25:82:f1:79:1e:9b:12:bb:16:18:af:66: a4:9b:cd:85:0c:d3:e3:51:6f:bc:c7:71:bd:4b:2e: cc:e0:2f:89:c5:b7:64:08:98:ff:58:ca:b9:e1:83: f7:51:f3:09:0f:2a:c4:45:c6:ef:cb:6e:a0:23:2a: d3:8d:71:92:ac:56:2e:59:27:af:ff:d7:98:67:b9: 2b:78:1b:5f:17:25:2d:01:6f:97:31:4f:67:d3:2d: 1d:6b:57:3e:2b:12:67:0e:b9:da:4e:ae:33:c6:50: b9:75:90:89:da:b3:25:15:7d:9b:c9:54:ae:c4:b5: c4:2c:22:46:53:f3:93:2f:fb:78:ee:28:39:63:25: b1:f6:11:57:3f:d9:6b:1b:95:fc:b9:9e:fe:cb:3a: 42:a1:b2:d9:e8:d5:14:12:90:82:b9:4e:7f:a1:ee: 4e:88:f5:2c:4a:f6:a4:45:60:61:23:b0:b2:cf:09: 7d:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:00:7C:73:76:F6:2A:04:B7:58:A6:80:F2:02:99:2A:E6:04:58:E9 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/LwB8c3b2KgS3WKaA8gKZKuYEWOk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.210.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:d7:30:02:2c:9c:67:9c:66:b4:e3:b4:7e:0d:78:42:ef:98: 7b:c8:71:14:95:b6:ad:88:20:4f:e0:dc:26:c1:76:d0:c5:93: ce:b4:11:04:e2:b5:5b:83:08:cd:c8:b4:fd:9e:03:15:cc:de: cc:0d:88:ef:33:22:25:0c:5a:20:98:e4:5a:bc:57:d1:31:4a: db:25:71:4a:ff:69:da:44:c6:e2:86:3b:62:b9:00:7b:67:20: bd:16:1c:cd:da:00:81:22:e8:e5:9a:e6:20:41:b6:6a:a3:d9: 1c:8b:b2:ff:df:12:a7:d9:44:a4:e1:a6:67:3e:d6:1a:6e:f1: 05:36:f0:f0:35:13:15:04:d2:f0:14:3e:81:19:f9:8a:39:08: 3a:fe:cb:19:77:d2:b2:dd:03:67:07:e1:27:6c:cd:be:5d:45: 39:f9:56:50:1d:d9:04:9e:f8:90:48:c8:c9:5c:b9:4d:f0:5c: 15:b5:d2:ce:e2:4d:e7:0a:d1:3c:03:ea:49:99:9a:6f:a8:e9: 53:60:b1:b5:47:66:e1:97:81:46:07:a9:88:74:0b:71:a2:8c: 54:59:76:86:33:14:35:d8:a0:da:ff:f0:4e:7d:a6:ac:31:ad: c2:1f:93:bf:71:db:51:31:13:f0:7a:b5:66:83:dc:43:c8:77: bf:2e:01:f1 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE9cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMzAx MjQzNDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDJGMDA3QzczNzZGNjJB MDRCNzU4QTY4MEYyMDI5OTJBRTYwNDU4RTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDprKWHBPjRu8PK+lcyccyRFRnZOIXS1wv1wH9wcgi8IBoPKAuJ CcQeVX44MoeYOCxHeZhSPJOFjaxs78dfiwoVaQYp/nyPraZm3QhvgSWC8XkemxK7 FhivZqSbzYUM0+NRb7zHcb1LLszgL4nFt2QImP9Yyrnhg/dR8wkPKsRFxu/LbqAj KtONcZKsVi5ZJ6//15hnuSt4G18XJS0Bb5cxT2fTLR1rVz4rEmcOudpOrjPGULl1 kInasyUVfZvJVK7EtcQsIkZT85Mv+3juKDljJbH2EVc/2Wsblfy5nv7LOkKhstno 1RQSkIK5Tn+h7k6I9SxK9qRFYGEjsLLPCX31AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQULwB8c3b2KgS3WKaA8gKZKuYEWOkwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvTHdCOGMzYjJLZ1Mz V0thQThnS1pLdVlFV09rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTf0jANBgkqhkiG9w0BAQsFAAOCAQEAf9cwAiycZ5xmtOO0fg14Qu+Ye8hx FJW2rYggT+DcJsF20MWTzrQRBOK1W4MIzci0/Z4DFczezA2I7zMiJQxaIJjkWrxX 0TFK2yVxSv9p2kTG4oY7YrkAe2cgvRYczdoAgSLo5ZrmIEG2aqPZHIuy/98Sp9lE pOGmZz7WGm7xBTbw8DUTFQTS8BQ+gRn5ijkIOv7LGXfSst0DZwfhJ2zNvl1FOflW UB3ZBJ74kEjIyVy5TfBcFbXSzuJN5wrRPAPqSZmab6jpU2CxtUdm4ZeBRgepiHQL caKMVFl2hjMUNdig2v/wTn2mrDGtwh+Tv3HbUTET8Hq1ZoPcQ8h3vy4B8Q== -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:28 2024 by rpki-client on console-ams.rpki-client.org