$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/Q4kkha_wEAmxJf5KjiSoHSTS_kk.roa File: Q4kkha_wEAmxJf5KjiSoHSTS_kk.roa (raw, json) Hash identifier: qJw9OEhTHdrgHev8s1nQ8yJq1LiLAstIIGMav56VuIk= Subject key identifier: 43:89:24:85:AF:F0:10:09:B1:25:FE:4A:8E:24:A8:1D:24:D2:FE:49 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1170 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Q4kkha_wEAmxJf5KjiSoHSTS_kk.roa Signing time: Mon 15 Jul 2024 14:57:54 +0000 ROA not before: Mon 15 Jul 2024 14:57:54 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 152179 IP address blocks: 180.223.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4464 (0x1170) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Jul 15 14:57:54 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=43892485AFF01009B125FE4A8E24A81D24D2FE49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:a8:0b:9e:9a:58:75:00:2b:2e:f6:15:46:4f: b0:c7:a7:d2:8c:b5:a4:41:cc:b2:e2:15:e8:5c:00: 5a:12:27:19:2b:83:d5:62:0c:f6:f7:1e:03:20:4c: d0:12:1d:8f:06:47:25:45:57:bd:42:2e:b5:53:f5: f6:b8:c9:8b:82:f5:45:2a:fb:03:41:06:2d:0e:05: 48:6c:f6:0b:ed:26:dd:21:cd:45:35:86:23:50:09: c9:7c:53:0c:63:16:76:3a:4d:38:bc:fc:d4:ae:84: 49:91:5b:51:62:5d:16:94:5b:3d:1c:37:d2:8a:26: e1:2f:3c:19:f3:a5:1a:14:a1:4c:69:e0:32:f8:ff: 35:de:15:5d:53:70:33:f3:05:20:43:db:87:04:75: 2c:00:0f:a0:20:62:2c:76:57:d6:40:c8:eb:2e:10: c2:df:b7:b0:0e:8f:9d:2d:1b:1e:35:69:3b:19:88: c2:19:dc:0b:fe:0b:a8:d2:46:2b:b4:d0:83:ec:b7: 3b:59:12:06:f5:e1:a2:3e:14:80:f6:d3:46:01:31: 63:48:c2:84:e9:c2:b1:60:b0:7c:1f:ff:35:33:be: 6c:bc:91:75:d6:cc:13:d5:0a:e8:35:39:48:16:7d: e2:df:ab:7e:5b:d9:e8:6a:fe:f4:9f:cb:8c:3e:e8: 2d:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:89:24:85:AF:F0:10:09:B1:25:FE:4A:8E:24:A8:1D:24:D2:FE:49 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/Q4kkha_wEAmxJf5KjiSoHSTS_kk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.120.0/22 Signature Algorithm: sha256WithRSAEncryption 1a:e1:00:ae:55:15:54:eb:c6:84:76:fb:d4:f9:2d:9b:4c:65: 16:a7:c3:08:35:0d:5a:3e:83:cb:74:ff:3f:39:e8:3f:75:18: 90:e2:0d:2b:8c:38:48:e8:43:f1:5f:4b:5d:1c:b7:61:d4:6a: 36:86:92:d9:82:9d:46:58:de:68:d3:0c:fe:da:c6:3b:25:52: 0c:05:1b:c1:0c:ba:1a:bf:c6:3a:f1:50:38:85:68:e8:03:89: cc:7a:79:bb:3c:ba:1f:cb:35:47:96:e4:1a:fe:d7:4f:82:5f: 4c:a7:d9:a2:20:58:d2:5d:0f:8e:32:c2:3b:8d:50:c4:67:05: c6:6d:38:19:33:fe:5d:4a:e4:b3:d1:9d:68:75:17:77:c3:fd: 93:72:c1:50:3a:f6:84:94:c7:ee:0a:41:2d:8f:ef:29:e0:ef: fb:d8:d4:b3:1e:10:3c:c6:94:8b:78:79:50:6c:da:01:75:ca: 39:c5:15:41:a8:9d:a0:5e:10:5a:e1:36:eb:d1:39:5f:da:ae: a0:9d:59:c3:00:4d:88:4c:8d:37:ef:2e:b6:2b:cc:b8:77:cd: fd:e4:43:fc:da:5f:f5:9d:09:19:17:2e:a2:ac:00:81:06:c8: 50:ef:e2:15:ba:80:0f:6e:e3:64:23:f5:e3:c8:fe:dc:62:05: 97:cf:56:8b -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA3MTUx NDU3NTRaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQzODkyNDg1QUZGMDEw MDlCMTI1RkU0QThFMjRBODFEMjREMkZFNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD4qAuemlh1ACsu9hVGT7DHp9KMtaRBzLLiFehcAFoSJxkrg9Vi DPb3HgMgTNASHY8GRyVFV71CLrVT9fa4yYuC9UUq+wNBBi0OBUhs9gvtJt0hzUU1 hiNQCcl8UwxjFnY6TTi8/NSuhEmRW1FiXRaUWz0cN9KKJuEvPBnzpRoUoUxp4DL4 /zXeFV1TcDPzBSBD24cEdSwAD6AgYix2V9ZAyOsuEMLft7AOj50tGx41aTsZiMIZ 3Av+C6jSRiu00IPstztZEgb14aI+FID200YBMWNIwoTpwrFgsHwf/zUzvmy8kXXW zBPVCug1OUgWfeLfq35b2ehq/vSfy4w+6C0jAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQ4kkha/wEAmxJf5KjiSoHSTS/kkwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvUTRra2hhX3dFQW14 SmY1S2ppU29IU1RTX2trLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEArTfeDANBgkqhkiG9w0BAQsFAAOCAQEAGuEArlUVVOvGhHb71Pktm0xlFqfD CDUNWj6Dy3T/PznoP3UYkOINK4w4SOhD8V9LXRy3YdRqNoaS2YKdRljeaNMM/trG OyVSDAUbwQy6Gr/GOvFQOIVo6AOJzHp5uzy6H8s1R5bkGv7XT4JfTKfZoiBY0l0P jjLCO41QxGcFxm04GTP+XUrks9GdaHUXd8P9k3LBUDr2hJTH7gpBLY/vKeDv+9jU sx4QPMaUi3h5UGzaAXXKOcUVQaidoF4QWuE269E5X9quoJ1ZwwBNiEyNN+8utivM uHfN/eRD/Npf9Z0JGRcuoqwAgQbIUO/iFbqAD27jZCP148j+3GIFl89Wiw== -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:28 2024 by rpki-client on console-ams.rpki-client.org