$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/SbjVwWCrqg4KzxIZGclV0BhQKxg.roa File: SbjVwWCrqg4KzxIZGclV0BhQKxg.roa (raw, json) Hash identifier: 644k5QPruh1+uAc8oZADN1rq5v1BbCIU8rzWi5a2vQU= Subject key identifier: 49:B8:D5:C1:60:AB:AA:0E:0A:CF:12:19:19:C9:55:D0:18:50:2B:18 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 13D6 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/SbjVwWCrqg4KzxIZGclV0BhQKxg.roa Signing time: Wed 30 Oct 2024 12:43:41 +0000 ROA not before: Wed 30 Oct 2024 12:43:41 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 152179 IP address blocks: 180.223.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5078 (0x13d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 30 12:43:41 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=49B8D5C160ABAA0E0ACF121919C955D018502B18 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:3d:76:47:d6:68:1e:f7:97:08:40:76:b3:ff: 71:63:4a:0c:6c:07:db:b0:27:68:c9:be:05:67:c3: a9:dd:59:68:37:51:ec:65:4e:0c:84:c7:13:e8:c0: 86:dc:7a:fb:e6:2b:ab:ab:45:f8:02:7d:1a:d3:56: 29:7c:fe:03:79:e2:60:d8:5c:70:9f:41:0b:1a:85: b3:0f:e8:9e:74:6b:5a:4f:0f:f3:d4:e4:b8:19:50: bf:38:77:3c:11:b3:24:02:26:90:86:dd:9a:aa:7f: ee:f3:59:04:71:44:61:1d:56:d8:20:26:40:3f:8d: c0:d9:5b:10:5c:95:7e:7d:47:7e:c0:f9:e1:a1:23: f8:bf:62:a2:53:0d:86:58:2d:5c:25:89:c8:06:d3: 66:bb:03:eb:7c:6b:60:99:b5:78:d3:23:95:72:40: f3:e9:d9:02:a5:0d:f2:1f:64:56:30:89:83:ba:77: 0c:b1:dd:91:9f:9a:a2:ba:4d:db:38:a6:0c:cc:de: e4:14:92:42:f3:fd:2b:eb:23:63:5d:e6:3f:4f:43: c5:e9:01:10:9e:c0:83:79:c1:13:13:d1:c2:ec:90: 8e:60:c0:c2:f6:92:82:9d:07:3c:eb:54:5a:8d:66: fb:f2:d5:4e:3a:72:d1:ea:98:70:42:f6:9c:56:7a: 80:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:B8:D5:C1:60:AB:AA:0E:0A:CF:12:19:19:C9:55:D0:18:50:2B:18 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/SbjVwWCrqg4KzxIZGclV0BhQKxg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.208.0/24 Signature Algorithm: sha256WithRSAEncryption ac:b4:21:60:d0:8b:ae:e4:ed:ab:da:a1:09:1d:ca:06:c4:00: 41:7d:64:2a:d8:23:bd:80:14:70:71:20:77:7f:a8:4c:6c:ff: bd:87:d6:04:5d:53:82:f1:4c:3d:86:d0:43:e1:ec:1a:2b:f1: 51:01:fb:43:62:63:ee:ae:32:5a:84:fb:77:25:b2:c7:64:8a: b7:04:b8:c2:61:ca:e8:d4:03:93:a6:7a:3c:ce:50:bf:ac:d1: dc:9c:ca:d9:ac:88:29:af:54:4d:07:7e:72:9f:d1:6b:44:d7: cb:3c:6d:79:81:be:03:72:b2:e9:57:3e:ad:84:62:e1:31:d0: db:a4:96:bb:e5:71:c6:77:e2:bd:ae:bd:1c:91:74:b2:69:23: 56:eb:14:9d:99:93:bd:29:86:f7:e7:fd:f4:42:5a:9e:a0:90: 4f:54:57:01:27:0c:85:8c:a5:5f:ae:00:50:ae:09:97:9e:bb: 40:b4:d1:8b:3c:9c:a3:d4:ea:76:43:eb:7d:7d:a3:63:65:ad: e9:be:37:db:e0:40:6b:a2:e6:6d:82:fd:18:a3:0a:b2:d8:ea: 80:44:68:2b:68:91:0e:43:fe:92:9e:cb:aa:52:8c:06:52:cc: 6c:69:ab:9a:88:59:49:9b:6c:10:a7:d1:cb:b9:82:52:e8:3e: 10:4a:e9:90 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE9YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMzAx MjQzNDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQ5QjhENUMxNjBBQkFB MEUwQUNGMTIxOTE5Qzk1NUQwMTg1MDJCMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCgPXZH1mge95cIQHaz/3FjSgxsB9uwJ2jJvgVnw6ndWWg3Uexl TgyExxPowIbcevvmK6urRfgCfRrTVil8/gN54mDYXHCfQQsahbMP6J50a1pPD/PU 5LgZUL84dzwRsyQCJpCG3Zqqf+7zWQRxRGEdVtggJkA/jcDZWxBclX59R37A+eGh I/i/YqJTDYZYLVwlicgG02a7A+t8a2CZtXjTI5VyQPPp2QKlDfIfZFYwiYO6dwyx 3ZGfmqK6Tds4pgzM3uQUkkLz/SvrI2Nd5j9PQ8XpARCewIN5wRMT0cLskI5gwML2 koKdBzzrVFqNZvvy1U46ctHqmHBC9pxWeoB5AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUSbjVwWCrqg4KzxIZGclV0BhQKxgwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvU2JqVndXQ3JxZzRL enhJWkdjbFYwQmhRS3hnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTf0DANBgkqhkiG9w0BAQsFAAOCAQEArLQhYNCLruTtq9qhCR3KBsQAQX1k KtgjvYAUcHEgd3+oTGz/vYfWBF1TgvFMPYbQQ+HsGivxUQH7Q2Jj7q4yWoT7dyWy x2SKtwS4wmHK6NQDk6Z6PM5Qv6zR3JzK2ayIKa9UTQd+cp/Ra0TXyzxteYG+A3Ky 6Vc+rYRi4THQ26SWu+Vxxnfiva69HJF0smkjVusUnZmTvSmG9+f99EJanqCQT1RX AScMhYylX64AUK4Jl567QLTRizyco9TqdkPrfX2jY2Wt6b432+BAa6LmbYL9GKMK stjqgERoK2iRDkP+kp7LqlKMBlLMbGmrmohZSZtsEKfRy7mCUug+EErpkA== -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:28 2024 by rpki-client on console-ams.rpki-client.org