$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/TzqJPlGgaEW0EsRL_1Sh051whkc.roa File: TzqJPlGgaEW0EsRL_1Sh051whkc.roa (raw, json) Hash identifier: J7AGgLRzEnKFdS3HsDXaB8ibUNWRYK32UdRzw/JPmJ8= Subject key identifier: 4F:3A:89:3E:51:A0:68:45:B4:12:C4:4B:FF:54:A1:D3:9D:70:86:47 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 135D Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TzqJPlGgaEW0EsRL_1Sh051whkc.roa Signing time: Wed 09 Oct 2024 00:44:12 +0000 ROA not before: Wed 09 Oct 2024 00:44:12 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 180.223.204.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 03:52:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4957 (0x135d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 9 00:44:12 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=4F3A893E51A06845B412C44BFF54A1D39D708647 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:33:bd:fe:b1:a6:45:94:d1:96:4d:31:2a:8a: f1:64:93:dd:1c:97:fb:6a:4d:af:01:25:0a:1c:4a: 9d:60:51:93:93:9e:49:57:98:0a:e5:84:9f:4e:c0: ad:3e:60:e7:e3:11:53:a2:45:40:73:4e:73:f3:f3: 49:36:17:4e:5b:b3:77:16:52:a8:71:12:db:8e:20: 52:82:ec:c4:50:35:eb:7c:7c:cc:4e:26:fd:b2:75: dc:aa:47:5e:3b:01:a9:79:e1:0a:a4:af:e5:db:6f: 87:d0:e3:03:4b:8d:ed:f1:42:5d:a3:bc:74:a4:39: 67:8a:61:00:3c:c3:10:5d:3d:49:3d:72:6d:38:91: f9:df:7d:1d:1b:85:a4:e9:2f:86:9c:81:06:5e:06: 83:d8:53:84:7c:5c:4e:51:42:f9:12:bb:29:23:a1: c2:fb:c1:c8:f7:24:aa:81:81:e6:d9:76:b6:55:d5: eb:3a:f7:c6:7e:6e:b7:5b:d8:ac:f4:39:d2:ca:67: 56:13:4d:e3:89:50:6b:e6:3b:82:80:23:c2:b5:e8: 46:44:e9:f2:bf:44:fc:37:d6:57:87:e2:01:20:bb: 71:cc:61:5c:6c:bd:23:ba:b0:a7:52:6f:80:68:f0: 4c:10:d3:57:17:9f:e6:cd:d6:53:bf:6c:6f:2d:ea: f0:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:3A:89:3E:51:A0:68:45:B4:12:C4:4B:FF:54:A1:D3:9D:70:86:47 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/TzqJPlGgaEW0EsRL_1Sh051whkc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.204.0/24 Signature Algorithm: sha256WithRSAEncryption a0:34:b6:58:7e:57:78:97:ce:f2:e2:77:66:20:bd:0b:70:3a: 79:81:41:f6:20:f8:fb:76:13:94:2a:0f:d6:f1:87:c1:df:5e: 5c:60:5a:e0:3a:8f:31:39:4b:4c:6a:14:1e:a6:32:34:ca:4e: 16:7e:da:ac:07:4f:0f:8b:12:12:cc:4a:c9:91:95:31:5e:c8: ca:34:2f:df:b0:6b:ee:20:62:ac:5e:a6:91:e0:0a:83:ab:a5: ca:eb:27:3f:bd:9a:81:6c:d0:c0:67:18:2f:c0:3e:b3:73:4b: 0d:cb:85:9e:33:e5:d0:47:0e:66:bb:0d:f2:2b:f0:43:ee:5a: 89:b2:72:43:dc:c2:65:21:2e:31:6a:ac:f1:34:e3:b4:93:79: 9a:3a:34:2e:68:ee:16:14:88:b7:2d:51:05:dd:05:ee:6b:ad: c4:bc:2b:bd:40:1b:5f:72:c1:cc:73:b2:8f:56:26:77:43:65: 26:72:57:a8:7a:51:3f:ce:68:21:bb:2d:8c:55:6b:3c:cd:06: b1:4c:5b:37:32:3c:3d:40:61:98:53:5b:4d:4e:a6:f5:2e:79: b1:11:a6:39:69:1f:c5:23:e5:ed:14:9a:6f:9a:e3:ea:d2:9a: 22:c0:32:86:c3:a8:00:b2:5e:cb:21:d6:b4:13:7c:1b:88:08: 41:93:4a:0a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE10wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMDkw MDQ0MTJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDRGM0E4OTNFNTFBMDY4 NDVCNDEyQzQ0QkZGNTRBMUQzOUQ3MDg2NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDFM73+saZFlNGWTTEqivFkk90cl/tqTa8BJQocSp1gUZOTnklX mArlhJ9OwK0+YOfjEVOiRUBzTnPz80k2F05bs3cWUqhxEtuOIFKC7MRQNet8fMxO Jv2yddyqR147Aal54Qqkr+Xbb4fQ4wNLje3xQl2jvHSkOWeKYQA8wxBdPUk9cm04 kfnffR0bhaTpL4acgQZeBoPYU4R8XE5RQvkSuykjocL7wcj3JKqBgebZdrZV1es6 98Z+brdb2Kz0OdLKZ1YTTeOJUGvmO4KAI8K16EZE6fK/RPw31leH4gEgu3HMYVxs vSO6sKdSb4Bo8EwQ01cXn+bN1lO/bG8t6vDnAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUTzqJPlGgaEW0EsRL/1Sh051whkcwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvVHpxSlBsR2dhRVcw RXNSTF8xU2gwNTF3aGtjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfzDANBgkqhkiG9w0BAQsFAAOCAQEAoDS2WH5XeJfO8uJ3ZiC9C3A6eYFB 9iD4+3YTlCoP1vGHwd9eXGBa4DqPMTlLTGoUHqYyNMpOFn7arAdPD4sSEsxKyZGV MV7IyjQv37Br7iBirF6mkeAKg6ulyusnP72agWzQwGcYL8A+s3NLDcuFnjPl0EcO ZrsN8ivwQ+5aibJyQ9zCZSEuMWqs8TTjtJN5mjo0LmjuFhSIty1RBd0F7mutxLwr vUAbX3LBzHOyj1Ymd0NlJnJXqHpRP85oIbstjFVrPM0GsUxbNzI8PUBhmFNbTU6m 9S55sRGmOWkfxSPl7RSab5rj6tKaIsAyhsOoALJeyyHWtBN8G4gIQZNKCg== -----END CERTIFICATE-----Generated at Sun Nov 24 23:59:21 2024 by rpki-client on console-fra.rpki-client.org