$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/YCta7MB0bEz2riDYyD-VsWqwmzg.roa File: YCta7MB0bEz2riDYyD-VsWqwmzg.roa (raw, json) Hash identifier: QVYCpx49JEDYTyRu1SXlm12bTe56kWp2VBI5erg6UOs= Subject key identifier: 60:2B:5A:EC:C0:74:6C:4C:F6:AE:20:D8:C8:3F:95:B1:6A:B0:9B:38 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1359 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/YCta7MB0bEz2riDYyD-VsWqwmzg.roa Signing time: Wed 09 Oct 2024 00:44:11 +0000 ROA not before: Wed 09 Oct 2024 00:44:11 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 180.223.205.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 01:23:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4953 (0x1359) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 9 00:44:11 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=602B5AECC0746C4CF6AE20D8C83F95B16AB09B38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:f3:52:6e:86:7c:52:d5:79:dc:7c:51:02:5e: 5b:90:3f:03:24:79:26:62:54:38:46:bb:95:c6:35: 7a:01:fa:d0:44:73:01:14:60:6f:f7:9d:31:56:d1: 2b:96:48:cc:bf:7f:35:d7:23:d3:00:b1:de:e5:f3: 52:f5:8a:72:0f:5e:55:da:29:de:63:82:19:06:5e: b8:29:dc:3b:e6:e0:61:0b:8c:fe:73:0e:ca:ca:20: 39:6d:d8:e0:f3:57:73:eb:d8:b0:5e:d2:78:6c:88: e3:22:29:cd:4b:72:77:8f:1c:b8:44:2c:83:1d:cc: f3:b0:cb:47:cb:46:11:6a:24:a2:7e:60:fe:00:12: d8:82:87:de:f1:c9:63:09:c8:92:ba:f7:02:8b:fe: 19:9c:b3:1c:91:c2:5d:50:6a:7d:42:84:03:d2:23: 64:4c:df:66:33:ce:d1:02:82:0c:35:7e:62:51:eb: f9:48:8b:ec:89:76:ae:b3:5a:73:b8:fa:10:ec:7d: 5e:fa:cf:49:25:b6:90:4f:6e:e8:1c:da:62:d1:bd: 38:12:60:e7:72:99:75:5f:9a:fa:11:fd:42:2c:86: b6:bc:de:2c:83:7c:1a:32:70:d0:97:b2:66:cf:f8: ce:28:eb:5b:04:7f:6d:6d:f7:c7:3c:16:85:88:7a: b4:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:2B:5A:EC:C0:74:6C:4C:F6:AE:20:D8:C8:3F:95:B1:6A:B0:9B:38 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/YCta7MB0bEz2riDYyD-VsWqwmzg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.205.0/24 Signature Algorithm: sha256WithRSAEncryption d7:b6:c9:83:8a:00:3d:e6:8e:ae:e8:9d:4d:5b:a8:b7:61:2a: f2:5e:66:70:88:6f:7b:e0:2f:f9:e5:29:a7:4d:d0:f1:8a:df: 21:ec:46:59:54:9a:22:ac:77:02:63:78:56:88:3c:31:db:19: 31:7e:f2:42:ef:20:81:1e:81:d7:6f:f8:ea:89:7d:26:8c:51: fa:c7:01:af:e3:37:5b:37:76:b5:e4:7d:0e:cf:ac:4b:e1:c4: 7c:65:a7:f0:82:f0:da:78:94:60:57:d2:35:3f:d2:a9:3b:65: e1:9b:86:97:1c:44:7e:b3:58:fc:ce:cd:9e:7c:fd:77:df:80: bb:1c:bb:49:b5:96:27:03:60:0b:c4:45:36:03:5c:42:4e:64: 6b:80:05:c6:22:83:19:86:eb:81:5c:d2:51:0d:c2:b5:fe:35: af:28:9c:b9:5e:1d:fa:af:f9:19:73:bc:5f:62:af:ff:80:32: 31:75:c0:4a:13:df:2b:fb:b5:1d:6c:98:83:4b:87:67:77:04: 9b:e1:4f:f3:1d:f3:8e:86:14:c6:41:39:2b:8e:78:cf:cf:be: f4:5c:e9:f6:df:ee:fc:c7:e2:77:3f:b1:10:61:5e:e6:c0:8e: 3a:c9:07:27:db:58:6d:36:17:03:89:25:bc:ac:06:2d:c4:6d: ac:c6:fb:55 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE1kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMDkw MDQ0MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDYwMkI1QUVDQzA3NDZD NENGNkFFMjBEOEM4M0Y5NUIxNkFCMDlCMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDs81JuhnxS1XncfFECXluQPwMkeSZiVDhGu5XGNXoB+tBEcwEU YG/3nTFW0SuWSMy/fzXXI9MAsd7l81L1inIPXlXaKd5jghkGXrgp3Dvm4GELjP5z DsrKIDlt2ODzV3Pr2LBe0nhsiOMiKc1LcnePHLhELIMdzPOwy0fLRhFqJKJ+YP4A EtiCh97xyWMJyJK69wKL/hmcsxyRwl1Qan1ChAPSI2RM32YzztECggw1fmJR6/lI i+yJdq6zWnO4+hDsfV76z0kltpBPbugc2mLRvTgSYOdymXVfmvoR/UIshra83iyD fBoycNCXsmbP+M4o61sEf21t98c8FoWIerSzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUYCta7MB0bEz2riDYyD+VsWqwmzgwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvWUN0YTdNQjBiRXoy cmlEWXlELVZzV3F3bXpnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfzTANBgkqhkiG9w0BAQsFAAOCAQEA17bJg4oAPeaOruidTVuot2Eq8l5m cIhve+Av+eUpp03Q8YrfIexGWVSaIqx3AmN4Vog8MdsZMX7yQu8ggR6B12/46ol9 JoxR+scBr+M3Wzd2teR9Ds+sS+HEfGWn8ILw2niUYFfSNT/SqTtl4ZuGlxxEfrNY /M7Nnnz9d9+Auxy7SbWWJwNgC8RFNgNcQk5ka4AFxiKDGYbrgVzSUQ3Ctf41ryic uV4d+q/5GXO8X2Kv/4AyMXXAShPfK/u1HWyYg0uHZ3cEm+FP8x3zjoYUxkE5K454 z8++9Fzp9t/u/Mfidz+xEGFe5sCOOskHJ9tYbTYXA4klvKwGLcRtrMb7VQ== -----END CERTIFICATE-----Generated at Thu Nov 21 23:43:03 2024 by rpki-client on console-ams.rpki-client.org