$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/b9kHLrsoG04rS2p1BnAPGln4LzQ.roa File: b9kHLrsoG04rS2p1BnAPGln4LzQ.roa (raw, json) Hash identifier: AJU9ogzF8gLdmoL/+HxdT32YnUtsEw19p+gffCYaAig= Subject key identifier: 6F:D9:07:2E:BB:28:1B:4E:2B:4B:6A:75:06:70:0F:1A:59:F8:2F:34 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1353 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/b9kHLrsoG04rS2p1BnAPGln4LzQ.roa Signing time: Wed 09 Oct 2024 00:44:08 +0000 ROA not before: Wed 09 Oct 2024 00:44:08 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 180.223.202.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 01:23:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4947 (0x1353) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 9 00:44:08 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=6FD9072EBB281B4E2B4B6A7506700F1A59F82F34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:03:11:98:f1:fb:4d:c8:82:88:9a:41:ef:a2: a7:7c:63:17:b2:64:77:0a:45:d6:c1:4d:b4:70:6c: 3c:48:3c:a5:1b:b9:b9:35:0f:88:7c:29:d6:e7:a8: d2:48:af:2d:bb:7c:0f:f5:86:5d:f2:d2:59:be:cf: bd:ca:06:60:8b:64:de:32:7d:a0:17:4f:37:e0:68: 68:d6:8c:84:a0:fd:03:6a:29:5a:b6:86:4f:70:de: 6d:26:97:b9:dd:b5:6d:e9:af:00:d6:d4:44:b3:1d: bc:ea:20:c2:6d:ac:9c:99:74:4d:e1:d1:6e:42:c6: c6:62:60:6b:3c:ac:1b:2f:a8:13:8e:cc:9a:12:9e: 1a:a7:a3:9e:da:f2:20:83:28:5e:37:de:c3:e9:86: 82:52:72:1d:fa:09:ed:4a:37:23:a0:00:51:7e:4e: 1a:78:22:99:59:46:c7:98:69:bb:6f:8c:b2:7f:f4: 73:0c:ca:01:cd:ee:c0:d7:61:0b:be:bc:5a:c5:50: 05:4e:78:69:68:e0:4d:d9:a2:34:a9:e6:c0:3f:74: ad:75:f7:15:e7:62:94:fb:4a:46:c0:5d:bf:eb:9c: 60:dd:53:91:b2:f3:76:7d:79:6d:39:1f:3c:9d:ed: 81:6c:13:c3:42:37:b3:d0:21:22:7c:47:fd:1a:29: a2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:D9:07:2E:BB:28:1B:4E:2B:4B:6A:75:06:70:0F:1A:59:F8:2F:34 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/b9kHLrsoG04rS2p1BnAPGln4LzQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.202.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:af:58:4c:23:a2:88:6f:8f:d0:37:4e:02:9b:44:fb:2b:6f: a8:7d:6b:61:eb:96:e0:3d:22:21:b5:f1:e0:e3:87:ec:24:c1: e0:d1:a0:54:5a:01:6f:17:8b:67:84:da:5a:4f:bd:8a:0f:7a: a1:5c:8a:9c:66:e8:46:21:12:65:76:c5:db:cb:9c:78:da:35: bd:81:6a:a0:b7:a8:1a:73:e5:ba:1e:45:b8:ce:79:41:54:f5: 4e:25:ee:e1:f0:2f:12:6c:3a:0d:89:af:48:ae:f6:5a:83:70: 81:87:11:48:80:7d:89:38:ab:d3:30:bb:52:e8:55:cc:cf:d0: f6:91:c2:8f:e8:51:7a:33:d5:37:5c:76:c9:65:2f:76:04:84: 5a:89:c8:6a:b9:db:09:16:0c:fb:8c:50:a1:9d:d8:e0:80:9c: bb:05:f7:43:17:a0:d1:3b:ec:7a:a8:e3:55:8d:7d:67:73:b4: 43:29:6b:0a:6b:35:b7:f4:95:54:94:1f:59:75:e2:82:d4:fb: 20:1b:63:28:b8:13:68:8c:15:38:d5:5a:cc:1e:b2:03:a0:08: 76:cc:cb:ad:0e:c1:7b:37:3f:cb:3c:28:86:c2:47:02:f5:14: 3a:51:c4:a9:06:5e:e8:f6:b3:3f:b0:fd:56:07:15:06:55:af: 70:aa:33:86 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE1MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMDkw MDQ0MDhaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDZGRDkwNzJFQkIyODFC NEUyQjRCNkE3NTA2NzAwRjFBNTlGODJGMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQClAxGY8ftNyIKImkHvoqd8YxeyZHcKRdbBTbRwbDxIPKUbubk1 D4h8KdbnqNJIry27fA/1hl3y0lm+z73KBmCLZN4yfaAXTzfgaGjWjISg/QNqKVq2 hk9w3m0ml7ndtW3prwDW1ESzHbzqIMJtrJyZdE3h0W5CxsZiYGs8rBsvqBOOzJoS nhqno57a8iCDKF433sPphoJSch36Ce1KNyOgAFF+Thp4IplZRseYabtvjLJ/9HMM ygHN7sDXYQu+vFrFUAVOeGlo4E3ZojSp5sA/dK119xXnYpT7SkbAXb/rnGDdU5Gy 83Z9eW05Hzyd7YFsE8NCN7PQISJ8R/0aKaK9AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUb9kHLrsoG04rS2p1BnAPGln4LzQwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvYjlrSExyc29HMDRy UzJwMUJuQVBHbG40THpRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfyjANBgkqhkiG9w0BAQsFAAOCAQEALq9YTCOiiG+P0DdOAptE+ytvqH1r YeuW4D0iIbXx4OOH7CTB4NGgVFoBbxeLZ4TaWk+9ig96oVyKnGboRiESZXbF28uc eNo1vYFqoLeoGnPluh5FuM55QVT1TiXu4fAvEmw6DYmvSK72WoNwgYcRSIB9iTir 0zC7UuhVzM/Q9pHCj+hRejPVN1x2yWUvdgSEWonIarnbCRYM+4xQoZ3Y4ICcuwX3 Qxeg0TvseqjjVY19Z3O0QylrCms1t/SVVJQfWXXigtT7IBtjKLgTaIwVONVazB6y A6AIdszLrQ7Bezc/yzwohsJHAvUUOlHEqQZe6PazP7D9VgcVBlWvcKozhg== -----END CERTIFICATE-----Generated at Thu Nov 21 23:43:03 2024 by rpki-client on console-ams.rpki-client.org