$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/jSCoSeAujfYn-33UpDl2Rb6aCAc.roa File: jSCoSeAujfYn-33UpDl2Rb6aCAc.roa (raw, json) Hash identifier: ckUMecTzn44KjVKv+qnoaePiJnMAFMsOfS+r/OQfN2w= Subject key identifier: 8D:20:A8:49:E0:2E:8D:F6:27:FB:7D:D4:A4:39:76:45:BE:9A:08:07 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 13D5 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/jSCoSeAujfYn-33UpDl2Rb6aCAc.roa Signing time: Wed 30 Oct 2024 12:43:40 +0000 ROA not before: Wed 30 Oct 2024 12:43:40 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 152179 IP address blocks: 180.223.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5077 (0x13d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 30 12:43:40 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=8D20A849E02E8DF627FB7DD4A4397645BE9A0807 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:4d:b7:76:f2:e3:be:e9:28:50:2f:7a:a5:32: 65:3a:fb:19:0c:06:a5:f0:e3:2d:34:5f:a8:cb:40: 8d:d3:48:d8:6c:68:1b:5d:9b:00:08:b5:40:91:e7: 2b:bd:da:a1:33:d5:e8:a5:d4:47:aa:0d:a0:c4:e4: 45:31:8b:43:0f:c0:95:5c:a9:91:c3:81:2e:1b:0d: 4f:62:1b:1c:d0:9e:55:1f:cb:a0:37:1a:aa:69:ab: b0:4f:de:10:12:ce:dd:1d:6b:af:52:f0:d6:25:a2: 91:5d:7d:ab:49:c7:d0:76:cb:c0:35:57:71:a5:1e: cf:50:f6:9a:1d:fc:14:3b:0a:25:72:41:50:eb:61: 21:db:3d:90:24:e2:eb:ac:30:2b:ea:fd:ac:77:06: 3d:23:7f:10:bb:f9:eb:34:9e:88:ec:00:5d:cd:8a: 7a:7d:69:6a:f1:75:e6:32:bd:aa:d5:3d:5d:67:17: c6:55:83:e4:3a:12:07:14:81:76:48:55:d1:63:65: 84:bc:cb:bb:26:54:d8:02:8f:46:56:47:5d:96:af: 3d:b0:6c:49:96:43:14:fa:3f:3f:b2:1c:95:db:cf: 9c:28:14:67:e1:22:7e:88:b6:b9:bc:48:aa:51:ad: 54:ef:10:b0:b1:11:eb:b7:46:e5:7d:af:8e:59:74: 5d:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:20:A8:49:E0:2E:8D:F6:27:FB:7D:D4:A4:39:76:45:BE:9A:08:07 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/jSCoSeAujfYn-33UpDl2Rb6aCAc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.211.0/24 Signature Algorithm: sha256WithRSAEncryption 20:75:3b:ca:01:5a:95:93:98:6f:7c:42:37:6d:c6:07:b0:0c: 68:16:1c:8c:49:5e:66:b2:61:a9:c0:3b:28:db:9c:7d:dc:63: 3c:63:80:3d:fc:cf:49:a0:cc:46:47:d7:df:ac:81:8f:d2:4c: 26:ca:18:b2:de:0f:5f:d7:a5:65:5c:7f:c3:d5:fa:1c:0b:ae: cb:24:04:9e:a4:72:16:64:b6:22:a6:ec:41:fa:6d:dd:0f:a2: 95:ab:c7:d5:c3:e4:5a:23:35:d1:6d:10:87:48:e8:a8:35:e9: ea:9d:09:da:12:02:8c:dc:f8:4e:75:45:8b:cd:a3:fe:0e:0b: ab:c4:95:b4:e3:14:85:c0:6a:63:df:f7:a4:e5:9c:27:be:b4: a3:9a:6f:49:5c:d6:62:d1:e6:1f:05:be:fe:0d:7a:f8:e6:5b: 50:95:be:a4:80:df:8f:4e:15:72:43:a8:ba:ed:80:94:47:68: ff:c4:2b:e0:82:11:c2:2d:38:a6:34:a9:1c:17:02:a3:22:c0: 54:71:22:8a:8c:e1:a5:56:e8:ce:d2:4f:1f:99:03:a2:04:9b: 4d:cc:dd:b8:5d:ea:d7:50:ff:11:40:85:77:5b:2a:2c:5b:62: c7:57:da:5d:ef:8d:a6:72:fb:79:1e:da:51:9e:7e:7c:f3:b7: 74:89:0f:17 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE9UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMzAx MjQzNDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDhEMjBBODQ5RTAyRThE RjYyN0ZCN0RENEE0Mzk3NjQ1QkU5QTA4MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC1Tbd28uO+6ShQL3qlMmU6+xkMBqXw4y00X6jLQI3TSNhsaBtd mwAItUCR5yu92qEz1eil1EeqDaDE5EUxi0MPwJVcqZHDgS4bDU9iGxzQnlUfy6A3 Gqppq7BP3hASzt0da69S8NYlopFdfatJx9B2y8A1V3GlHs9Q9pod/BQ7CiVyQVDr YSHbPZAk4uusMCvq/ax3Bj0jfxC7+es0nojsAF3Ninp9aWrxdeYyvarVPV1nF8ZV g+Q6EgcUgXZIVdFjZYS8y7smVNgCj0ZWR12Wrz2wbEmWQxT6Pz+yHJXbz5woFGfh In6Itrm8SKpRrVTvELCxEeu3RuV9r45ZdF3dAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUjSCoSeAujfYn+33UpDl2Rb6aCAcwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvalNDb1NlQXVqZllu LTMzVXBEbDJSYjZhQ0FjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTf0zANBgkqhkiG9w0BAQsFAAOCAQEAIHU7ygFalZOYb3xCN23GB7AMaBYc jEleZrJhqcA7KNucfdxjPGOAPfzPSaDMRkfX36yBj9JMJsoYst4PX9elZVx/w9X6 HAuuyyQEnqRyFmS2IqbsQfpt3Q+ilavH1cPkWiM10W0Qh0joqDXp6p0J2hICjNz4 TnVFi82j/g4Lq8SVtOMUhcBqY9/3pOWcJ760o5pvSVzWYtHmHwW+/g16+OZbUJW+ pIDfj04VckOouu2AlEdo/8Qr4IIRwi04pjSpHBcCoyLAVHEiiozhpVboztJPH5kD ogSbTczduF3q11D/EUCFd1sqLFtix1faXe+NpnL7eR7aUZ5+fPO3dIkPFw== -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:28 2024 by rpki-client on console-ams.rpki-client.org