$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/kXJYveIuuGmErvWtyisvEepx0_o.roa File: kXJYveIuuGmErvWtyisvEepx0_o.roa (raw, json) Hash identifier: DeRfPF8EVHWLbOZJZoE/3rik8Pz72B77qe9o4hM0/mA= Subject key identifier: 91:72:58:BD:E2:2E:B8:69:84:AE:F5:AD:CA:2B:2F:11:EA:71:D3:FA Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 1360 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/kXJYveIuuGmErvWtyisvEepx0_o.roa Signing time: Wed 09 Oct 2024 00:44:13 +0000 ROA not before: Wed 09 Oct 2024 00:44:13 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 180.223.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 01:23:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4960 (0x1360) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 9 00:44:13 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=917258BDE22EB86984AEF5ADCA2B2F11EA71D3FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:41:1c:92:cf:f1:fd:60:6c:d7:85:92:9b:f5: df:a9:50:d9:06:4e:c8:1d:81:14:d1:aa:77:06:6e: d3:12:e3:99:73:0f:76:05:fa:55:07:5d:02:cb:b3: 6d:b9:d3:50:c4:3f:d2:d6:8b:a6:4f:8a:ff:6c:ef: 07:1e:16:75:ca:18:45:9e:7c:87:53:9f:93:bc:e7: e9:c3:62:3a:f2:16:71:17:8a:88:7b:94:36:d5:ee: f7:31:e3:44:c9:44:9c:0e:6f:c0:7d:3d:d4:a7:b4: 4e:1f:30:12:76:34:31:04:66:2d:3a:55:01:6c:e3: 7b:43:31:96:59:e2:f6:26:f0:b5:ce:57:da:d5:0a: cd:fd:95:d4:cf:9c:0c:15:c8:d9:37:7d:5d:32:f6: 4e:d2:60:9e:29:23:05:a2:d9:17:80:2d:ff:95:73: a8:30:df:42:5e:8f:92:77:db:41:de:5e:95:8c:a9: 76:a6:f8:df:9f:34:43:32:2c:41:df:03:81:17:b8: d3:5d:5c:79:b7:44:e8:24:46:42:64:d0:13:e7:d3: dd:70:44:f3:50:0b:d7:70:11:12:46:f1:10:74:e1: ae:a1:1f:05:d1:02:83:a2:47:36:b3:ec:c7:40:a2: ac:1d:e6:db:d7:0f:77:9b:6c:06:06:7b:10:ec:79: ee:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:72:58:BD:E2:2E:B8:69:84:AE:F5:AD:CA:2B:2F:11:EA:71:D3:FA X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/kXJYveIuuGmErvWtyisvEepx0_o.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.203.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:84:af:0b:9c:b8:39:2a:14:be:80:6d:aa:85:27:18:f6:3d: b7:47:eb:48:8c:48:4d:ab:0b:3d:af:cd:3d:07:17:28:25:46: 55:77:f2:80:77:80:76:4e:0a:90:a9:17:2b:3c:8b:2d:bd:d7: 1d:90:ec:68:d7:c5:24:f1:e8:7a:a8:e3:13:a3:39:d3:1c:39: 70:db:3f:d4:d0:ec:20:d9:48:ea:ee:ee:78:6c:f4:40:b5:88: 27:b3:fb:ba:0d:53:a6:9f:fb:a9:b9:7d:b2:d6:ec:97:46:b9: 4e:e5:c6:b3:db:f3:96:ff:c5:79:2b:c4:c9:1f:66:4b:f6:f7: 12:3a:2d:0c:58:56:30:49:7d:1c:74:bd:4e:07:d3:cc:ca:d5: 9f:33:ac:2a:90:00:59:19:37:50:32:e9:61:49:9b:6e:23:e2: 50:06:29:96:0d:2c:7d:07:99:4d:f9:4e:b0:06:cb:6e:39:1a: 12:4d:66:af:ec:8f:a1:6a:50:eb:c6:85:df:3e:f2:78:5a:53: a1:e9:ab:28:38:e8:e9:45:2a:7f:72:42:70:d8:03:68:f7:1e: 70:2e:23:8c:fc:26:98:65:9b:95:c3:86:2c:d6:25:8f:8d:12: 8c:a0:e0:f8:e0:a7:78:95:67:a0:b4:5a:e5:bb:4b:aa:46:45: 41:e4:fe:b9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMDkw MDQ0MTNaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkxNzI1OEJERTIyRUI4 Njk4NEFFRjVBRENBMkIyRjExRUE3MUQzRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7QRySz/H9YGzXhZKb9d+pUNkGTsgdgRTRqncGbtMS45lzD3YF +lUHXQLLs22501DEP9LWi6ZPiv9s7wceFnXKGEWefIdTn5O85+nDYjryFnEXioh7 lDbV7vcx40TJRJwOb8B9PdSntE4fMBJ2NDEEZi06VQFs43tDMZZZ4vYm8LXOV9rV Cs39ldTPnAwVyNk3fV0y9k7SYJ4pIwWi2ReALf+Vc6gw30Jej5J320HeXpWMqXam +N+fNEMyLEHfA4EXuNNdXHm3ROgkRkJk0BPn091wRPNQC9dwERJG8RB04a6hHwXR AoOiRzaz7MdAoqwd5tvXD3ebbAYGexDsee5LAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUkXJYveIuuGmErvWtyisvEepx0/owHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAva1hKWXZlSXV1R21F cnZXdHlpc3ZFZXB4MF9vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTfyzANBgkqhkiG9w0BAQsFAAOCAQEAbYSvC5y4OSoUvoBtqoUnGPY9t0fr SIxITasLPa/NPQcXKCVGVXfygHeAdk4KkKkXKzyLLb3XHZDsaNfFJPHoeqjjE6M5 0xw5cNs/1NDsINlI6u7ueGz0QLWIJ7P7ug1Tpp/7qbl9stbsl0a5TuXGs9vzlv/F eSvEyR9mS/b3EjotDFhWMEl9HHS9TgfTzMrVnzOsKpAAWRk3UDLpYUmbbiPiUAYp lg0sfQeZTflOsAbLbjkaEk1mr+yPoWpQ68aF3z7yeFpToemrKDjo6UUqf3JCcNgD aPcecC4jjPwmmGWblcOGLNYlj40SjKDg+OCneJVnoLRa5btLqkZFQeT+uQ== -----END CERTIFICATE-----Generated at Fri Nov 22 00:25:27 2024 by rpki-client on console-fra.rpki-client.org