$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/u7bdYWTVzy2HCxOPNwyWeOO30Nk.roa File: u7bdYWTVzy2HCxOPNwyWeOO30Nk.roa (raw, json) Hash identifier: 8spUb0jPvVPhJ5i4sTBQz+ChRJ4k0pJ+miFPgWzDhqc= Subject key identifier: BB:B6:DD:61:64:D5:CF:2D:87:0B:13:8F:37:0C:96:78:E3:B7:D0:D9 Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 124F Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/u7bdYWTVzy2HCxOPNwyWeOO30Nk.roa Signing time: Tue 20 Aug 2024 12:56:46 +0000 ROA not before: Tue 20 Aug 2024 12:56:46 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 2914 IP address blocks: 180.223.216.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 01:23:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4687 (0x124f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Aug 20 12:56:46 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=BBB6DD6164D5CF2D870B138F370C9678E3B7D0D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f1:2d:e8:1b:ff:f6:9a:dc:a4:e5:bd:0f:9f: 70:01:d8:10:a3:19:12:85:e9:79:47:98:8b:b4:a8: 6a:d9:4e:85:a0:b3:db:7f:db:b6:31:94:12:ad:f5: 96:05:c3:93:0f:1b:fb:0a:ef:b8:1b:4d:07:39:1d: 17:0d:88:72:6f:39:ef:72:a1:00:0a:cd:e4:ab:a9: 00:7a:b0:3c:c9:fb:13:64:4a:ae:97:73:78:30:b5: 25:8b:90:d5:6e:b4:dc:c7:7f:01:a9:85:41:c2:7d: e4:98:f4:61:d0:85:eb:8a:2f:00:26:e0:4c:b8:4a: ce:58:d8:59:7e:3f:75:eb:28:a7:c0:6e:ad:1f:90: 73:8b:7b:15:47:b4:8d:32:f9:dc:b6:66:18:76:d0: c5:29:0e:20:96:94:2a:9f:2f:6c:54:7d:89:a4:07: 63:9d:98:25:bc:d0:0d:da:c8:ab:45:a6:55:8c:7a: 62:05:04:a4:06:67:b6:b1:d1:f2:23:ec:d4:2c:a6: 2e:36:af:56:f2:b3:d9:10:73:42:b7:68:ed:71:d8: 1f:d4:f5:1c:54:4d:0c:d9:55:43:3b:65:3e:33:54: 4e:81:5b:ff:e2:88:40:c9:b9:22:69:97:47:ff:14: 15:15:f8:47:06:92:06:d4:08:c9:d8:2d:dc:ec:bc: 1d:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:B6:DD:61:64:D5:CF:2D:87:0B:13:8F:37:0C:96:78:E3:B7:D0:D9 X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/u7bdYWTVzy2HCxOPNwyWeOO30Nk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.216.0/21 Signature Algorithm: sha256WithRSAEncryption d2:ff:39:7e:d9:b3:60:1d:22:b4:e4:98:b8:7b:a1:21:38:9f: 12:03:92:ab:57:41:e1:c2:30:f3:26:23:69:7a:3c:17:ff:5b: a3:2c:46:a4:4c:91:bc:44:d2:75:b9:ee:d8:48:15:fe:00:e5: f5:67:d3:94:54:d9:1c:e9:00:69:7c:de:96:c7:2c:84:56:db: b5:7c:c1:6f:61:48:1c:c5:b1:3c:42:19:46:bf:5b:b3:15:0b: 2d:f4:54:f2:aa:5d:d1:47:0c:20:9a:86:14:08:a8:62:86:8e: 31:4c:66:ff:db:06:cb:4c:f3:4a:0e:4b:3b:34:15:63:0b:8c: ca:df:6d:c7:9e:86:7e:6a:24:dd:1b:4e:ed:66:69:11:4a:8f: e1:e5:c0:12:2b:a8:e0:06:b2:69:ca:b4:ab:10:c2:c3:35:e1: c6:1f:75:83:da:01:2b:4a:ca:99:59:0f:3b:90:3a:43:63:5e: b9:6f:c1:34:9e:1a:a5:4d:d6:ce:4b:9f:43:f8:89:e3:37:3b: 05:46:cc:50:e3:ad:97:5c:cb:b1:f5:a7:c3:0c:97:c5:f8:72: bb:9e:df:9d:c5:83:03:f1:74:00:ed:aa:8b:04:32:8b:b7:c6: ec:99:e9:bc:e1:45:85:34:f7:08:e3:a9:d6:a8:08:74:0a:e1: 88:cd:7c:b9 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEk8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDA4MjAx MjU2NDZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEJCQjZERDYxNjRENUNG MkQ4NzBCMTM4RjM3MEM5Njc4RTNCN0QwRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDP8S3oG//2mtyk5b0Pn3AB2BCjGRKF6XlHmIu0qGrZToWgs9t/ 27YxlBKt9ZYFw5MPG/sK77gbTQc5HRcNiHJvOe9yoQAKzeSrqQB6sDzJ+xNkSq6X c3gwtSWLkNVutNzHfwGphUHCfeSY9GHQheuKLwAm4Ey4Ss5Y2Fl+P3XrKKfAbq0f kHOLexVHtI0y+dy2Zhh20MUpDiCWlCqfL2xUfYmkB2OdmCW80A3ayKtFplWMemIF BKQGZ7ax0fIj7NQspi42r1bys9kQc0K3aO1x2B/U9RxUTQzZVUM7ZT4zVE6BW//i iEDJuSJpl0f/FBUV+EcGkgbUCMnYLdzsvB07AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUu7bdYWTVzy2HCxOPNwyWeOO30NkwHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAvdTdiZFlXVFZ6eTJI Q3hPUE53eVdlT08zME5rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEA7Tf2DANBgkqhkiG9w0BAQsFAAOCAQEA0v85ftmzYB0itOSYuHuhITifEgOS q1dB4cIw8yYjaXo8F/9boyxGpEyRvETSdbnu2EgV/gDl9WfTlFTZHOkAaXzelscs hFbbtXzBb2FIHMWxPEIZRr9bsxULLfRU8qpd0UcMIJqGFAioYoaOMUxm/9sGy0zz Sg5LOzQVYwuMyt9tx56Gfmok3RtO7WZpEUqP4eXAEiuo4Aayacq0qxDCwzXhxh91 g9oBK0rKmVkPO5A6Q2NeuW/BNJ4apU3WzkufQ/iJ4zc7BUbMUOOtl1zLsfWnwwyX xfhyu57fncWDA/F0AO2qiwQyi7fG7JnpvOFFhTT3COOp1qgIdArhiM18uQ== -----END CERTIFICATE-----Generated at Fri Nov 22 00:25:27 2024 by rpki-client on console-fra.rpki-client.org