$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3130/x4-dnfaRZp4bApRBQAwMpwh2Tc4.roa File: x4-dnfaRZp4bApRBQAwMpwh2Tc4.roa (raw, json) Hash identifier: vQtUNh+IpQq6TJCrDToxh2+OZf5DhGPG8kadqm7yeG4= Subject key identifier: C7:8F:9D:9D:F6:91:66:9E:1B:02:94:41:40:0C:0C:A7:08:76:4D:CE Certificate issuer: /CN=2B0C50542CA87AA3C12F30C32323062C87102221 Certificate serial: 13D3 Authority key identifier: 2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/x4-dnfaRZp4bApRBQAwMpwh2Tc4.roa Signing time: Wed 30 Oct 2024 12:43:40 +0000 ROA not before: Wed 30 Oct 2024 12:43:40 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 152179 IP address blocks: 180.223.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5075 (0x13d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2B0C50542CA87AA3C12F30C32323062C87102221 Validity Not Before: Oct 30 12:43:40 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=C78F9D9DF691669E1B029441400C0CA708764DCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:df:7d:85:0f:a4:95:e2:50:81:91:3f:0c:c6: 05:82:8f:a6:1b:52:9d:3e:6c:ad:90:27:3e:a5:a6: 8d:17:af:4b:7c:6c:39:7f:c4:a0:1f:76:12:51:92: 21:fa:25:c8:6f:2a:8c:1a:ba:b0:f7:ba:8e:f0:67: c1:bf:95:59:1d:00:60:5e:df:e1:f0:9a:f4:ad:5d: 48:75:6a:b8:e0:f0:ba:50:6a:a6:36:09:b4:05:ae: 8d:91:02:56:8d:ea:fe:a9:39:54:ab:93:db:0f:78: 23:d5:af:51:b8:29:82:ce:53:40:e7:9b:db:48:1a: 30:58:b6:53:a7:3d:e9:be:dd:97:3c:81:8f:c3:cd: 7f:f2:43:21:40:6f:f2:14:ca:26:28:50:fc:d3:eb: 04:2e:56:86:ff:8c:64:cc:53:9d:20:8f:57:7f:2d: d3:4f:d3:ed:4b:01:15:00:41:ec:9b:0f:bc:f8:fe: 1d:c2:3c:3d:28:da:2e:54:13:20:d8:97:28:19:67: fc:a9:8b:23:fc:6f:c6:25:b8:ef:3d:be:2d:38:6a: 3b:ef:aa:43:77:70:49:e1:73:7d:da:30:6c:a3:2b: fd:b0:cf:e7:18:1c:de:72:da:be:f3:3e:50:3a:c2: 71:a0:22:82:1d:da:f5:ee:39:b6:9f:d6:de:88:c9: fa:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:8F:9D:9D:F6:91:66:9E:1B:02:94:41:40:0C:0C:A7:08:76:4D:CE X509v3 Authority Key Identifier: keyid:2B:0C:50:54:2C:A8:7A:A3:C1:2F:30:C3:23:23:06:2C:87:10:22:21 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/KwxQVCyoeqPBLzDDIyMGLIcQIiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KwxQVCyoeqPBLzDDIyMGLIcQIiE.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3130/x4-dnfaRZp4bApRBQAwMpwh2Tc4.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 180.223.209.0/24 Signature Algorithm: sha256WithRSAEncryption 02:31:35:da:87:bf:a0:03:79:7c:57:93:30:cb:99:32:24:a2: d2:8b:3f:c3:79:c3:34:0d:17:6e:5b:85:d8:ce:c3:fb:bf:75: b0:d5:d5:e2:9e:3a:d3:1d:9b:6e:d6:30:8c:78:07:5f:d6:d4: 79:bf:ea:f1:b7:c8:29:93:b0:d1:41:43:17:66:6b:f1:f0:ca: 86:96:6f:4b:7f:96:20:5e:1d:d7:fb:51:77:a9:17:b8:c0:05: 57:ee:3b:e9:db:9d:35:7a:df:a0:84:17:71:33:58:e2:6c:07: 74:2e:97:d5:91:7f:09:d3:9d:8a:71:27:d4:81:ad:69:a1:ae: da:6d:12:10:ff:df:2a:f6:21:4c:54:94:fe:f4:36:13:0c:9c: 67:30:c6:a2:4e:a4:43:4a:b4:41:0c:66:15:a0:d8:91:19:8f: 93:38:d8:15:5e:fb:1f:de:f2:17:34:e6:9e:20:23:8f:87:85: 9b:b0:04:98:d2:38:87:8f:d7:39:39:03:a0:d2:c7:14:be:8b: 13:df:7e:e0:82:bf:a3:a6:6a:1e:47:8a:cf:51:23:58:62:7a: 11:66:6c:ff:4a:17:49:af:b6:bd:b2:1b:1b:41:ca:f4:1c:2a: ee:d9:5d:df:37:2c:13:f9:7a:86:bf:e6:bd:bd:04:33:83:6d: 74:9e:2a:e5 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICE9MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkIw QzUwNTQyQ0E4N0FBM0MxMkYzMEMzMjMyMzA2MkM4NzEwMjIyMTAeFw0yNDEwMzAx MjQzNDBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEM3OEY5RDlERjY5MTY2 OUUxQjAyOTQ0MTQwMEMwQ0E3MDg3NjREQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDP332FD6SV4lCBkT8MxgWCj6YbUp0+bK2QJz6lpo0Xr0t8bDl/ xKAfdhJRkiH6JchvKowaurD3uo7wZ8G/lVkdAGBe3+HwmvStXUh1arjg8LpQaqY2 CbQFro2RAlaN6v6pOVSrk9sPeCPVr1G4KYLOU0Dnm9tIGjBYtlOnPem+3Zc8gY/D zX/yQyFAb/IUyiYoUPzT6wQuVob/jGTMU50gj1d/LdNP0+1LARUAQeybD7z4/h3C PD0o2i5UEyDYlygZZ/ypiyP8b8YluO89vi04ajvvqkN3cEnhc33aMGyjK/2wz+cY HN5y2r7zPlA6wnGgIoId2vXuObaf1t6IyfqtAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUx4+dnfaRZp4bApRBQAwMpwh2Tc4wHwYDVR0jBBgwFoAUKwxQVCyoeqPBLzDD IyMGLIcQIiEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzEz MC9Ld3hRVkN5b2VxUEJMekRESXlNR0xJY1FJaUUuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0t3eFFWQ3lvZXFQQkx6RERJeU1HTEljUUlpRS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxMzAveDQtZG5mYVJacDRi QXBSQlFBd01wd2gyVGM0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALTf0TANBgkqhkiG9w0BAQsFAAOCAQEAAjE12oe/oAN5fFeTMMuZMiSi0os/ w3nDNA0XbluF2M7D+791sNXV4p460x2bbtYwjHgHX9bUeb/q8bfIKZOw0UFDF2Zr 8fDKhpZvS3+WIF4d1/tRd6kXuMAFV+476dudNXrfoIQXcTNY4mwHdC6X1ZF/CdOd inEn1IGtaaGu2m0SEP/fKvYhTFSU/vQ2EwycZzDGok6kQ0q0QQxmFaDYkRmPkzjY FV77H97yFzTmniAjj4eFm7AEmNI4h4/XOTkDoNLHFL6LE99+4IK/o6ZqHkeKz1Ej WGJ6EWZs/0oXSa+2vbIbG0HK9Bwq7tld3zcsE/l6hr/mvb0EM4NtdJ4q5Q== -----END CERTIFICATE-----Generated at Fri Nov 22 12:14:28 2024 by rpki-client on console-ams.rpki-client.org