$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/IXfhrCbldcZbZXBmjzqnAKLGaKk.roa File: IXfhrCbldcZbZXBmjzqnAKLGaKk.roa (raw, json) Hash identifier: NFYvbBylrYm3YkOlx+wr3D8olyyIHR2ZWU0AlIIfL10= Subject key identifier: 21:77:E1:AC:26:E5:75:C6:5B:65:70:66:8F:3A:A7:00:A2:C6:68:A9 Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Certificate serial: 063C Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/IXfhrCbldcZbZXBmjzqnAKLGaKk.roa Signing time: Fri 23 Aug 2024 14:39:17 +0000 ROA not before: Fri 23 Aug 2024 14:39:17 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 2914 IP address blocks: 58.66.88.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 21 Nov 2024 23:50:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1596 (0x63c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Validity Not Before: Aug 23 14:39:17 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=2177E1AC26E575C65B6570668F3AA700A2C668A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:00:0f:f1:bd:50:42:29:ac:7c:a8:78:42:11: d4:50:ab:d4:ac:08:16:fd:d7:83:77:a7:bb:8f:d9: 50:1e:98:de:36:79:77:61:98:c2:f1:82:63:8d:88: 97:6f:f4:90:d6:07:f4:03:5e:73:66:57:9e:e3:ac: 68:e5:bf:ba:9a:a7:c4:5d:a3:f8:9d:8c:8a:e3:44: 32:dd:71:cd:de:c9:29:61:de:80:a2:18:44:25:1d: b9:ce:4d:e5:fb:bb:88:bb:e9:13:4f:65:fe:ff:a6: 02:0a:7f:48:0b:1d:47:bb:f7:a2:b2:8b:7a:9e:fb: 9f:32:01:94:37:38:20:a3:17:27:bf:de:e2:9f:6d: cb:1d:bb:a6:8e:52:ef:cf:59:0c:f8:62:b9:ba:aa: 07:ee:ac:19:c8:2a:19:8b:8e:7e:82:66:a0:f3:8a: 0e:80:46:f0:9c:d4:c0:61:ce:81:84:7d:bd:02:47: 8d:5e:88:68:79:59:3a:03:4e:ac:8e:a3:09:60:d2: 4f:31:60:cd:d7:f0:51:be:45:76:99:ce:3f:8c:9f: 5e:f0:b8:a2:17:6d:18:3c:24:95:ad:98:92:7a:1c: 96:5a:2a:2c:61:ba:12:fb:c7:0b:28:e9:db:d9:ba: 6f:f7:28:44:36:42:2a:e5:4d:b5:04:da:3b:a2:e2: 65:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:77:E1:AC:26:E5:75:C6:5B:65:70:66:8F:3A:A7:00:A2:C6:68:A9 X509v3 Authority Key Identifier: keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/IXfhrCbldcZbZXBmjzqnAKLGaKk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 58.66.88.0/21 Signature Algorithm: sha256WithRSAEncryption 86:8a:7b:e8:3f:27:7e:2a:64:23:ba:1a:0b:d3:67:d0:4c:52: 3c:17:6f:ea:cd:c5:f6:a3:b7:81:88:78:28:77:2b:3d:fe:0b: d0:a3:79:2c:37:40:69:7b:97:aa:0e:07:b7:15:da:b2:8d:c7: 4c:a5:d6:bc:d0:f0:57:a1:7e:af:6d:fa:39:e2:b6:95:cb:92: 50:68:39:b9:bc:2a:f5:98:84:8a:79:07:00:38:3f:1b:ec:bb: e4:2c:5d:5d:0b:43:3d:20:b5:4e:75:be:86:ae:de:e9:91:86: dc:25:74:d6:bb:a4:33:f9:08:ad:04:5f:13:4b:3d:0c:59:8f: a5:02:b6:a0:62:78:d6:7a:28:05:d4:4a:71:fd:a3:d1:e3:b3: 3f:5e:b1:96:63:27:2e:90:e2:12:81:78:d9:85:9e:31:79:f2: f4:91:db:fc:06:6b:17:19:db:4e:31:de:d0:f9:6a:d4:ec:48: 6d:65:e7:d5:6e:4c:02:8d:7c:08:a0:e3:63:c3:f5:cb:b9:65: c5:a1:d7:94:68:a0:32:1a:9e:19:f2:58:c7:dc:43:73:ad:be: 15:93:b5:b4:80:29:6d:fb:aa:48:34:d2:21:77:ae:5e:bf:ca: e0:2e:39:dd:10:d8:b4:fb:21:10:0a:c5:fb:06:42:8e:9d:17: f7:6b:b5:a4 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICBjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4 MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA4MjMx NDM5MTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDIxNzdFMUFDMjZFNTc1 QzY1QjY1NzA2NjhGM0FBNzAwQTJDNjY4QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEAA/xvVBCKax8qHhCEdRQq9SsCBb914N3p7uP2VAemN42eXdh mMLxgmONiJdv9JDWB/QDXnNmV57jrGjlv7qap8Rdo/idjIrjRDLdcc3eySlh3oCi GEQlHbnOTeX7u4i76RNPZf7/pgIKf0gLHUe796Kyi3qe+58yAZQ3OCCjFye/3uKf bcsdu6aOUu/PWQz4Yrm6qgfurBnIKhmLjn6CZqDzig6ARvCc1MBhzoGEfb0CR41e iGh5WToDTqyOowlg0k8xYM3X8FG+RXaZzj+Mn17wuKIXbRg8JJWtmJJ6HJZaKixh uhL7xwso6dvZum/3KEQ2QirlTbUE2jui4mU7AgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQUIXfhrCbldcZbZXBmjzqnAKLGaKkwHwYDVR0jBBgwFoAUlIG05AkBXY630D82 A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvSVhmaHJDYmxkY1piWlhCbWp6 cW5BS0xHYUtrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC WDANBgkqhkiG9w0BAQsFAAOCAQEAhop76D8nfipkI7oaC9Nn0ExSPBdv6s3F9qO3 gYh4KHcrPf4L0KN5LDdAaXuXqg4HtxXaso3HTKXWvNDwV6F+r236OeK2lcuSUGg5 ubwq9ZiEinkHADg/G+y75CxdXQtDPSC1TnW+hq7e6ZGG3CV01rukM/kIrQRfE0s9 DFmPpQK2oGJ41nooBdRKcf2j0eOzP16xlmMnLpDiEoF42YWeMXny9JHb/AZrFxnb TjHe0Plq1OxIbWXn1W5MAo18CKDjY8P1y7llxaHXlGigMhqeGfJYx9xDc62+FZO1 tIApbfuqSDTSIXeuXr/K4C453RDYtPshEArF+wZCjp0X92u1pA== -----END CERTIFICATE-----Generated at Thu Nov 21 23:43:05 2024 by rpki-client on console-ams.rpki-client.org