$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/RHiDDus4cRdGByxdcp_w2n6njvo.roa File: RHiDDus4cRdGByxdcp_w2n6njvo.roa (raw, json) Hash identifier: D21EFT9WIMt8+j4Q/Cg+JcFmRqkJ6ayLlOmV+pVzMK0= Subject key identifier: 44:78:83:0E:EB:38:71:17:46:07:2C:5D:72:9F:F0:DA:7E:A7:8E:FA Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Certificate serial: 0628 Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/RHiDDus4cRdGByxdcp_w2n6njvo.roa Signing time: Thu 22 Aug 2024 03:44:35 +0000 ROA not before: Thu 22 Aug 2024 03:44:35 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 2914 IP address blocks: 58.66.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1576 (0x628) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Validity Not Before: Aug 22 03:44:35 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=4478830EEB38711746072C5D729FF0DA7EA78EFA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2a:1b:9f:49:c2:51:8d:1c:92:d3:8a:df:29: be:5f:00:bb:2b:67:0d:fa:99:fc:13:2b:41:b4:3f: 8c:ee:28:d2:07:db:8a:d3:05:94:ae:7d:24:a3:fe: 3f:89:52:0e:39:46:27:e1:40:60:86:27:d5:a5:bb: f4:0d:ee:57:a5:94:b2:8e:d2:13:e4:bd:48:3a:18: ad:92:2b:87:31:cc:8d:7a:56:03:f8:4b:4b:d1:1e: a9:67:f9:ff:0e:d9:2c:c5:31:19:5a:c1:60:f5:7e: bb:6e:43:b4:f4:03:98:cf:4e:9f:be:8b:58:3c:cb: 9d:3a:04:a3:61:d3:24:aa:14:c5:26:7b:e8:02:4f: 02:f7:10:5e:21:4a:3b:d6:2b:83:1c:bf:a7:93:19: 88:70:dc:ad:53:e1:4a:41:38:0f:f6:40:6e:cd:5b: 68:0b:90:53:52:76:29:10:83:03:d9:e5:fe:e9:0e: 64:10:6a:43:e2:10:fa:14:f3:0b:b9:1a:05:0a:f4: 2b:f0:8e:12:a8:fd:cf:90:0b:8e:8d:89:d1:ae:7d: cf:f6:a6:b6:c0:6a:9a:52:54:38:83:01:b6:f6:73: ad:77:89:3a:c1:a7:e8:54:f0:ad:4d:69:50:f1:29: 3b:17:ac:5f:11:1a:98:40:96:03:2e:06:e1:c9:82: 6a:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:78:83:0E:EB:38:71:17:46:07:2C:5D:72:9F:F0:DA:7E:A7:8E:FA X509v3 Authority Key Identifier: keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/RHiDDus4cRdGByxdcp_w2n6njvo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 58.66.64.0/18 Signature Algorithm: sha256WithRSAEncryption 38:b6:6b:a4:38:b6:af:0f:b1:02:f8:1e:f2:cb:95:1b:9d:bd: b7:ed:8f:ad:2a:6c:85:a4:3f:ac:65:e4:05:61:e2:4f:5f:7a: 2e:9a:85:f0:5e:8a:20:76:92:7a:af:ce:d8:34:59:c9:0f:41: ad:7f:7d:0b:d6:fc:ae:21:e3:85:5c:4c:d1:5d:f3:9a:57:3d: af:b2:96:b6:86:7b:e7:6b:c8:a3:f8:05:17:63:f0:1e:21:44: b2:41:49:1b:0d:aa:3c:57:12:b8:3c:3c:ee:cb:37:18:62:0e: 2f:40:2c:40:f4:9a:9c:a8:80:0f:a8:98:2f:91:be:23:04:ad: 9a:bd:06:d3:12:0c:e2:f9:fb:35:e1:2a:2f:27:ad:b9:96:6c: 1d:2f:c7:96:da:c4:01:c7:cb:3b:b4:0e:34:8f:e6:16:36:e9: 61:8c:1a:ad:83:18:ee:1c:c4:d5:ff:ab:3b:12:ea:9e:e4:be: f2:1a:b2:4d:64:f2:de:fe:de:62:15:09:1d:46:7c:4e:42:7d: 58:83:34:92:13:33:8c:cb:cf:bc:f9:92:d9:ef:20:d4:91:a6: 50:52:6c:a9:1b:77:5e:11:15:1e:8f:66:13:4c:ac:8f:2b:95: 3c:f6:59:71:05:7b:6b:6f:cb:f2:e3:33:56:e0:e7:26:ff:4a: 6e:eb:6d:9c -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICBigwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4 MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA4MjIw MzQ0MzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDQ0Nzg4MzBFRUIzODcx MTc0NjA3MkM1RDcyOUZGMERBN0VBNzhFRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8KhufScJRjRyS04rfKb5fALsrZw36mfwTK0G0P4zuKNIH24rT BZSufSSj/j+JUg45RifhQGCGJ9Wlu/QN7lellLKO0hPkvUg6GK2SK4cxzI16VgP4 S0vRHqln+f8O2SzFMRlawWD1frtuQ7T0A5jPTp++i1g8y506BKNh0ySqFMUme+gC TwL3EF4hSjvWK4Mcv6eTGYhw3K1T4UpBOA/2QG7NW2gLkFNSdikQgwPZ5f7pDmQQ akPiEPoU8wu5GgUK9CvwjhKo/c+QC46NidGufc/2prbAappSVDiDAbb2c613iTrB p+hU8K1NaVDxKTsXrF8RGphAlgMuBuHJgmovAgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQURHiDDus4cRdGByxdcp/w2n6njvowHwYDVR0jBBgwFoAUlIG05AkBXY630D82 A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvUkhpRER1czRjUmRHQnl4ZGNw X3cybjZuanZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjpC QDANBgkqhkiG9w0BAQsFAAOCAQEAOLZrpDi2rw+xAvge8suVG529t+2PrSpshaQ/ rGXkBWHiT196LpqF8F6KIHaSeq/O2DRZyQ9BrX99C9b8riHjhVxM0V3zmlc9r7KW toZ752vIo/gFF2PwHiFEskFJGw2qPFcSuDw87ss3GGIOL0AsQPSanKiAD6iYL5G+ IwStmr0G0xIM4vn7NeEqLyetuZZsHS/HltrEAcfLO7QONI/mFjbpYYwarYMY7hzE 1f+rOxLqnuS+8hqyTWTy3v7eYhUJHUZ8TkJ9WIM0khMzjMvPvPmS2e8g1JGmUFJs qRt3XhEVHo9mE0ysjyuVPPZZcQV7a2/L8uMzVuDnJv9KbuttnA== -----END CERTIFICATE-----Generated at Fri Nov 22 00:25:29 2024 by rpki-client on console-fra.rpki-client.org