$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/6/ZTnWgPrwi560A2uo8Pf2MbEiTMk.roa File: ZTnWgPrwi560A2uo8Pf2MbEiTMk.roa (raw, json) Hash identifier: TACgupCVPJ9kehqBEATjywwWMmVKR4/+QPB8G53BdB8= Subject key identifier: 65:39:D6:80:FA:F0:8B:9E:B4:03:6B:A8:F0:F7:F6:31:B1:22:4C:C9 Certificate issuer: /CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Certificate serial: 0640 Authority key identifier: 94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/ZTnWgPrwi560A2uo8Pf2MbEiTMk.roa Signing time: Fri 23 Aug 2024 14:39:18 +0000 ROA not before: Fri 23 Aug 2024 14:39:18 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 2914 IP address blocks: 58.66.64.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1600 (0x640) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9481B4E409015D8EB7D03F36038830EC1098ABC0 Validity Not Before: Aug 23 14:39:18 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=6539D680FAF08B9EB4036BA8F0F7F631B1224CC9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:7c:1e:c7:8b:7b:e6:a5:ba:6d:f8:31:97:a4: b2:59:dc:b3:37:d8:34:c7:bb:5f:08:f4:63:f2:cb: 22:c1:f3:35:3c:da:29:77:51:c2:9f:90:7c:3e:64: d7:1f:ca:fa:69:24:b9:54:6b:aa:b3:fd:77:d5:f5: 97:73:f9:86:81:51:bb:c5:3b:4f:1f:c1:21:f1:2b: 91:1f:18:57:99:3a:e4:46:29:e4:f2:fb:6c:52:c8: 8f:3b:48:b5:2b:80:91:d4:11:c4:5a:67:1b:6b:05: fd:ff:0b:5d:dc:ca:fd:8d:50:d9:46:eb:25:1f:90: 5b:ec:ec:5d:5c:3a:fe:59:30:84:6e:76:3d:2f:f8: 07:06:b6:dc:1a:d7:f0:68:f9:a2:0b:a3:3a:03:83: 58:4d:3f:c7:4b:b9:71:04:ae:4d:25:0e:f5:5a:39: 3d:4d:f6:23:44:33:e4:11:7f:2a:4e:81:52:d9:70: 3a:36:98:b4:40:ba:bd:b0:e4:61:a7:c5:10:82:7e: 36:91:7b:2d:f7:de:c7:7c:19:e0:ba:6f:dd:62:28: ce:39:bf:d9:0f:54:f3:f5:85:b7:5d:be:a0:16:37: f6:4a:cd:e6:cb:f8:8a:c0:f3:7f:33:50:ca:f4:aa: cc:2f:b3:ce:a8:a8:64:d8:c5:55:ed:70:60:5a:79: 71:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:39:D6:80:FA:F0:8B:9E:B4:03:6B:A8:F0:F7:F6:31:B1:22:4C:C9 X509v3 Authority Key Identifier: keyid:94:81:B4:E4:09:01:5D:8E:B7:D0:3F:36:03:88:30:EC:10:98:AB:C0 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/lIG05AkBXY630D82A4gw7BCYq8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/lIG05AkBXY630D82A4gw7BCYq8A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6/ZTnWgPrwi560A2uo8Pf2MbEiTMk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 58.66.64.0/21 Signature Algorithm: sha256WithRSAEncryption 16:00:17:d4:f6:bf:d3:86:36:1c:1c:17:2f:ad:65:93:a7:5a: ce:26:e4:0d:7d:d7:ed:5a:8f:df:11:c6:b5:7a:36:53:47:56: 37:2a:ed:7d:b5:33:7d:c4:94:91:95:69:a9:a7:aa:ef:42:54: 68:cb:2d:c8:1a:8e:af:d1:c1:77:df:e4:ad:14:29:3a:d8:2f: bd:92:2e:69:3a:dd:29:87:1d:a4:cf:af:a8:34:b0:ce:ae:42: ff:2a:01:c7:36:5e:c8:c9:6a:f6:0b:97:a9:34:da:e9:5d:83: 26:a1:4b:22:c5:0e:40:95:25:b4:64:c2:0b:c1:da:56:8d:06: 17:1e:2a:0f:53:8d:48:11:75:e3:dd:33:5b:23:8b:92:99:81: e3:92:60:2b:d3:92:fc:fa:15:64:d6:3c:d0:17:aa:e3:ee:13: 14:9e:86:e0:d1:87:40:2c:54:4c:6f:b7:9c:a6:d1:6c:94:28: 65:ca:d5:1b:76:5f:e8:ef:aa:6f:1e:c7:d6:f0:2e:05:69:90: 11:3f:05:f6:35:91:d8:83:0f:27:10:eb:f6:f3:2c:03:e3:a4: a2:b9:ec:3a:34:5d:01:e3:e1:75:a2:3e:0a:12:25:49:95:e8: f6:c1:27:12:84:e7:37:ad:5b:e6:fc:f6:af:7b:bf:13:fd:8c: c1:9c:78:a5 -----BEGIN CERTIFICATE----- MIIE0TCCA7mgAwIBAgICBkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTQ4 MUI0RTQwOTAxNUQ4RUI3RDAzRjM2MDM4ODMwRUMxMDk4QUJDMDAeFw0yNDA4MjMx NDM5MThaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDY1MzlENjgwRkFGMDhC OUVCNDAzNkJBOEYwRjdGNjMxQjEyMjRDQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDDfB7Hi3vmpbpt+DGXpLJZ3LM32DTHu18I9GPyyyLB8zU82il3 UcKfkHw+ZNcfyvppJLlUa6qz/XfV9Zdz+YaBUbvFO08fwSHxK5EfGFeZOuRGKeTy +2xSyI87SLUrgJHUEcRaZxtrBf3/C13cyv2NUNlG6yUfkFvs7F1cOv5ZMIRudj0v +AcGttwa1/Bo+aILozoDg1hNP8dLuXEErk0lDvVaOT1N9iNEM+QRfypOgVLZcDo2 mLRAur2w5GGnxRCCfjaRey333sd8GeC6b91iKM45v9kPVPP1hbddvqAWN/ZKzebL +IrA838zUMr0qswvs86oqGTYxVXtcGBaeXG9AgMBAAGjggHtMIIB6TAdBgNVHQ4E FgQUZTnWgPrwi560A2uo8Pf2MbEiTMkwHwYDVR0jBBgwFoAUlIG05AkBXY630D82 A4gw7BCYq8AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g TaBLhklyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNi9s SUcwNUFrQlhZNjMwRDgyQTRndzdCQ1lxOEEuY3JsMGMGCCsGAQUFBwEBBFcwVTBT BggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0Qw MDAwL2xJRzA1QWtCWFk2MzBEODJBNGd3N0JDWXE4QS5jZXIwDgYDVR0PAQH/BAQD AgeAMIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtp LmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzYvWlRuV2dQcndpNTYwQTJ1bzhQ ZjJNYkVpVE1rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNu L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzpC QDANBgkqhkiG9w0BAQsFAAOCAQEAFgAX1Pa/04Y2HBwXL61lk6dazibkDX3X7VqP 3xHGtXo2U0dWNyrtfbUzfcSUkZVpqaeq70JUaMstyBqOr9HBd9/krRQpOtgvvZIu aTrdKYcdpM+vqDSwzq5C/yoBxzZeyMlq9guXqTTa6V2DJqFLIsUOQJUltGTCC8Ha Vo0GFx4qD1ONSBF1490zWyOLkpmB45JgK9OS/PoVZNY80Beq4+4TFJ6G4NGHQCxU TG+3nKbRbJQoZcrVG3Zf6O+qbx7H1vAuBWmQET8F9jWR2IMPJxDr9vMsA+Okorns OjRdAePhdaI+ChIlSZXo9sEnEoTnN61b5vz2r3u/E/2MwZx4pQ== -----END CERTIFICATE-----Generated at Fri Nov 22 00:25:29 2024 by rpki-client on console-fra.rpki-client.org