$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/VYryJDxFQ9pVsktPdS7I7aO79LU.roa File: VYryJDxFQ9pVsktPdS7I7aO79LU.roa (raw, json) Hash identifier: EyLQPQpxzWzRFp+2LoIN/y3eg3CSRL9NQo+epTvIh2I= Subject key identifier: 55:8A:F2:24:3C:45:43:DA:55:B2:4B:4F:75:2E:C8:ED:A3:BB:F4:B5 Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B8D Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/VYryJDxFQ9pVsktPdS7I7aO79LU.roa Signing time: Thu 21 Nov 2024 09:32:20 +0000 ROA not before: Thu 21 Nov 2024 09:32:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 115.31.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7053 (0x1b8d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:20 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=558AF2243C4543DA55B24B4F752EC8EDA3BBF4B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:bb:54:e6:6a:e3:9c:53:0b:57:92:2b:f5:1a: 84:c7:88:1e:90:38:db:91:4e:4d:3f:a9:4d:54:70: 1a:3a:5b:1e:4b:b6:45:77:06:12:d1:82:5f:98:76: ba:3f:d8:93:02:56:84:9a:b2:e2:f0:32:7d:ee:6f: aa:28:fc:0f:85:3f:04:fb:24:d7:a6:c1:dc:54:15: 5a:b8:0e:d6:91:de:21:a5:7e:85:8e:c6:01:f2:a4: d5:44:78:6a:82:b5:56:49:63:20:e3:ed:0a:27:c4: a1:a5:2b:1f:2d:fd:65:8c:49:19:d6:e5:49:2e:2d: 82:48:ef:0f:2a:78:8f:81:24:f1:32:78:38:0f:b2: 96:6a:a6:d0:82:99:5a:1a:b7:52:03:da:67:23:d3: a1:bb:64:b8:61:62:de:a2:59:4a:58:36:32:b8:56: 81:d4:5a:de:a8:d9:83:dd:d7:54:59:8e:11:79:d7: be:2a:fd:cf:a5:fb:dc:4a:32:83:7c:de:67:9b:3d: c7:0c:e4:b8:55:36:b1:05:b8:4d:ef:e7:b3:98:51: 63:c1:33:ab:40:f9:70:6a:16:d5:3d:39:cd:92:d6: fa:e1:34:d8:ae:93:da:b6:4a:5b:76:13:47:43:2f: ac:77:a3:1e:94:ec:77:75:ba:06:c2:41:c0:2e:c3: d1:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:8A:F2:24:3C:45:43:DA:55:B2:4B:4F:75:2E:C8:ED:A3:BB:F4:B5 X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/VYryJDxFQ9pVsktPdS7I7aO79LU.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 115.31.68.0/22 Signature Algorithm: sha256WithRSAEncryption 40:ef:4f:1c:ab:22:c9:d4:c3:e5:57:3c:bd:a0:d7:4d:df:ab: 52:99:f7:d4:1d:b0:ea:fd:3f:6b:21:fd:1a:b3:a0:4a:c4:da: 75:9a:85:11:b7:8f:43:5f:e9:56:a0:30:02:a9:0d:2b:20:78: d9:ef:94:b2:6e:d9:89:59:21:6d:1c:5e:b0:3a:85:d1:c2:67: 01:0d:08:44:4a:5c:f4:93:ac:3e:10:b7:f9:61:1e:1b:c6:11: fe:bf:b5:93:52:55:66:fb:02:87:e8:40:a6:2f:ca:1e:14:0d: 87:1f:58:7f:f7:f3:2e:9e:3a:8b:60:cd:af:50:aa:62:85:aa: ef:df:b6:bb:39:35:ed:d9:fa:6b:0e:d2:ec:8f:1d:c5:8e:89: 7b:80:25:4b:e4:8a:fe:e9:01:5a:df:eb:28:2d:16:c1:8b:52: a9:eb:6e:a9:64:d0:ee:0c:d6:a5:50:e7:2c:8f:08:cf:6c:70: 9b:22:d3:b5:57:b7:70:b2:0c:2a:6a:b8:20:ca:1b:fb:aa:b2: b7:39:94:d7:c7:cf:26:8e:fb:1d:cc:7a:16:e1:4e:a6:f2:c6: b0:79:a1:e7:25:ad:ed:bd:7e:a3:fb:90:d0:8b:42:ee:69:24: 3e:a7:2c:1d:a2:bd:41:ce:a9:dc:83:a4:18:03:45:39:26:45: e4:24:57:17 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDU1OEFGMjI0M0M0NTQz REE1NUIyNEI0Rjc1MkVDOEVEQTNCQkY0QjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC6u1TmauOcUwtXkiv1GoTHiB6QONuRTk0/qU1UcBo6Wx5LtkV3 BhLRgl+Ydro/2JMCVoSasuLwMn3ub6oo/A+FPwT7JNemwdxUFVq4DtaR3iGlfoWO xgHypNVEeGqCtVZJYyDj7QonxKGlKx8t/WWMSRnW5UkuLYJI7w8qeI+BJPEyeDgP spZqptCCmVoat1ID2mcj06G7ZLhhYt6iWUpYNjK4VoHUWt6o2YPd11RZjhF5174q /c+l+9xKMoN83mebPccM5LhVNrEFuE3v57OYUWPBM6tA+XBqFtU9Oc2S1vrhNNiu k9q2Slt2E0dDL6x3ox6U7Hd1ugbCQcAuw9HZAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUVYryJDxFQ9pVsktPdS7I7aO79LUwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL1ZZcnlKRHhGUTlwVnNr dFBkUzdJN2FPNzlMVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJzH0QwDQYJKoZIhvcNAQELBQADggEBAEDvTxyrIsnUw+VXPL2g103fq1KZ99Qd sOr9P2sh/RqzoErE2nWahRG3j0Nf6VagMAKpDSsgeNnvlLJu2YlZIW0cXrA6hdHC ZwENCERKXPSTrD4Qt/lhHhvGEf6/tZNSVWb7AofoQKYvyh4UDYcfWH/38y6eOotg za9QqmKFqu/ftrs5Ne3Z+msO0uyPHcWOiXuAJUvkiv7pAVrf6ygtFsGLUqnrbqlk 0O4M1qVQ5yyPCM9scJsi07VXt3CyDCpquCDKG/uqsrc5lNfHzyaO+x3MehbhTqby xrB5oeclre29fqP7kNCLQu5pJD6nLB2ivUHOqdyDpBgDRTkmReQkVxc= -----END CERTIFICATE-----Generated at Fri Nov 22 02:02:57 2024 by rpki-client on console-ams.rpki-client.org