$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/Z4NU5xe0EBj9RIuaovYwI5tnPM0.roa File: Z4NU5xe0EBj9RIuaovYwI5tnPM0.roa (raw, json) Hash identifier: MYFq2Melvc4J1leQU22ot/HNUSE6awkr0RXWxWdWbiw= Subject key identifier: 67:83:54:E7:17:B4:10:18:FD:44:8B:9A:A2:F6:30:23:9B:67:3C:CD Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B8A Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/Z4NU5xe0EBj9RIuaovYwI5tnPM0.roa Signing time: Thu 21 Nov 2024 09:32:18 +0000 ROA not before: Thu 21 Nov 2024 09:32:18 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 4766 IP address blocks: 43.254.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 16 Feb 2025 21:26:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7050 (0x1b8a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:18 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=678354E717B41018FD448B9AA2F630239B673CCD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:89:13:c2:a8:2b:4c:1c:7b:8d:c4:df:49:1e: 23:82:4d:3d:d1:c4:15:54:68:3f:23:11:81:60:10: 6e:1c:f6:57:78:83:60:b2:91:ea:21:9c:54:e8:b2: 47:df:68:07:22:1c:ee:f2:a1:cc:32:d2:9b:76:4c: 3c:bb:ed:fb:52:49:5f:40:52:8c:7f:66:50:9f:c7: 2d:e6:a9:25:b6:cb:66:be:4d:46:7d:f8:9d:bd:c4: 8a:86:79:cc:70:99:12:3c:8f:49:78:ed:8d:54:2b: 2e:bc:c7:bc:ce:cd:10:fe:55:e5:d8:cc:f2:82:47: 22:ba:6b:19:5a:84:09:48:c2:29:e9:80:58:1c:09: 2d:e4:2f:e5:3a:ff:3c:39:5b:7b:1a:4c:1d:89:82: b9:c8:af:fe:38:df:da:57:04:fe:4f:9c:d7:a0:83: 9d:ab:ba:27:07:91:b2:e5:7c:cb:c6:84:ef:98:13: a8:b2:80:2e:ab:fb:89:b7:1c:93:3b:84:ec:2b:a8: da:0c:d2:bc:7d:50:9c:e7:99:7d:f5:26:b9:9f:a3: b7:75:71:fd:95:12:96:c1:9d:11:fb:97:fc:8f:42: ed:0e:df:b6:ad:59:88:b9:3d:02:fd:01:57:71:bd: 72:f8:a3:f3:21:ff:ec:35:8f:f2:d4:aa:b5:70:f9: 66:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:83:54:E7:17:B4:10:18:FD:44:8B:9A:A2:F6:30:23:9B:67:3C:CD X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/Z4NU5xe0EBj9RIuaovYwI5tnPM0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.128.0/22 Signature Algorithm: sha256WithRSAEncryption ad:a8:f8:3a:b7:59:37:cb:5e:9a:dd:d8:82:5a:24:63:dd:d7: 83:75:10:6b:b0:bf:d9:48:cd:90:2e:45:f3:5c:c2:d2:b1:6d: 7f:8b:1c:8d:68:2c:c6:08:9e:7c:4d:b4:62:32:c4:35:82:11: 15:be:30:7b:c4:00:9c:9c:44:41:55:90:05:65:cd:b7:f5:32: 51:2b:7c:fc:db:e8:bf:ca:13:f1:3c:ef:25:e4:2b:5b:77:06: e2:45:f6:6a:c3:c6:47:e7:c4:c7:d8:b0:08:b1:69:9a:d4:4d: e3:ad:60:3a:d5:09:db:64:7a:23:5a:b4:4b:5a:95:7c:ad:8c: 22:2f:fa:48:3e:2d:b9:73:fb:bd:d7:8e:ef:f7:a2:23:e0:3e: 25:5e:c7:3c:2c:6a:c7:d0:9a:8a:9a:96:ee:ce:94:4e:c4:b7: ff:ff:58:a7:df:ad:85:fc:6b:fc:c2:cd:9d:6e:3f:c3:5c:d1: 59:25:a3:d5:38:57:87:29:da:12:f6:ec:fd:04:44:48:64:89: 7a:fd:5e:2b:07:53:d3:c3:ca:90:a6:d7:b6:f4:d8:7b:0f:ff: 84:17:f7:d6:54:e2:ed:e9:d5:2f:31:17:5c:f6:25:90:21:73: be:33:cc:13:ea:09:84:45:ff:9d:7b:f6:11:05:cf:c6:6d:38: ff:6c:9f:ec -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMThaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDY3ODM1NEU3MTdCNDEw MThGRDQ0OEI5QUEyRjYzMDIzOUI2NzNDQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDmiRPCqCtMHHuNxN9JHiOCTT3RxBVUaD8jEYFgEG4c9ld4g2Cy keohnFToskffaAciHO7yocwy0pt2TDy77ftSSV9AUox/ZlCfxy3mqSW2y2a+TUZ9 +J29xIqGecxwmRI8j0l47Y1UKy68x7zOzRD+VeXYzPKCRyK6axlahAlIwinpgFgc CS3kL+U6/zw5W3saTB2JgrnIr/4439pXBP5PnNegg52ruicHkbLlfMvGhO+YE6iy gC6r+4m3HJM7hOwrqNoM0rx9UJznmX31Jrmfo7d1cf2VEpbBnRH7l/yPQu0O37at WYi5PQL9AVdxvXL4o/Mh/+w1j/LUqrVw+WYVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUZ4NU5xe0EBj9RIuaovYwI5tnPM0wHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL1o0TlU1eGUwRUJqOVJJ dWFvdll3STV0blBNMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/oAwDQYJKoZIhvcNAQELBQADggEBAK2o+Dq3WTfLXprd2IJaJGPd14N1EGuw v9lIzZAuRfNcwtKxbX+LHI1oLMYInnxNtGIyxDWCERW+MHvEAJycREFVkAVlzbf1 MlErfPzb6L/KE/E87yXkK1t3BuJF9mrDxkfnxMfYsAixaZrUTeOtYDrVCdtkeiNa tEtalXytjCIv+kg+Lblz+73Xju/3oiPgPiVexzwsasfQmoqalu7OlE7Et///WKff rYX8a/zCzZ1uP8Nc0Vklo9U4V4cp2hL27P0EREhkiXr9XisHU9PDypCm17b02HsP /4QX99ZU4u3p1S8xF1z2JZAhc74zzBPqCYRF/5179hEFz8ZtOP9sn+w= -----END CERTIFICATE-----Generated at Sun Feb 16 20:17:01 2025 by rpki-client