$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/613/kJTH_Pa1Q7q-za4UTf5iFF7mJak.roa File: kJTH_Pa1Q7q-za4UTf5iFF7mJak.roa (raw, json) Hash identifier: HxqU7QXHxJ3SUWYza6DwlQdO53jyF6ZlCNM0DzPU/DA= Subject key identifier: 90:94:C7:FC:F6:B5:43:BA:BE:CD:AE:14:4D:FE:62:14:5E:E6:25:A9 Certificate issuer: /CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Certificate serial: 1B91 Authority key identifier: 2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/kJTH_Pa1Q7q-za4UTf5iFF7mJak.roa Signing time: Thu 21 Nov 2024 09:32:21 +0000 ROA not before: Thu 21 Nov 2024 09:32:21 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 2914 IP address blocks: 43.254.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Nov 2024 22:51:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7057 (0x1b91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E83EB0E1CB7B4A7617A04AD7A82629D98B95B94 Validity Not Before: Nov 21 09:32:21 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=9094C7FCF6B543BABECDAE144DFE62145EE625A9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:72:5e:99:d8:f7:75:a9:de:9c:b7:6a:8b:cf: 81:81:be:7a:19:18:60:11:65:16:43:a9:dd:da:2a: 8d:65:b2:e8:c8:cd:d6:c8:ee:b2:99:ae:23:41:7d: 4f:e6:e2:e6:3a:5b:7b:0c:76:c4:f1:a5:18:a1:6e: 12:6d:c6:6f:64:4d:17:43:53:db:7a:c4:c4:b9:5f: 27:ba:b4:10:42:fd:33:b3:c2:b5:6f:0d:b3:9d:b4: bd:c5:79:6a:89:61:41:29:2d:7b:7e:db:9d:82:2f: 28:cc:26:f2:f2:3c:e0:6e:b6:e1:17:c7:02:c9:1e: 4d:d0:d8:f6:7b:99:cf:08:ee:c3:31:b1:b3:68:16: 61:68:a6:d7:db:9d:f3:61:f8:25:c3:16:2d:f1:23: e9:9b:b2:77:11:8b:73:ce:49:b1:dc:fa:54:db:7f: 04:6e:58:16:27:44:63:55:11:8e:65:0f:e0:0a:2d: e5:1e:d7:7b:a5:d9:31:08:ea:f5:8c:08:49:80:1d: ba:b5:07:2d:23:2f:d7:93:15:00:ae:ce:29:93:1e: 0b:c7:b4:26:85:74:32:a3:86:1f:4b:a4:9b:c5:18: ce:8d:4f:49:db:22:e2:3d:0f:43:db:05:57:37:a4: f4:78:21:10:5f:9e:00:9d:92:e0:0f:48:85:52:de: 49:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:94:C7:FC:F6:B5:43:BA:BE:CD:AE:14:4D:FE:62:14:5E:E6:25:A9 X509v3 Authority Key Identifier: keyid:2E:83:EB:0E:1C:B7:B4:A7:61:7A:04:AD:7A:82:62:9D:98:B9:5B:94 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/LoPrDhy3tKdhegSteoJinZi5W5Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LoPrDhy3tKdhegSteoJinZi5W5Q.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/613/kJTH_Pa1Q7q-za4UTf5iFF7mJak.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.254.128.0/22 Signature Algorithm: sha256WithRSAEncryption a9:dd:dd:de:6c:3e:f8:96:f2:02:94:a6:50:ec:4f:44:ba:ba: a8:0b:20:67:1f:b8:29:bb:a9:cb:01:02:5b:67:7e:57:e8:5a: e1:6d:29:b0:8d:4d:07:59:d5:54:ff:cd:3e:02:df:56:1b:c2: 91:b1:55:d2:28:55:bf:84:2f:4a:3f:14:be:4a:8a:86:98:5e: f9:56:0f:db:c9:84:08:2b:18:fb:b5:33:f6:e8:6c:59:a7:5d: fa:ae:0d:a8:6c:28:37:d2:de:4d:88:0d:fe:99:83:30:99:e9: b0:06:70:c2:ca:f4:0c:8b:fa:f0:d4:ea:b5:57:95:c8:48:82: 2e:c5:d8:e0:3d:05:dd:32:bb:42:f9:9b:9c:7e:ad:98:f1:82: 6b:b4:87:72:32:b8:73:42:e3:6d:cb:05:20:30:c3:56:7b:5f: af:41:1e:1d:35:9c:e9:58:d8:5c:1a:33:e9:b5:12:b1:cb:01: ed:e7:5c:2e:74:62:29:55:cb:b7:b3:33:d3:6e:66:7e:ef:3a: 0e:93:9e:b5:51:93:40:03:91:38:d3:79:b2:79:10:02:b6:42: 28:2f:4b:48:30:9a:98:ea:b7:41:3a:ee:db:42:78:9f:92:35: 48:63:d9:af:13:c6:80:da:48:78:a6:31:21:9c:d5:61:40:48: 92:71:15:43 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICG5EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 M0VCMEUxQ0I3QjRBNzYxN0EwNEFEN0E4MjYyOUQ5OEI5NUI5NDAeFw0yNDExMjEw OTMyMjFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDkwOTRDN0ZDRjZCNTQz QkFCRUNEQUUxNDRERkU2MjE0NUVFNjI1QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDKcl6Z2Pd1qd6ct2qLz4GBvnoZGGARZRZDqd3aKo1lsujIzdbI 7rKZriNBfU/m4uY6W3sMdsTxpRihbhJtxm9kTRdDU9t6xMS5Xye6tBBC/TOzwrVv DbOdtL3FeWqJYUEpLXt+252CLyjMJvLyPOButuEXxwLJHk3Q2PZ7mc8I7sMxsbNo FmFoptfbnfNh+CXDFi3xI+mbsncRi3POSbHc+lTbfwRuWBYnRGNVEY5lD+AKLeUe 13ul2TEI6vWMCEmAHbq1By0jL9eTFQCuzimTHgvHtCaFdDKjhh9LpJvFGM6NT0nb IuI9D0PbBVc3pPR4IRBfngCdkuAPSIVS3kmRAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUkJTH/Pa1Q7q+za4UTf5iFF7mJakwHwYDVR0jBBgwFoAULoPrDhy3tKdhegSt eoJinZi5W5QwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEz L0xvUHJEaHkzdEtkaGVnU3Rlb0ppblppNVc1US5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG9QckRoeTN0S2RoZWdTdGVvSmluWmk1VzVRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjEzL2tKVEhfUGExUTdxLXph NFVUZjVpRkY3bUphay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAIr/oAwDQYJKoZIhvcNAQELBQADggEBAKnd3d5sPviW8gKUplDsT0S6uqgLIGcf uCm7qcsBAltnflfoWuFtKbCNTQdZ1VT/zT4C31YbwpGxVdIoVb+EL0o/FL5KioaY XvlWD9vJhAgrGPu1M/bobFmnXfquDahsKDfS3k2IDf6ZgzCZ6bAGcMLK9AyL+vDU 6rVXlchIgi7F2OA9Bd0yu0L5m5x+rZjxgmu0h3IyuHNC423LBSAww1Z7X69BHh01 nOlY2FwaM+m1ErHLAe3nXC50YilVy7ezM9NuZn7vOg6TnrVRk0ADkTjTebJ5EAK2 QigvS0gwmpjqt0E67ttCeJ+SNUhj2a8TxoDaSHimMSGc1WFASJJxFUM= -----END CERTIFICATE-----Generated at Sun Nov 24 19:50:25 2024 by rpki-client on console-fra.rpki-client.org