$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/dhForz2_NrloVzISJkp8QaFMXCs.roa File: dhForz2_NrloVzISJkp8QaFMXCs.roa (raw, json) Hash identifier: /umIRMrhIJaUfWsHQfs27h7od4A6sDNvV6muipplBvw= Subject key identifier: 76:11:68:AF:3D:BF:36:B9:68:57:32:12:26:4A:7C:41:A1:4C:5C:2B Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Certificate serial: 05 Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/dhForz2_NrloVzISJkp8QaFMXCs.roa Signing time: Wed 06 Nov 2024 09:54:29 +0000 ROA not before: Wed 06 Nov 2024 09:54:29 +0000 ROA not after: Thu 06 Nov 2025 09:48:25 +0000 asID: 132883 IP address blocks: 203.83.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5 (0x5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83 Validity Not Before: Nov 6 09:54:29 2024 GMT Not After : Nov 6 09:48:25 2025 GMT Subject: CN=761168AF3DBF36B968573212264A7C41A14C5C2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fd:a3:c3:e6:53:a3:0a:6a:f2:ce:68:d9:d6:88: 9a:b3:34:9e:36:37:d8:f1:ec:65:ff:9d:1c:cb:96: a2:a3:83:eb:f2:72:3f:5f:72:82:33:16:09:9e:0a: f1:6a:84:11:b4:ee:18:8e:e2:d7:e5:bc:3a:4f:38: 73:77:c5:c1:b2:41:77:7f:1a:79:3e:56:9e:5a:5f: 04:10:d1:5f:f9:70:fb:83:a8:1c:04:a0:a8:81:8a: ca:ea:5e:28:f6:4b:67:8b:82:2f:26:23:03:aa:cc: f6:9f:15:da:7c:c6:de:e0:78:ce:ea:17:2d:cd:63: 30:5a:d3:4b:ba:4f:95:fa:4d:b4:8b:a7:03:df:ea: 19:f7:87:8f:57:48:16:64:ce:ca:31:b7:05:b0:6c: 5a:a7:ab:9e:8d:24:88:72:9d:43:ab:86:ae:19:56: b5:b2:b5:18:b1:71:ff:cb:f5:30:75:47:99:49:e5: 81:cd:49:fa:fd:90:76:9e:4a:6f:41:0e:e8:20:05: 9c:87:2b:ef:56:da:3f:4a:08:a1:0f:84:e6:77:b5: 73:80:71:98:1c:1c:24:56:17:a2:85:ff:a8:d5:3e: 9c:81:2b:55:ba:48:d4:69:cc:41:6d:69:a7:47:c0: 4e:b5:af:e7:c3:12:90:ef:a8:68:d8:6c:84:22:b8: 0e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:11:68:AF:3D:BF:36:B9:68:57:32:12:26:4A:7C:41:A1:4C:5C:2B X509v3 Authority Key Identifier: keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/dhForz2_NrloVzISJkp8QaFMXCs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 203.83.9.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:ba:0c:5d:79:a4:f8:d2:74:66:07:7d:7f:e5:36:de:df:68: 69:7a:88:3e:e1:c1:c1:68:2f:f0:5d:fc:d2:1e:82:56:07:c7: 99:ee:1c:ee:04:85:df:39:73:fd:dd:21:24:75:6f:fa:0b:2b: f7:11:e3:2e:7d:12:e9:aa:a2:cf:0b:c1:54:03:bf:73:42:9f: 4f:b2:16:27:1d:cf:c4:57:c7:eb:6d:71:56:ed:a5:f3:a8:55: ca:56:09:02:34:1c:af:10:b7:47:ab:ae:92:c8:c5:b0:a6:a3: bf:91:20:63:7d:d4:73:80:f5:c1:ad:c8:c1:25:ab:ae:fc:19: 95:42:a2:a4:b8:49:91:38:1e:86:28:d5:5b:4b:5d:6f:44:ed: 24:6e:2d:f7:3a:21:44:6b:79:8e:45:b6:c0:b6:e6:1e:4f:34: 37:33:fa:a4:ac:3f:09:97:6b:33:e0:21:ba:3c:17:12:76:d4: 33:92:17:b4:78:06:62:28:06:6c:a6:8d:fe:94:fe:2b:0f:77: ab:42:70:53:c4:f2:20:a2:f0:ad:10:6f:57:b2:ee:74:42:3d: ea:5b:d7:ff:b5:e0:34:f2:ff:a8:5b:67:37:14:36:8d:11:7a: 5a:d4:2b:f9:4a:28:33:4d:b7:99:b1:81:53:db:1d:19:8b:16: 58:34:15:80 -----BEGIN CERTIFICATE----- MIIE1jCCA76gAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygzMkQ1 RUMxNUM1RTU2NEU0NzBFQzdCMTRDRDQ3REUyRDg2MkFDRTgzMB4XDTI0MTEwNjA5 NTQyOVoXDTI1MTEwNjA5NDgyNVowMzExMC8GA1UEAxMoNzYxMTY4QUYzREJGMzZC OTY4NTczMjEyMjY0QTdDNDFBMTRDNUMyQjCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBAP2jw+ZTowpq8s5o2daImrM0njY32PHsZf+dHMuWoqOD6/JyP19y gjMWCZ4K8WqEEbTuGI7i1+W8Ok84c3fFwbJBd38aeT5WnlpfBBDRX/lw+4OoHASg qIGKyupeKPZLZ4uCLyYjA6rM9p8V2nzG3uB4zuoXLc1jMFrTS7pPlfpNtIunA9/q GfeHj1dIFmTOyjG3BbBsWqerno0kiHKdQ6uGrhlWtbK1GLFx/8v1MHVHmUnlgc1J +v2Qdp5Kb0EO6CAFnIcr71baP0oIoQ+E5ne1c4BxmBwcJFYXooX/qNU+nIErVbpI 1GnMQW1pp0fATrWv58MSkO+oaNhshCK4Dg8CAwEAAaOCAfMwggHvMB0GA1UdDgQW BBR2EWivPb82uWhXMhImSnxBoUxcKzAfBgNVHSMEGDAWgBQy1ewVxeVk5HDsexTN R94thirOgzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMDIz L010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTXRYc0ZjWGxaT1J3N0hzVXpVZmVMWVlxem9NLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAyMy9kaEZvcnoyX05ybG9W eklTSmtwOFFhRk1YQ3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u aWMuY24vcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAy1MJMA0GCSqGSIb3DQEBCwUAA4IBAQBKugxdeaT40nRmB31/5Tbe32hpeog+ 4cHBaC/wXfzSHoJWB8eZ7hzuBIXfOXP93SEkdW/6Cyv3EeMufRLpqqLPC8FUA79z Qp9PshYnHc/EV8frbXFW7aXzqFXKVgkCNByvELdHq66SyMWwpqO/kSBjfdRzgPXB rcjBJauu/BmVQqKkuEmROB6GKNVbS11vRO0kbi33OiFEa3mORbbAtuYeTzQ3M/qk rD8Jl2sz4CG6PBcSdtQzkhe0eAZiKAZspo3+lP4rD3erQnBTxPIgovCtEG9Xsu50 Qj3qW9f/teA08v+oW2c3FDaNEXpa1Cv5SigzTbeZsYFT2x0ZixZYNBWA -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org