$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/119/SC_pkcDhJ5o4NG17MetL3m9J4FE.roa File: SC_pkcDhJ5o4NG17MetL3m9J4FE.roa (raw, json) Hash identifier: 3QuKzabkQZa5U+aV6n5UNJwnM3YYQc4z4PuXFHFnB14= Subject key identifier: 48:2F:E9:91:C0:E1:27:9A:38:34:6D:7B:31:EB:4B:DE:6F:49:E0:51 Certificate issuer: /CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Certificate serial: 0D00 Authority key identifier: F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/SC_pkcDhJ5o4NG17MetL3m9J4FE.roa Signing time: Tue 24 Sep 2024 00:19:01 +0000 ROA not before: Tue 24 Sep 2024 00:19:01 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 9807 IP address blocks: 219.235.128.0/21 maxlen: 21 219.235.136.0/21 maxlen: 21 219.235.144.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3328 (0xd00) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F556C3AAA1001F89DC0FCED5436A21BB4FF35D7A Validity Not Before: Sep 24 00:19:01 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=482FE991C0E1279A38346D7B31EB4BDE6F49E051 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:0d:35:36:38:cc:73:dd:31:2f:36:88:61:c0: ad:f7:68:f8:68:ba:c7:24:8d:e2:b0:71:1d:7a:29: dc:9a:96:f2:b9:b0:e5:3d:fd:33:1c:57:d4:8f:6e: 13:e4:37:e2:b4:53:c5:f6:d7:3d:57:a8:4c:c0:5b: 68:fe:66:ff:5f:4d:4c:fb:58:a5:73:aa:b0:f2:40: 46:ed:9e:29:41:3f:22:c3:1d:c5:bc:80:86:b9:5a: 2d:18:c5:ba:91:1a:8d:57:f8:c1:fc:87:2a:53:34: 09:9d:15:71:52:92:0c:30:04:7d:36:80:8d:d1:5c: 5f:bb:8c:1a:e7:9b:31:a5:af:8f:ec:39:a0:94:67: c2:c3:1f:c3:e8:e9:0a:5f:a7:44:41:a3:b0:4a:3a: de:70:95:dc:7a:ce:41:47:31:25:71:cd:bc:d3:bf: fc:ab:59:0a:9c:af:d9:5b:af:b7:7d:9a:6b:8e:4f: bd:7a:53:c1:23:62:d6:ee:9d:28:2a:0b:b2:ff:84: bb:d4:a5:d3:80:11:cb:32:6f:f3:ed:e3:1d:f6:bd: f2:bf:31:a0:49:51:10:de:d6:15:e1:3f:94:25:28: 6a:ae:18:68:2c:94:51:8e:09:cd:82:4e:e9:bc:63: ea:9a:2e:eb:7b:97:f6:b5:59:cb:13:b4:b6:12:9c: c3:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:2F:E9:91:C0:E1:27:9A:38:34:6D:7B:31:EB:4B:DE:6F:49:E0:51 X509v3 Authority Key Identifier: keyid:F5:56:C3:AA:A1:00:1F:89:DC:0F:CE:D5:43:6A:21:BB:4F:F3:5D:7A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/9VbDqqEAH4ncD87VQ2ohu0_zXXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9VbDqqEAH4ncD87VQ2ohu0_zXXo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/119/SC_pkcDhJ5o4NG17MetL3m9J4FE.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.235.128.0-219.235.151.255 Signature Algorithm: sha256WithRSAEncryption 63:22:f4:dd:57:8a:1d:26:40:7e:d2:7d:70:f9:b9:12:20:60: fe:c8:16:7e:7b:c6:d0:6c:04:c8:85:aa:0a:2f:8a:8e:b7:4c: 8a:c7:80:1f:2e:3d:d3:c2:a5:8b:24:8a:8c:4d:e4:91:76:f7: 9b:76:ae:3d:14:a9:e8:0b:bf:49:70:75:eb:4e:c9:35:e0:18: bf:91:a7:20:02:b2:01:65:5a:58:f0:6e:8a:34:c9:c7:15:fb: 70:3d:0b:fd:9a:5a:11:39:46:cc:c6:e8:14:2b:c9:3f:45:df: 40:e0:52:57:b1:c7:22:47:40:a0:06:9b:50:42:96:73:09:3a: a9:42:53:27:c7:ea:3e:73:6f:26:b3:17:70:48:88:f2:da:a6: ec:40:84:dc:1b:f9:00:87:27:65:5a:7d:a8:b0:48:1a:01:23: b6:af:86:18:fc:96:00:06:79:1c:5e:db:f7:71:6e:e6:dc:0c: c7:2f:a8:81:16:dc:45:7f:e6:23:ca:fc:12:7e:91:05:df:d7: 6d:b0:03:68:20:6a:c6:6a:41:e8:b5:ff:cd:a8:10:eb:f1:ac: 65:a5:1d:1b:ba:79:0a:e9:ae:4e:69:4a:6b:9c:27:70:d8:d2: 56:04:aa:b5:60:74:2b:ef:99:04:c6:bd:4a:22:c8:af:d5:f7: c8:73:70:e1 -----BEGIN CERTIFICATE----- MIIE3TCCA8WgAwIBAgICDQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjU1 NkMzQUFBMTAwMUY4OURDMEZDRUQ1NDM2QTIxQkI0RkYzNUQ3QTAeFw0yNDA5MjQw MDE5MDFaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDQ4MkZFOTkxQzBFMTI3 OUEzODM0NkQ3QjMxRUI0QkRFNkY0OUUwNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDSDTU2OMxz3TEvNohhwK33aPhousckjeKwcR16KdyalvK5sOU9 /TMcV9SPbhPkN+K0U8X21z1XqEzAW2j+Zv9fTUz7WKVzqrDyQEbtnilBPyLDHcW8 gIa5Wi0YxbqRGo1X+MH8hypTNAmdFXFSkgwwBH02gI3RXF+7jBrnmzGlr4/sOaCU Z8LDH8Po6Qpfp0RBo7BKOt5wldx6zkFHMSVxzbzTv/yrWQqcr9lbr7d9mmuOT716 U8EjYtbunSgqC7L/hLvUpdOAEcsyb/Pt4x32vfK/MaBJURDe1hXhP5QlKGquGGgs lFGOCc2CTum8Y+qaLut7l/a1WcsTtLYSnMOfAgMBAAGjggH5MIIB9TAdBgNVHQ4E FgQUSC/pkcDhJ5o4NG17MetL3m9J4FEwHwYDVR0jBBgwFoAU9VbDqqEAH4ncD87V Q2ohu0/zXXowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5 LzlWYkRxcUVBSDRuY0Q4N1ZRMm9odTBfelhYby5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOVZiRHFxRUFING5jRDg3VlEyb2h1MF96WFhvLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTE5L1NDX3BrY0RoSjVvNE5H MTdNZXRMM205SjRGRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4w DAMEB9vrgAMEA9vrkDANBgkqhkiG9w0BAQsFAAOCAQEAYyL03VeKHSZAftJ9cPm5 EiBg/sgWfnvG0GwEyIWqCi+KjrdMiseAHy4908KliySKjE3kkXb3m3auPRSp6Au/ SXB1607JNeAYv5GnIAKyAWVaWPBuijTJxxX7cD0L/ZpaETlGzMboFCvJP0XfQOBS V7HHIkdAoAabUEKWcwk6qUJTJ8fqPnNvJrMXcEiI8tqm7ECE3Bv5AIcnZVp9qLBI GgEjtq+GGPyWAAZ5HF7b93Fu5twMxy+ogRbcRX/mI8r8En6RBd/XbbADaCBqxmpB 6LX/zagQ6/GsZaUdG7p5CumuTmlKa5wncNjSVgSqtWB0K++ZBMa9SiLIr9X3yHNw 4Q== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org