$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1211/w1kAirxqgOm5vHz5Bi6BT549YJI.roa File: w1kAirxqgOm5vHz5Bi6BT549YJI.roa (raw, json) Hash identifier: nmBCzxSnYZI1RueieUTmxBLuXFlTbxpaZ7jDfOsEyyA= Subject key identifier: C3:59:00:8A:BC:6A:80:E9:B9:BC:7C:F9:06:2E:81:4F:9E:3D:60:92 Certificate issuer: /CN=183D882201945BE13993B4C6DAC954F8EE426C97 Certificate serial: 0D16 Authority key identifier: 18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/w1kAirxqgOm5vHz5Bi6BT549YJI.roa Signing time: Tue 24 Sep 2024 00:17:43 +0000 ROA not before: Tue 24 Sep 2024 00:17:43 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 63701 IP address blocks: 45.116.208.0/22 maxlen: 24 45.123.128.0/22 maxlen: 24 103.57.12.0/22 maxlen: 24 103.63.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:20:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3350 (0xd16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=183D882201945BE13993B4C6DAC954F8EE426C97 Validity Not Before: Sep 24 00:17:43 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=C359008ABC6A80E9B9BC7CF9062E814F9E3D6092 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:65:99:66:4f:c5:0f:ee:94:80:3d:3f:8b:14: ce:28:79:8d:b3:4f:76:52:1d:e3:e9:32:00:2e:68: ca:8a:df:50:b4:83:31:51:52:13:63:c8:7a:bf:a4: ec:db:9a:19:95:a2:d6:f4:72:16:e6:7e:49:51:6b: 8c:59:a5:62:56:56:5a:2c:3e:69:98:49:c4:cc:5c: 05:69:66:5a:21:1f:27:8e:df:1a:b4:8b:32:1e:75: f3:e6:57:a9:d4:78:cc:82:c5:ea:de:45:f7:f2:af: 7a:20:81:78:8e:ab:75:76:00:ff:94:e0:62:9f:6a: 5f:61:51:f1:82:14:a9:dc:a4:8a:8a:fb:3f:6b:fd: 75:92:3d:3d:24:10:0c:21:41:9f:cf:68:73:46:1d: be:23:b4:4d:d9:c8:e1:fa:32:f0:6c:26:93:c7:45: 2c:23:82:63:7f:ec:1b:d1:43:9a:15:72:9d:c0:98: 5b:15:47:80:03:99:45:a5:47:4b:9e:4b:db:c2:12: d7:7c:9d:34:30:f9:98:4a:84:dc:d1:94:9a:93:2b: 9a:46:ac:39:fa:29:90:af:80:7f:75:01:fe:67:7a: 11:67:7c:4d:fc:28:a0:4f:a4:0d:21:de:e5:f1:f8: cb:9b:f5:28:84:d8:2c:6e:3e:94:c2:8b:a7:34:b7: 87:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:59:00:8A:BC:6A:80:E9:B9:BC:7C:F9:06:2E:81:4F:9E:3D:60:92 X509v3 Authority Key Identifier: keyid:18:3D:88:22:01:94:5B:E1:39:93:B4:C6:DA:C9:54:F8:EE:42:6C:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/GD2IIgGUW-E5k7TG2slU-O5CbJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GD2IIgGUW-E5k7TG2slU-O5CbJc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1211/w1kAirxqgOm5vHz5Bi6BT549YJI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 45.116.208.0/22 45.123.128.0/22 103.57.12.0/22 103.63.244.0/22 Signature Algorithm: sha256WithRSAEncryption 06:56:93:f1:2a:6a:02:e5:37:09:44:3f:b8:15:e8:95:cf:1e: ff:85:2d:44:e2:cf:fe:10:72:db:7d:c0:e8:bd:83:67:80:d1: a0:b5:1f:f1:bb:51:c0:90:ad:c5:65:9c:a9:38:03:1b:ad:f4: 62:2b:e2:ed:e7:2d:32:02:7f:f8:f0:c9:d8:b3:b1:69:42:ec: 51:13:29:6f:e8:cd:1b:d4:33:5a:0e:67:49:be:c4:7d:c3:89: c3:db:17:57:73:b8:ba:70:3d:07:09:a8:56:09:7b:0e:7e:99: de:75:f8:30:e3:7e:50:72:42:e7:59:fc:ce:0f:2c:8d:b1:5d: 4a:00:e0:46:0e:ce:86:e9:70:0b:0f:5d:ee:2b:17:a0:10:e6: 08:1e:7f:90:ee:4f:b4:e5:92:e4:72:6e:66:d7:ba:4c:66:74: c4:7f:16:a0:97:0a:a6:7c:9c:49:4d:fd:e4:b1:0d:89:be:da: 63:3c:74:7e:81:6a:ed:d1:90:ef:20:57:3c:ae:51:6d:16:44: 83:06:2f:5d:e6:14:f7:fa:f0:18:78:83:e4:2d:68:be:51:9e: 9d:fc:c4:4a:24:17:7b:66:02:5b:77:bf:0f:06:65:7e:b8:00: 64:31:59:ce:86:be:f1:96:66:57:5c:7d:ac:0e:61:fe:c4:d7: d4:94:c3:d7 -----BEGIN CERTIFICATE----- MIIE6TCCA9GgAwIBAgICDRYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTgz RDg4MjIwMTk0NUJFMTM5OTNCNEM2REFDOTU0RjhFRTQyNkM5NzAeFw0yNDA5MjQw MDE3NDNaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEMzNTkwMDhBQkM2QTgw RTlCOUJDN0NGOTA2MkU4MTRGOUUzRDYwOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDMZZlmT8UP7pSAPT+LFM4oeY2zT3ZSHePpMgAuaMqK31C0gzFR UhNjyHq/pOzbmhmVotb0chbmfklRa4xZpWJWVlosPmmYScTMXAVpZlohHyeO3xq0 izIedfPmV6nUeMyCxereRffyr3oggXiOq3V2AP+U4GKfal9hUfGCFKncpIqK+z9r /XWSPT0kEAwhQZ/PaHNGHb4jtE3ZyOH6MvBsJpPHRSwjgmN/7BvRQ5oVcp3AmFsV R4ADmUWlR0ueS9vCEtd8nTQw+ZhKhNzRlJqTK5pGrDn6KZCvgH91Af5nehFnfE38 KKBPpA0h3uXx+Mub9SiE2CxuPpTCi6c0t4fjAgMBAAGjggIFMIICATAdBgNVHQ4E FgQUw1kAirxqgOm5vHz5Bi6BT549YJIwHwYDVR0jBBgwFoAUGD2IIgGUW+E5k7TG 2slU+O5CbJcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx MS9HRDJJSWdHVVctRTVrN1RHMnNsVS1PNUNiSmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0dEMklJZ0dVVy1FNWs3VEcyc2xVLU81Q2JKYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTEvdzFrQWlyeHFnT201 dkh6NUJpNkJUNTQ5WUpJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEw GAMEAi100AMEAi17gAMEAmc5DAMEAmc/9DANBgkqhkiG9w0BAQsFAAOCAQEABlaT 8SpqAuU3CUQ/uBXolc8e/4UtROLP/hBy233A6L2DZ4DRoLUf8btRwJCtxWWcqTgD G630Yivi7ectMgJ/+PDJ2LOxaULsURMpb+jNG9QzWg5nSb7EfcOJw9sXV3O4unA9 BwmoVgl7Dn6Z3nX4MON+UHJC51n8zg8sjbFdSgDgRg7OhulwCw9d7isXoBDmCB5/ kO5PtOWS5HJuZte6TGZ0xH8WoJcKpnycSU395LENib7aYzx0foFq7dGQ7yBXPK5R bRZEgwYvXeYU9/rwGHiD5C1ovlGenfzESiQXe2YCW3e/DwZlfrgAZDFZzoa+8ZZm V1x9rA5h/sTX1JTD1w== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:08 2024 by rpki-client on console-fra.rpki-client.org