$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1407/DxfIjbOOEwQlrzFpYd7_pZyLomY.roa File: DxfIjbOOEwQlrzFpYd7_pZyLomY.roa (raw, json) Hash identifier: H+2wDltBpsljHYGjKXHuiv3/rnGdiCmtbvwrJ+M6pEw= Subject key identifier: 0F:17:C8:8D:B3:8E:13:04:25:AF:31:69:61:DE:FF:A5:9C:8B:A2:66 Certificate issuer: /CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Certificate serial: 19A8 Authority key identifier: 5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/DxfIjbOOEwQlrzFpYd7_pZyLomY.roa Signing time: Tue 24 Sep 2024 00:18:55 +0000 ROA not before: Tue 24 Sep 2024 00:18:55 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 134700 IP address blocks: 182.50.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 12:52:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6568 (0x19a8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5DA0A5ECC2182DB00EB85C62313D57B96B7FD68E Validity Not Before: Sep 24 00:18:55 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=0F17C88DB38E130425AF316961DEFFA59C8BA266 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7f:ef:3b:c6:d9:71:90:87:fd:48:81:85:ee: 8a:e3:34:dd:f3:d0:20:31:62:ac:ae:a6:aa:aa:ca: 55:29:7e:3f:1c:ab:9b:ba:d5:87:cd:3f:96:92:a7: 90:12:60:61:4a:30:42:93:b6:ad:fd:7f:72:56:6b: d9:4e:69:f7:bc:8f:d5:21:9b:0f:f3:fa:46:26:f4: 1d:f6:2e:48:3d:84:bf:d8:2d:a3:43:39:72:04:b2: 76:2b:72:a8:e3:d0:45:8a:f9:70:ac:bd:21:60:0a: f2:7d:bc:21:23:a8:8f:1e:44:79:df:00:c4:96:29: d8:2c:cb:dc:88:03:e0:41:21:57:3d:9a:06:fc:2a: a4:3b:dd:5b:9f:bf:cd:32:5f:9d:d1:2b:2d:17:71: 18:14:83:95:e4:29:1e:04:0d:27:9d:d0:72:e3:f8: 62:0b:10:cc:be:2d:e4:68:cc:ca:e6:86:ef:7f:e7: b8:ff:7e:b5:82:9c:a7:05:52:24:cf:4b:4b:a3:59: 04:0a:d3:56:25:b5:41:61:a9:51:5b:8a:57:c6:04: 81:62:f5:60:e7:65:c9:94:b1:08:f9:80:44:ce:27: 34:37:25:55:e5:28:9b:8e:b4:2a:44:0b:f8:2b:91: 1f:c2:94:68:94:f4:fa:cc:56:22:bd:39:25:53:49: 5c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:17:C8:8D:B3:8E:13:04:25:AF:31:69:61:DE:FF:A5:9C:8B:A2:66 X509v3 Authority Key Identifier: keyid:5D:A0:A5:EC:C2:18:2D:B0:0E:B8:5C:62:31:3D:57:B9:6B:7F:D6:8E X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/XaCl7MIYLbAOuFxiMT1XuWt_1o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/XaCl7MIYLbAOuFxiMT1XuWt_1o4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1407/DxfIjbOOEwQlrzFpYd7_pZyLomY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 182.50.7.0/24 Signature Algorithm: sha256WithRSAEncryption 60:59:34:8a:8d:51:3a:f2:ac:e0:20:96:e2:62:54:e5:ee:b6: e2:84:b9:15:03:c0:f1:6c:dc:a0:ea:24:33:2a:c6:11:fe:2c: 1e:77:cf:c3:21:6f:4c:58:0e:e8:53:24:5d:d2:07:39:50:e1: 65:6e:57:d4:e7:b7:9a:f4:61:b6:83:1c:df:bd:a9:11:f4:60: d0:6a:59:75:e0:66:b2:c6:70:55:11:1c:85:fd:db:c8:3a:f3: c1:f4:0f:4e:ef:d4:1b:4e:72:24:62:10:51:b2:9e:42:88:e0: 50:56:6d:3f:9a:35:be:03:25:f7:9d:79:a5:5f:7a:23:b2:32: da:da:81:2d:f6:4f:c6:0a:ad:3d:ba:b0:ca:e5:35:32:8e:36: 10:fa:31:28:52:ef:7e:ef:f8:8f:93:01:ba:02:e5:d6:17:cc: 2d:78:ee:f1:9c:e6:72:28:22:8b:40:52:62:d0:03:c6:37:f5: 06:9a:44:eb:36:dd:d8:a3:d7:3b:2b:61:89:d1:56:4f:8e:05: f3:a8:bd:04:99:c6:af:cc:29:f6:2f:07:ed:99:a6:08:cc:b4: e4:58:54:4f:1a:73:d6:ba:02:c9:fe:b3:46:6e:bb:31:a5:d4: c8:d7:06:9d:55:f4:db:9d:a2:4c:61:97:db:11:66:93:49:58: 64:c6:ee:00 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNURB MEE1RUNDMjE4MkRCMDBFQjg1QzYyMzEzRDU3Qjk2QjdGRDY4RTAeFw0yNDA5MjQw MDE4NTVaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDBGMTdDODhEQjM4RTEz MDQyNUFGMzE2OTYxREVGRkE1OUM4QkEyNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDNf+87xtlxkIf9SIGF7orjNN3z0CAxYqyupqqqylUpfj8cq5u6 1YfNP5aSp5ASYGFKMEKTtq39f3JWa9lOafe8j9Uhmw/z+kYm9B32Lkg9hL/YLaND OXIEsnYrcqjj0EWK+XCsvSFgCvJ9vCEjqI8eRHnfAMSWKdgsy9yIA+BBIVc9mgb8 KqQ73Vufv80yX53RKy0XcRgUg5XkKR4EDSed0HLj+GILEMy+LeRozMrmhu9/57j/ frWCnKcFUiTPS0ujWQQK01YltUFhqVFbilfGBIFi9WDnZcmUsQj5gETOJzQ3JVXl KJuOtCpEC/grkR/ClGiU9PrMViK9OSVTSVyhAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUDxfIjbOOEwQlrzFpYd7/pZyLomYwHwYDVR0jBBgwFoAUXaCl7MIYLbAOuFxi MT1XuWt/1o4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQw Ny9YYUNsN01JWUxiQU91RnhpTVQxWHVXdF8xbzQuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1hhQ2w3TUlZTGJBT3VGeGlNVDFYdVd0XzFvNC5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MDcvRHhmSWpiT09Fd1Fs cnpGcFlkN19wWnlMb21ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALYyBzANBgkqhkiG9w0BAQsFAAOCAQEAYFk0io1ROvKs4CCW4mJU5e624oS5 FQPA8WzcoOokMyrGEf4sHnfPwyFvTFgO6FMkXdIHOVDhZW5X1Oe3mvRhtoMc372p EfRg0GpZdeBmssZwVREchf3byDrzwfQPTu/UG05yJGIQUbKeQojgUFZtP5o1vgMl 9515pV96I7Iy2tqBLfZPxgqtPbqwyuU1Mo42EPoxKFLvfu/4j5MBugLl1hfMLXju 8Zzmcigii0BSYtADxjf1BppE6zbd2KPXOythidFWT44F86i9BJnGr8wp9i8H7Zmm CMy05FhUTxpz1roCyf6zRm67MaXUyNcGnVX0252iTGGX2xFmk0lYZMbuAA== -----END CERTIFICATE-----Generated at Mon Nov 25 09:08:47 2024 by rpki-client on console-ams.rpki-client.org