$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/DmVjqLhNKuOE22vbPI0ul4zVLzY.roa File: DmVjqLhNKuOE22vbPI0ul4zVLzY.roa (raw, json) Hash identifier: kxUL4Qa3TdIVixs8EXEOedWrXc60q6MUy4uaCC86tLY= Subject key identifier: 0E:65:63:A8:B8:4D:2A:E3:84:DB:6B:DB:3C:8D:2E:97:8C:D5:2F:36 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 19EC Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/DmVjqLhNKuOE22vbPI0ul4zVLzY.roa Signing time: Wed 13 Mar 2024 01:21:11 +0000 ROA not before: Wed 13 Mar 2024 01:21:11 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 60721 IP address blocks: 223.29.253.0/24 maxlen: 24 223.29.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 02:23:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6636 (0x19ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Mar 13 01:21:11 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=0E6563A8B84D2AE384DB6BDB3C8D2E978CD52F36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:d3:02:fd:b2:7a:cc:83:3c:24:3b:32:fa:8b: 33:0e:38:98:7a:bb:2f:6a:79:0a:81:41:03:e0:33: 08:7e:5a:f6:2f:45:bd:78:67:f6:90:ab:df:63:bd: fc:62:b0:1a:4b:0b:0f:ec:50:ab:88:cd:db:9d:04: c0:0e:c2:4f:49:10:28:23:b1:da:ad:42:3f:5d:80: 7e:6b:ce:03:31:c8:48:dd:52:c0:05:d5:57:8a:64: 51:c3:60:8c:84:00:ea:83:39:d0:45:3d:c3:c9:8f: 64:e6:d5:d4:55:67:f3:1f:b3:8d:95:b0:05:d7:71: 28:43:5c:34:77:50:f9:dc:26:a3:ce:59:6a:f7:35: 90:82:1f:d3:fd:42:8e:22:11:fd:9b:b6:d8:aa:df: d5:d0:c5:af:b9:88:54:da:61:08:0b:94:a5:d3:86: 6d:8d:c6:15:6b:68:14:cb:c9:af:44:4a:4a:39:5e: 82:a1:0e:b7:8d:af:d8:04:27:94:3a:ac:e2:57:4e: db:0e:1b:4f:cf:45:f1:bc:ec:03:9f:18:9b:9a:1e: 0f:56:78:40:1f:fa:77:48:06:f8:84:f9:4e:5a:95: a5:34:78:0b:f5:c1:dc:1e:de:1f:ce:b6:22:d0:ea: 00:e2:36:96:cd:66:0c:41:09:c8:70:94:3c:09:4c: 3e:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:65:63:A8:B8:4D:2A:E3:84:DB:6B:DB:3C:8D:2E:97:8C:D5:2F:36 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/DmVjqLhNKuOE22vbPI0ul4zVLzY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.253.0-223.29.254.255 Signature Algorithm: sha256WithRSAEncryption 9c:4e:a0:0f:e5:eb:83:2e:80:31:a8:a6:ec:74:d3:67:ad:fe: 48:e5:42:72:8d:cd:ab:c4:ee:ca:2e:16:b2:bd:f7:fc:db:6b: 2a:94:58:47:ae:87:13:71:52:c4:30:08:b1:f5:bd:76:34:25: c8:a0:52:3f:6e:b8:4d:cd:2a:e2:be:35:bc:52:d9:52:9f:89: 08:3d:09:45:27:8b:80:8a:32:43:da:a0:f1:24:79:d8:71:34: 1b:27:b0:c7:e4:d1:39:e7:be:10:88:75:90:87:5d:bc:e5:31: e8:47:14:b6:d0:49:76:21:36:0a:9c:81:74:4e:4a:d5:83:69: 13:66:5a:bc:f2:6b:dd:40:64:b7:fc:f4:39:5d:9d:10:dd:1f: 62:e7:fe:5f:5a:56:bf:9b:ef:ce:2e:15:a4:74:dc:6a:b2:8d: 65:cd:fb:79:6f:3f:1a:cc:2c:50:2b:fa:dd:41:07:22:df:6b: 58:2c:e2:ae:27:88:44:30:da:c5:b8:02:94:fa:2f:17:74:1a: a4:35:86:05:4c:cc:dd:a8:c2:ef:fa:65:12:33:5b:b4:05:10: 20:11:6f:69:3a:44:63:df:c3:42:40:9a:8b:d9:4b:32:e7:1f: d4:c8:38:83:a3:61:5a:87:e7:a7:a6:d8:cb:81:06:8b:ed:1d: 69:dc:fe:b5 -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgICGewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDAzMTMw MTIxMTFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDBFNjU2M0E4Qjg0RDJB RTM4NERCNkJEQjNDOEQyRTk3OENENTJGMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCt0wL9snrMgzwkOzL6izMOOJh6uy9qeQqBQQPgMwh+WvYvRb14 Z/aQq99jvfxisBpLCw/sUKuIzdudBMAOwk9JECgjsdqtQj9dgH5rzgMxyEjdUsAF 1VeKZFHDYIyEAOqDOdBFPcPJj2Tm1dRVZ/Mfs42VsAXXcShDXDR3UPncJqPOWWr3 NZCCH9P9Qo4iEf2bttiq39XQxa+5iFTaYQgLlKXThm2NxhVraBTLya9ESko5XoKh DreNr9gEJ5Q6rOJXTtsOG0/PRfG87AOfGJuaHg9WeEAf+ndIBviE+U5alaU0eAv1 wdwe3h/OtiLQ6gDiNpbNZgxBCchwlDwJTD75AgMBAAGjggH7MIIB9zAdBgNVHQ4E FgQUDmVjqLhNKuOE22vbPI0ul4zVLzYwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvRG1WanFMaE5LdU9F MjJ2YlBJMHVsNHpWTHpZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEw DjAMAwQA3x39AwQA3x3+MA0GCSqGSIb3DQEBCwUAA4IBAQCcTqAP5euDLoAxqKbs dNNnrf5I5UJyjc2rxO7KLhayvff822sqlFhHrocTcVLEMAix9b12NCXIoFI/brhN zSrivjW8UtlSn4kIPQlFJ4uAijJD2qDxJHnYcTQbJ7DH5NE5574QiHWQh1285THo RxS20El2ITYKnIF0TkrVg2kTZlq88mvdQGS3/PQ5XZ0Q3R9i5/5fWla/m+/OLhWk dNxqso1lzft5bz8azCxQK/rdQQci32tYLOKuJ4hEMNrFuAKU+i8XdBqkNYYFTMzd qMLv+mUSM1u0BRAgEW9pOkRj38NCQJqL2Usy5x/UyDiDo2Fah+enptjLgQaL7R1p 3P61 -----END CERTIFICATE-----Generated at Thu May 2 01:25:53 2024 by rpki-client on console-fra.rpki-client.org