$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/cgeD06WA50rSUr6AR_gxdu2XQXk.roa File: cgeD06WA50rSUr6AR_gxdu2XQXk.roa (raw, json) Hash identifier: 8gvgYS1s6Q4SVX0dsa5V1LHQPb/qfRX6tMA918UHBdg= Subject key identifier: 72:07:83:D3:A5:80:E7:4A:D2:52:BE:80:47:F8:31:76:ED:97:41:79 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1DD8 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/cgeD06WA50rSUr6AR_gxdu2XQXk.roa Signing time: Tue 24 Sep 2024 00:17:57 +0000 ROA not before: Tue 24 Sep 2024 00:17:57 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 45839 IP address blocks: 223.29.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:53:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7640 (0x1dd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 24 00:17:57 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=720783D3A580E74AD252BE8047F83176ED974179 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:bb:2a:76:93:68:d9:8a:25:73:76:80:5d:bc: e2:00:4b:92:bc:ce:8a:1d:0d:be:71:b9:59:a1:66: 2f:23:58:dc:ac:58:e8:e0:38:62:70:53:a0:64:fe: 62:8c:46:a9:ef:c3:5a:ef:cd:57:c1:e0:d3:dc:26: bc:40:7f:49:50:92:4c:6f:b3:2c:c6:24:e1:a0:99: 1e:a0:6c:f0:9c:49:d7:25:03:ed:c4:3a:7d:62:d0: 44:e1:54:ae:c0:5c:be:bf:ae:23:b5:ea:4d:f9:41: f8:a5:d6:1d:3c:43:3d:48:12:03:92:1d:8e:ab:b7: c5:31:0c:37:d5:4a:b0:62:bd:52:6b:f5:6d:b8:98: 46:d4:40:21:3c:df:84:3d:44:a9:42:be:cd:c8:af: b0:82:75:d1:63:79:bc:6d:5d:92:19:d0:9a:12:f7: 72:d5:b9:f3:ee:83:40:ec:58:83:91:17:95:cf:dc: 54:51:e0:35:3f:8b:f6:f7:7c:0a:81:57:ef:20:03: 34:e6:e8:bc:b3:05:74:d6:01:f0:63:7a:a7:90:8d: f9:83:5e:ce:c6:3c:21:77:8e:1f:ca:25:4b:7d:87: a1:22:db:15:88:76:b3:29:3a:7a:64:dd:0c:cd:0f: cf:06:f0:d8:3c:80:13:54:a5:fc:c7:21:0d:99:17: ff:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:07:83:D3:A5:80:E7:4A:D2:52:BE:80:47:F8:31:76:ED:97:41:79 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/cgeD06WA50rSUr6AR_gxdu2XQXk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.255.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:d8:a2:dc:3e:d8:9d:87:6a:bf:cf:09:71:d5:08:54:cb:ec: 6f:ab:ce:d2:8e:88:ff:6c:e9:e3:12:95:61:08:cb:cf:69:11: 85:2d:51:ae:ad:23:0b:f3:07:0d:7b:e4:93:da:c5:aa:8d:ee: af:57:44:bb:d7:0f:ec:e0:90:54:60:01:ea:33:a2:2f:9f:f2: 8f:ba:01:45:bc:ae:b2:ff:48:fd:36:5d:70:bc:07:61:1b:8e: 69:7c:34:52:54:4e:87:28:a6:d4:09:59:b4:60:88:4b:44:d9: 4d:1a:24:10:a0:f3:0f:09:e1:fb:ca:05:58:fb:a5:6b:95:bd: b8:8a:83:e0:7d:df:5a:b3:df:0d:a6:df:c9:b0:d1:dc:11:ce: 9b:67:02:f8:3b:6a:89:f8:2a:4d:5d:8a:55:ea:1c:ef:e0:a7: af:95:6c:e2:46:df:3a:b1:35:55:c9:b2:e9:0e:24:0e:d0:9d: b3:f3:1c:9e:27:8b:0d:06:9e:d2:b4:7c:ce:64:57:dc:cc:a2: 06:ab:19:d1:29:95:14:e5:04:fb:9f:14:a6:18:2b:e6:39:97: c4:24:ac:de:ea:e5:75:b4:30:15:df:05:87:e6:87:4d:fe:7d: 51:ad:ad:19:8c:f0:d5:65:cc:b7:fd:d4:d3:16:cb:83:a0:18: fa:f6:c4:c7 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MjQw MDE3NTdaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKDcyMDc4M0QzQTU4MEU3 NEFEMjUyQkU4MDQ3RjgzMTc2RUQ5NzQxNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDIuyp2k2jZiiVzdoBdvOIAS5K8zoodDb5xuVmhZi8jWNysWOjg OGJwU6Bk/mKMRqnvw1rvzVfB4NPcJrxAf0lQkkxvsyzGJOGgmR6gbPCcSdclA+3E On1i0EThVK7AXL6/riO16k35Qfil1h08Qz1IEgOSHY6rt8UxDDfVSrBivVJr9W24 mEbUQCE834Q9RKlCvs3Ir7CCddFjebxtXZIZ0JoS93LVufPug0DsWIORF5XP3FRR 4DU/i/b3fAqBV+8gAzTm6LyzBXTWAfBjeqeQjfmDXs7GPCF3jh/KJUt9h6Ei2xWI drMpOnpk3QzND88G8Ng8gBNUpfzHIQ2ZF/+DAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUcgeD06WA50rSUr6AR/gxdu2XQXkwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvY2dlRDA2V0E1MHJT VXI2QVJfZ3hkdTJYUVhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAN8d/zANBgkqhkiG9w0BAQsFAAOCAQEALdii3D7YnYdqv88JcdUIVMvsb6vO 0o6I/2zp4xKVYQjLz2kRhS1Rrq0jC/MHDXvkk9rFqo3ur1dEu9cP7OCQVGAB6jOi L5/yj7oBRbyusv9I/TZdcLwHYRuOaXw0UlROhyim1AlZtGCIS0TZTRokEKDzDwnh +8oFWPula5W9uIqD4H3fWrPfDabfybDR3BHOm2cC+DtqifgqTV2KVeoc7+Cnr5Vs 4kbfOrE1Vcmy6Q4kDtCds/McnieLDQae0rR8zmRX3MyiBqsZ0SmVFOUE+58Uphgr 5jmXxCSs3urldbQwFd8Fh+aHTf59Ua2tGYzw1WXMt/3U0xbLg6AY+vbExw== -----END CERTIFICATE-----Generated at Fri Nov 22 14:30:51 2024 by rpki-client on console-ams.rpki-client.org