$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/jU9BeBgc-yHULczhHh42PXng7xs.roa File: jU9BeBgc-yHULczhHh42PXng7xs.roa (raw, json) Hash identifier: UidqR7/xEA9kCzUDWdoreQNknjbRfNGahCBzucW5AP0= Subject key identifier: 8D:4F:41:78:18:1C:FB:21:D4:2D:CC:E1:1E:1E:36:3D:79:E0:EF:1B Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1765 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/jU9BeBgc-yHULczhHh42PXng7xs.roa Signing time: Fri 03 Nov 2023 06:12:18 +0000 ROA not before: Fri 03 Nov 2023 06:12:18 +0000 ROA not after: Tue 08 Oct 2024 00:16:33 +0000 asID: 834 IP address blocks: 223.29.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 02 May 2024 02:23:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5989 (0x1765) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Nov 3 06:12:18 2023 GMT Not After : Oct 8 00:16:33 2024 GMT Subject: CN=8D4F4178181CFB21D42DCCE11E1E363D79E0EF1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0f:af:e0:f0:1a:df:79:ca:ec:0c:c2:d6:b7: 19:3d:11:48:12:46:d9:12:ff:d6:27:87:f0:7f:b4: e5:eb:0a:ad:b6:c6:09:fc:01:c8:ed:fa:1d:5b:ea: 5a:95:df:70:c8:77:56:73:04:db:0f:96:77:49:df: 25:bb:69:1b:1b:4f:80:e0:fb:7c:fa:16:18:62:b7: fa:1e:0c:2f:7b:3e:f7:60:f6:ab:c4:52:8f:59:83: 70:55:2b:c4:2e:0e:af:1d:de:9d:4b:3c:7f:3d:69: ac:2f:55:40:e8:ce:37:86:0f:83:46:b2:e1:24:38: ee:cf:92:03:04:00:18:43:09:16:7e:2a:46:fd:cd: b7:6d:fe:14:36:bb:21:2b:c9:ca:cc:b9:d5:97:45: 6a:c3:d0:73:c4:68:05:31:eb:86:83:b6:91:2b:97: d5:d2:60:db:6b:fc:23:17:d0:aa:bf:90:b0:ad:e8: 19:f2:18:14:f1:c6:e7:9b:c6:78:31:b1:f3:5b:fb: 14:07:3b:4e:bb:68:52:6c:55:c6:ad:06:6f:b1:7b: 63:36:d7:d7:91:7f:78:e4:23:aa:65:24:a1:db:60: ec:99:aa:b0:d2:13:4d:cc:33:2b:87:f4:c4:cd:6b: 9f:69:9c:09:57:93:d0:c7:5c:6a:37:b5:78:db:9b: 44:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:4F:41:78:18:1C:FB:21:D4:2D:CC:E1:1E:1E:36:3D:79:E0:EF:1B X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/jU9BeBgc-yHULczhHh42PXng7xs.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.252.0/24 Signature Algorithm: sha256WithRSAEncryption 68:21:f3:e0:86:ab:40:37:f2:2e:1c:9b:2f:83:6e:43:74:03: e2:69:b0:95:85:5a:8b:84:f1:3b:06:10:cc:f0:48:2e:9a:28: 6e:f6:f8:27:f6:3b:29:ee:cd:ea:98:b6:0a:1b:cb:41:19:47: 45:57:59:a0:6e:99:9b:86:09:10:bc:dc:3d:ca:12:64:26:96: c7:b4:dc:7d:79:09:a6:90:c0:8c:8e:eb:0e:45:f8:30:62:15: b3:63:c9:39:77:e4:7d:f9:13:f2:9f:6e:59:d4:9a:5e:95:ad: 99:65:03:77:d8:f7:91:03:84:b1:65:6a:a0:c7:33:a5:9a:aa: 61:dd:8b:fb:23:37:79:e4:23:7e:b9:c9:13:71:4f:a5:46:78: 13:6e:2a:a5:06:d2:09:4e:2a:86:95:2d:8f:9a:a0:83:19:e6: 5e:a9:fb:66:f5:10:17:1c:74:ec:c4:a2:18:e9:6e:36:17:01: b0:36:fa:5f:94:a4:5b:34:44:b5:db:80:22:d1:ec:84:e1:5a: 6b:38:02:9f:c2:5e:27:21:b6:5f:7f:ee:00:9d:3e:e4:23:68: 61:3d:44:3a:ee:17:9e:85:f5:a8:a3:14:5b:0d:3a:cc:8f:f4: 38:d7:a2:7c:3b:b8:19:f3:00:1b:5a:2f:09:02:a8:b5:50:1d: ab:e8:b4:7a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yMzExMDMw NjEyMThaFw0yNDEwMDgwMDE2MzNaMDMxMTAvBgNVBAMTKDhENEY0MTc4MTgxQ0ZC MjFENDJEQ0NFMTFFMUUzNjNENzlFMEVGMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDBD6/g8BrfecrsDMLWtxk9EUgSRtkS/9Ynh/B/tOXrCq22xgn8 Acjt+h1b6lqV33DId1ZzBNsPlndJ3yW7aRsbT4Dg+3z6Fhhit/oeDC97Pvdg9qvE Uo9Zg3BVK8QuDq8d3p1LPH89aawvVUDozjeGD4NGsuEkOO7PkgMEABhDCRZ+Kkb9 zbdt/hQ2uyErycrMudWXRWrD0HPEaAUx64aDtpErl9XSYNtr/CMX0Kq/kLCt6Bny GBTxxuebxngxsfNb+xQHO067aFJsVcatBm+xe2M219eRf3jkI6plJKHbYOyZqrDS E03MMyuH9MTNa59pnAlXk9DHXGo3tXjbm0TVAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUjU9BeBgc+yHULczhHh42PXng7xswHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvalU5QmVCZ2MteUhV TGN6aEhoNDJQWG5nN3hzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAN8d/DANBgkqhkiG9w0BAQsFAAOCAQEAaCHz4IarQDfyLhybL4NuQ3QD4mmw lYVai4TxOwYQzPBILpoobvb4J/Y7Ke7N6pi2ChvLQRlHRVdZoG6Zm4YJELzcPcoS ZCaWx7TcfXkJppDAjI7rDkX4MGIVs2PJOXfkffkT8p9uWdSaXpWtmWUDd9j3kQOE sWVqoMczpZqqYd2L+yM3eeQjfrnJE3FPpUZ4E24qpQbSCU4qhpUtj5qggxnmXqn7 ZvUQFxx07MSiGOluNhcBsDb6X5SkWzREtduAItHshOFaazgCn8JeJyG2X3/uAJ0+ 5CNoYT1EOu4XnoX1qKMUWw06zI/0ONeifDu4GfMAG1ovCQKotVAdq+i0eg== -----END CERTIFICATE-----Generated at Thu May 2 01:25:53 2024 by rpki-client on console-fra.rpki-client.org