$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/tj9JxGTBgvMxpol8F2NSODl-y8A.roa File: tj9JxGTBgvMxpol8F2NSODl-y8A.roa (raw, json) Hash identifier: u3QMdWdKkqCnZy+HmzKL4Gu/KB1TLmdel08ZBdtoyZk= Subject key identifier: B6:3F:49:C4:64:C1:82:F3:31:A6:89:7C:17:63:52:38:39:7E:CB:C0 Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1DD9 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/tj9JxGTBgvMxpol8F2NSODl-y8A.roa Signing time: Tue 24 Sep 2024 00:17:58 +0000 ROA not before: Tue 24 Sep 2024 00:17:58 +0000 ROA not after: Sat 20 Sep 2025 07:41:26 +0000 asID: 834 IP address blocks: 223.29.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 03:51:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7641 (0x1dd9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 24 00:17:58 2024 GMT Not After : Sep 20 07:41:26 2025 GMT Subject: CN=B63F49C464C182F331A6897C17635238397ECBC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e8:92:e9:44:ab:51:99:b5:f6:40:c2:c0:7d: f6:87:07:cf:b7:7c:04:f4:5c:8e:d7:07:74:34:11: 77:13:e1:03:4f:21:46:2f:21:66:70:7e:3e:fa:1a: 1f:73:22:02:8c:03:09:c2:3f:c0:92:59:40:32:8e: 84:c7:e3:0b:fc:e0:5d:0f:77:99:1b:17:85:8b:71: 54:55:69:e2:93:41:e5:5a:00:69:e6:ee:29:40:5e: b4:e7:a0:40:04:36:d4:99:92:48:61:02:c9:d6:7c: 6d:d4:cb:89:15:1e:bb:b0:e5:98:93:fe:5a:ff:40: 24:ac:6c:d0:3e:67:5a:58:ef:da:8b:34:e9:cc:5e: 9a:10:be:8d:6b:30:e7:71:df:dd:53:49:df:09:cc: 08:61:66:75:e0:3d:a7:0c:e6:7d:b0:25:e7:4b:45: 71:92:d7:2f:03:21:7c:60:f3:09:fd:38:51:f4:bb: fb:8b:9c:41:d4:a9:b1:ba:e2:a7:c9:dd:c3:c4:8c: 1f:1a:8e:94:8b:c5:c0:ea:5e:03:94:df:d4:7f:20: 67:cd:2c:e5:34:11:a0:c8:3a:38:4e:f6:9e:6f:32: 88:64:1c:65:6c:9c:d9:e6:e9:1f:f1:94:4c:49:2c: 6c:b3:56:f3:a0:74:26:e3:74:79:62:72:f0:d5:d2: e0:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:3F:49:C4:64:C1:82:F3:31:A6:89:7C:17:63:52:38:39:7E:CB:C0 X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/tj9JxGTBgvMxpol8F2NSODl-y8A.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.252.0/24 Signature Algorithm: sha256WithRSAEncryption 71:ea:a2:3c:92:61:2a:9a:c6:59:3f:e4:2d:e7:73:82:e0:67: ff:4d:7e:a7:34:67:1a:31:d7:2b:a4:aa:d2:d1:88:a9:19:b1: 5f:04:19:b5:46:1f:ba:c9:ba:26:c2:a9:d8:f6:46:c2:1e:24: bb:ac:5e:8b:d6:a2:97:8f:59:cd:28:6a:11:40:40:93:0f:d8: 97:cd:e6:fb:80:61:e3:20:77:e2:0d:0b:41:55:09:82:e4:92: d0:3a:ca:65:c2:a1:9f:fb:4d:e0:92:4b:1d:72:bf:ba:bf:aa: cf:80:3c:ca:f7:b2:38:24:76:84:79:82:9d:70:6f:fe:7c:96: e7:d5:6d:ae:1a:00:12:48:9b:cd:39:20:93:c5:df:1c:d1:2b: 06:3d:5e:48:7b:30:2b:32:36:98:b8:b2:a5:da:5d:db:90:97: 55:9c:92:e0:10:64:bd:08:39:35:a6:5d:7e:9d:de:a3:9f:ca: 08:f4:27:16:77:61:26:9e:79:4c:52:c7:82:25:bd:c0:43:83: f8:8a:e4:3f:33:e9:f9:26:66:9e:c6:1f:78:ab:a7:53:dc:4f: 69:39:51:dc:f7:10:57:84:0c:6f:8c:a2:40:05:75:19:a4:4c: 3b:3c:79:74:57:91:59:4d:2e:72:03:a5:a4:0f:67:53:09:20: 20:78:a3:61 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MjQw MDE3NThaFw0yNTA5MjAwNzQxMjZaMDMxMTAvBgNVBAMTKEI2M0Y0OUM0NjRDMTgy RjMzMUE2ODk3QzE3NjM1MjM4Mzk3RUNCQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+6JLpRKtRmbX2QMLAffaHB8+3fAT0XI7XB3Q0EXcT4QNPIUYv IWZwfj76Gh9zIgKMAwnCP8CSWUAyjoTH4wv84F0Pd5kbF4WLcVRVaeKTQeVaAGnm 7ilAXrTnoEAENtSZkkhhAsnWfG3Uy4kVHruw5ZiT/lr/QCSsbNA+Z1pY79qLNOnM XpoQvo1rMOdx391TSd8JzAhhZnXgPacM5n2wJedLRXGS1y8DIXxg8wn9OFH0u/uL nEHUqbG64qfJ3cPEjB8ajpSLxcDqXgOU39R/IGfNLOU0EaDIOjhO9p5vMohkHGVs nNnm6R/xlExJLGyzVvOgdCbjdHlicvDV0uBNAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUtj9JxGTBgvMxpol8F2NSODl+y8AwHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvdGo5SnhHVEJndk14 cG9sOEYyTlNPRGwteThBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAN8d/DANBgkqhkiG9w0BAQsFAAOCAQEAceqiPJJhKprGWT/kLedzguBn/01+ pzRnGjHXK6Sq0tGIqRmxXwQZtUYfusm6JsKp2PZGwh4ku6xei9ail49ZzShqEUBA kw/Yl83m+4Bh4yB34g0LQVUJguSS0DrKZcKhn/tN4JJLHXK/ur+qz4A8yveyOCR2 hHmCnXBv/nyW59VtrhoAEkibzTkgk8XfHNErBj1eSHswKzI2mLiypdpd25CXVZyS 4BBkvQg5NaZdfp3eo5/KCPQnFndhJp55TFLHgiW9wEOD+IrkPzPp+SZmnsYfeKun U9xPaTlR3PcQV4QMb4yiQAV1GaRMOzx5dFeRWU0ucgOlpA9nUwkgIHijYQ== -----END CERTIFICATE-----Generated at Mon Nov 25 01:42:41 2024 by rpki-client on console-fra.rpki-client.org