$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/vkvnSUCSxZEq-uqTbuQg1WfIoA0.roa File: vkvnSUCSxZEq-uqTbuQg1WfIoA0.roa (raw, json) Hash identifier: EiDIvsXVbTOyIyQk1/0E6vY4k1ZqbRhKNSDNFMW+cOA= Subject key identifier: BE:4B:E7:49:40:92:C5:91:2A:FA:EA:93:6E:E4:20:D5:67:C8:A0:0D Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1EFA Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/vkvnSUCSxZEq-uqTbuQg1WfIoA0.roa Signing time: Wed 20 Nov 2024 15:49:57 +0000 ROA not before: Wed 20 Nov 2024 15:49:57 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 398704 IP address blocks: 49.128.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 10:22:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7930 (0x1efa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Nov 20 15:49:57 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=BE4BE7494092C5912AFAEA936EE420D567C8A00D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0b:7e:00:1e:2d:32:5a:f7:37:f1:41:15:9c: 12:55:6a:0e:9b:14:18:56:f3:86:f4:63:ff:85:4f: d8:fc:73:8a:04:d5:a0:1c:12:59:9a:37:dc:cb:18: 5c:30:58:dd:71:ba:54:de:c3:3f:a6:fd:48:f5:f8: 93:c7:09:f8:34:d4:87:4c:90:d0:94:5a:29:d8:9c: 81:6e:13:8c:8c:ab:09:2b:87:40:df:0e:43:22:43: 6b:a5:2c:e1:bf:ba:7a:37:da:4b:31:f6:e4:60:34: 9c:74:21:93:32:e5:92:ba:4e:d2:dd:a6:b7:e0:b8: 2a:f8:77:36:49:e4:ba:9d:44:e0:b9:44:51:fe:f9: a8:df:49:81:6e:c2:53:b3:6e:19:a2:47:3d:a7:37: 6c:6a:27:60:52:77:13:1d:6b:8e:f2:b1:14:46:48: 58:7d:ea:cd:8f:df:e4:f5:3a:5b:cf:69:3b:a8:ed: b7:1f:7c:b3:65:9e:3a:42:d2:0b:63:c9:21:3d:95: 34:5b:57:7a:75:c6:e2:47:ea:d3:ba:9c:95:a4:f4: 19:db:6f:12:8a:ff:10:e5:65:73:c2:15:84:e3:13: 27:6b:88:64:12:6e:e2:23:94:a6:55:99:04:cb:83: c9:3e:ac:2a:c4:84:00:b7:d8:e6:49:36:34:71:b7: 44:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:4B:E7:49:40:92:C5:91:2A:FA:EA:93:6E:E4:20:D5:67:C8:A0:0D X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/vkvnSUCSxZEq-uqTbuQg1WfIoA0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 49.128.4.0/22 Signature Algorithm: sha256WithRSAEncryption d6:8d:c5:30:b6:31:55:f8:37:24:e6:44:8d:84:ce:ec:94:c6: 21:2c:58:f4:7c:d2:b1:bf:13:a7:ad:3b:f6:e2:f2:87:44:eb: e1:e2:b7:f8:95:e6:8c:e0:6f:80:9d:e5:9d:2f:a1:29:20:89: 79:54:6a:56:43:03:a2:f3:e7:75:86:fc:41:97:e4:bf:c2:f2: 06:ee:a8:39:61:d1:b1:ec:07:8a:07:4e:23:b1:a9:ee:5a:aa: 70:05:de:67:93:24:e3:01:68:62:48:78:ef:92:03:51:e6:11: 06:98:76:e2:83:71:61:2a:5b:1f:e4:b1:8d:57:40:f6:f7:55: fe:c1:11:9d:90:24:5f:97:d5:91:f4:3e:97:79:86:cb:83:5b: 3b:af:ce:91:49:ba:38:a8:34:2d:14:6c:7f:3f:38:73:df:3e: d8:48:22:dc:9f:13:70:1d:9f:96:a8:90:fc:33:82:0b:80:da: ff:55:1d:57:13:8e:cd:b7:08:59:46:95:35:2d:9c:d6:1a:6f: 5b:3e:84:c0:72:6a:9d:c9:95:d5:6a:82:8c:46:81:88:e6:f7: 4d:46:f1:54:1a:52:12:bc:5c:b0:ce:f3:16:78:d3:eb:0f:9a: db:57:08:5e:40:36:26:a1:87:49:2b:8e:47:b1:fb:04:ab:2b: 33:61:b4:58 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDExMjAx NTQ5NTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEJFNEJFNzQ5NDA5MkM1 OTEyQUZBRUE5MzZFRTQyMEQ1NjdDOEEwMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0C34AHi0yWvc38UEVnBJVag6bFBhW84b0Y/+FT9j8c4oE1aAc ElmaN9zLGFwwWN1xulTewz+m/Uj1+JPHCfg01IdMkNCUWinYnIFuE4yMqwkrh0Df DkMiQ2ulLOG/uno32ksx9uRgNJx0IZMy5ZK6TtLdprfguCr4dzZJ5LqdROC5RFH+ +ajfSYFuwlOzbhmiRz2nN2xqJ2BSdxMda47ysRRGSFh96s2P3+T1OlvPaTuo7bcf fLNlnjpC0gtjySE9lTRbV3p1xuJH6tO6nJWk9BnbbxKK/xDlZXPCFYTjEydriGQS buIjlKZVmQTLg8k+rCrEhAC32OZJNjRxt0TFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUvkvnSUCSxZEq+uqTbuQg1WfIoA0wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvdmt2blNVQ1N4WkVx LXVxVGJ1UWcxV2ZJb0EwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAjGABDANBgkqhkiG9w0BAQsFAAOCAQEA1o3FMLYxVfg3JOZEjYTO7JTGISxY 9HzSsb8Tp6079uLyh0Tr4eK3+JXmjOBvgJ3lnS+hKSCJeVRqVkMDovPndYb8QZfk v8LyBu6oOWHRsewHigdOI7Gp7lqqcAXeZ5Mk4wFoYkh475IDUeYRBph24oNxYSpb H+SxjVdA9vdV/sERnZAkX5fVkfQ+l3mGy4NbO6/OkUm6OKg0LRRsfz84c98+2Egi 3J8TcB2flqiQ/DOCC4Da/1UdVxOOzbcIWUaVNS2c1hpvWz6EwHJqncmV1WqCjEaB iOb3TUbxVBpSErxcsM7zFnjT6w+a21cIXkA2JqGHSSuOR7H7BKsrM2G0WA== -----END CERTIFICATE-----Generated at Fri Nov 22 07:02:31 2024 by rpki-client on console-fra.rpki-client.org