$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1411/z4xK6fZw9Z9a-kGnU-Slx5APbB8.roa File: z4xK6fZw9Z9a-kGnU-Slx5APbB8.roa (raw, json) Hash identifier: 8AfnlIbLW5rFC2pEe6q/sAbTzmI60oguNVNTLPIupR0= Subject key identifier: CF:8C:4A:E9:F6:70:F5:9F:5A:FA:41:A7:53:E4:A5:C7:90:0F:6C:1F Certificate issuer: /CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Certificate serial: 1D81 Authority key identifier: 49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/z4xK6fZw9Z9a-kGnU-Slx5APbB8.roa Signing time: Thu 12 Sep 2024 11:19:59 +0000 ROA not before: Thu 12 Sep 2024 11:19:59 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 60721 IP address blocks: 223.29.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 02:23:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7553 (0x1d81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4911CB6D544B3B6905532964C8E1A472BDCBC267 Validity Not Before: Sep 12 11:19:59 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=CF8C4AE9F670F59F5AFA41A753E4A5C7900F6C1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e2:aa:f5:be:48:5b:44:ad:1e:49:28:2d:33: d8:53:ed:f3:e2:56:f5:91:fc:40:60:84:69:6f:0d: 95:2d:78:1a:63:d8:47:95:88:1a:14:d8:b8:79:33: 21:d9:b1:b0:cc:21:7e:82:c1:4e:b9:66:61:69:20: 26:90:ec:c6:a2:70:b3:09:7e:eb:1f:6c:18:e7:37: 12:56:fd:fd:b6:eb:6e:64:b8:9f:6d:ce:82:9b:e1: de:3b:fa:81:66:4e:81:66:df:3e:f7:7e:d0:9e:8f: 9e:11:b8:52:69:36:e4:af:a2:62:83:0c:d1:77:76: ac:c6:68:3f:46:df:ed:1d:d2:29:64:9d:f8:5b:93: d0:d5:7e:0d:f8:3d:4d:71:2c:2f:41:11:20:94:d2: e9:ca:30:76:40:42:e4:16:47:07:dd:87:bd:1e:14: 6f:9b:bd:48:11:23:12:d3:02:5c:91:36:a9:81:1c: 8d:c1:98:f9:c6:74:66:b1:75:4f:c1:a3:2c:78:8b: 4c:2b:3b:e0:d1:55:1c:9d:b5:e3:24:c1:4a:94:4e: 7a:79:96:85:2d:b1:e8:2e:1f:fd:9e:f9:4b:ee:7c: 9b:58:e7:4b:1d:64:61:77:c8:2a:5e:62:a4:a2:70: b7:2f:96:56:1f:71:de:a1:13:33:99:7a:f0:7b:a6: ab:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:8C:4A:E9:F6:70:F5:9F:5A:FA:41:A7:53:E4:A5:C7:90:0F:6C:1F X509v3 Authority Key Identifier: keyid:49:11:CB:6D:54:4B:3B:69:05:53:29:64:C8:E1:A4:72:BD:CB:C2:67 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/SRHLbVRLO2kFUylkyOGkcr3Lwmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/SRHLbVRLO2kFUylkyOGkcr3Lwmc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1411/z4xK6fZw9Z9a-kGnU-Slx5APbB8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 223.29.253.0/24 Signature Algorithm: sha256WithRSAEncryption 61:16:71:d3:21:ca:9c:2c:3d:43:c8:e7:62:31:2a:34:d8:50: 4d:5c:a3:4d:b2:d0:a6:bf:7b:bf:b8:1b:ba:da:93:9c:0f:03: 31:d4:b5:38:77:d6:05:f9:26:e6:a1:14:05:ba:4b:de:61:79: 98:df:23:c6:98:51:34:c1:18:da:47:ac:5c:d6:a2:e3:cd:d0: d7:85:f2:a8:5a:75:e5:ad:0a:ab:cb:23:b3:e2:ce:0e:0f:36: 25:09:42:cd:db:ae:1b:ce:16:5c:48:08:66:c5:a5:e9:c3:3d: 7d:84:f4:4a:48:1f:e6:18:47:94:3d:94:ae:88:dd:5e:d6:58: de:eb:72:bb:8b:a4:7a:68:bd:a1:ea:d0:87:7e:94:fe:f2:16: 42:14:b3:85:d2:bd:29:36:14:a9:3e:03:5f:99:4c:21:83:77: fa:0c:37:c2:14:28:28:22:fe:d0:1d:33:58:13:4f:4d:09:bf: a8:5d:e0:5e:b7:09:ca:8c:1b:cb:f1:6e:ff:a4:4c:d5:5c:eb: 6e:9d:67:f7:4e:57:29:a4:d5:02:c6:61:30:fb:a2:91:d6:a8: 59:5e:cc:89:1b:d6:fc:34:b7:cb:a4:d3:f7:9a:58:fa:84:3c: c3:81:89:21:a1:bd:82:36:34:85:23:39:53:0c:9c:66:c8:50: 0c:0f:83:8a -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHYEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDkx MUNCNkQ1NDRCM0I2OTA1NTMyOTY0QzhFMUE0NzJCRENCQzI2NzAeFw0yNDA5MTIx MTE5NTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKENGOEM0QUU5RjY3MEY1 OUY1QUZBNDFBNzUzRTRBNUM3OTAwRjZDMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC+4qr1vkhbRK0eSSgtM9hT7fPiVvWR/EBghGlvDZUteBpj2EeV iBoU2Lh5MyHZsbDMIX6CwU65ZmFpICaQ7MaicLMJfusfbBjnNxJW/f22625kuJ9t zoKb4d47+oFmToFm3z73ftCej54RuFJpNuSvomKDDNF3dqzGaD9G3+0d0ilknfhb k9DVfg34PU1xLC9BESCU0unKMHZAQuQWRwfdh70eFG+bvUgRIxLTAlyRNqmBHI3B mPnGdGaxdU/Boyx4i0wrO+DRVRydteMkwUqUTnp5loUtseguH/2e+UvufJtY50sd ZGF3yCpeYqSicLcvllYfcd6hEzOZevB7pqv7AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUz4xK6fZw9Z9a+kGnU+Slx5APbB8wHwYDVR0jBBgwFoAUSRHLbVRLO2kFUylk yOGkcr3LwmcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTQx MS9TUkhMYlZSTE8ya0ZVeWxreU9Ha2NyM0x3bWMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1NSSExiVlJMTzJrRlV5bGt5T0drY3IzTHdtYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE0MTEvejR4SzZmWnc5Wjlh LWtHblUtU2x4NUFQYkI4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAN8d/TANBgkqhkiG9w0BAQsFAAOCAQEAYRZx0yHKnCw9Q8jnYjEqNNhQTVyj TbLQpr97v7gbutqTnA8DMdS1OHfWBfkm5qEUBbpL3mF5mN8jxphRNMEY2kesXNai 483Q14XyqFp15a0Kq8sjs+LODg82JQlCzduuG84WXEgIZsWl6cM9fYT0Skgf5hhH lD2UrojdXtZY3utyu4ukemi9oerQh36U/vIWQhSzhdK9KTYUqT4DX5lMIYN3+gw3 whQoKCL+0B0zWBNPTQm/qF3gXrcJyowby/Fu/6RM1Vzrbp1n905XKaTVAsZhMPui kdaoWV7MiRvW/DS3y6TT95pY+oQ8w4GJIaG9gjY0hSM5UwycZshQDA+Dig== -----END CERTIFICATE-----Generated at Fri Nov 22 02:02:43 2024 by rpki-client on console-ams.rpki-client.org