$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1630/ffNioD3PfIXnkRsSHGrp0fap1Mg.roa File: ffNioD3PfIXnkRsSHGrp0fap1Mg.roa (raw, json) Hash identifier: XbpotjV6eQW7ygFfTKhPFoaHDssgLgM1NGbOnxjwNQ0= Subject key identifier: 7D:F3:62:A0:3D:CF:7C:85:E7:91:1B:12:1C:6A:E9:D1:F6:A9:D4:C8 Certificate issuer: /CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A Certificate serial: 15D2 Authority key identifier: 4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/ffNioD3PfIXnkRsSHGrp0fap1Mg.roa Signing time: Wed 13 Mar 2024 01:22:16 +0000 ROA not before: Wed 13 Mar 2024 01:22:16 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 23650 IP address blocks: 27.0.204.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5586 (0x15d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A Validity Not Before: Mar 13 01:22:16 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=7DF362A03DCF7C85E7911B121C6AE9D1F6A9D4C8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:11:74:fb:f1:09:c1:78:9c:1d:58:8b:00:07: d3:8c:61:bb:57:38:ae:3e:ac:07:88:a3:4c:d0:a1: ec:34:13:7d:0c:55:0a:29:b6:f2:0c:eb:72:bf:77: de:5d:3b:39:66:48:6d:2b:ab:00:df:da:b5:7f:af: b1:b7:fc:4f:6d:fc:c9:5d:60:e9:7c:e8:06:29:63: 1d:94:ce:2f:c9:4f:67:f9:66:34:45:7d:06:1c:ce: 43:86:62:f9:2e:b8:64:18:59:3d:37:18:42:06:95: af:c4:16:43:cd:63:dd:56:67:f6:17:f4:b4:17:1e: 95:4c:39:5f:d5:cf:0e:a9:e9:a9:3d:a1:51:50:7e: 05:44:61:92:de:9c:81:da:2d:97:5b:bb:26:2f:b8: d0:87:be:a9:9c:45:f8:58:91:a1:02:f3:6c:5c:5b: 6f:b6:7f:74:1e:8c:fc:ab:5b:c4:71:4d:41:8c:52: 10:54:d5:f0:30:ad:cf:a5:0c:49:14:f9:12:7c:6d: da:69:37:f8:5f:6a:54:1d:8a:f4:77:fb:31:b0:44: b4:89:27:a5:7b:a0:98:a6:07:97:d0:8e:58:da:d2: 96:fd:57:38:5a:a9:a9:cf:0f:40:0a:b4:06:4b:37: 39:f5:38:c9:7a:09:d0:9c:89:a0:30:2e:89:bb:8b: 29:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:F3:62:A0:3D:CF:7C:85:E7:91:1B:12:1C:6A:E9:D1:F6:A9:D4:C8 X509v3 Authority Key Identifier: keyid:4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/ffNioD3PfIXnkRsSHGrp0fap1Mg.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.0.204.0/22 Signature Algorithm: sha256WithRSAEncryption 3e:68:95:d0:f4:af:cf:7d:73:2a:ae:d4:a2:c1:80:a5:12:4f: af:b5:f7:86:b9:55:9e:3c:88:bd:6e:d9:80:53:fd:06:7c:69: c7:be:c0:f1:d3:3e:d2:ca:c1:5d:13:d8:b8:d3:33:3f:30:46: 58:fd:1f:73:5a:a5:d9:49:80:e5:ef:f0:fb:9e:3b:71:1a:6f: a0:77:93:6d:aa:1f:67:73:1a:11:c5:97:86:fb:7e:a8:77:f1: 26:43:65:5e:b4:bd:44:26:87:49:9a:fb:b3:16:5f:a3:cc:1e: d3:e3:ba:96:ac:c9:bb:5b:81:ed:56:bb:99:2b:3d:40:56:3e: 57:d0:de:5e:11:85:f5:d9:37:7e:70:e0:76:eb:dc:32:fe:9f: 4b:b6:bb:0c:50:18:6b:50:50:f3:02:a5:33:5a:1b:64:5f:1b: ed:e7:fe:5e:65:01:46:b8:c4:97:29:c8:52:21:31:07:da:19: ec:06:d4:d7:a5:3f:15:0c:cd:d8:df:7b:c1:73:e3:a3:a0:2b: a4:90:55:3b:8d:36:dc:d6:25:39:47:ff:20:33:39:b6:73:28: 66:6d:9b:31:5d:26:0b:5d:55:60:82:f4:08:20:97:ee:5c:42: ca:d4:67:b2:df:b0:82:43:95:5b:e5:8d:49:74:92:d0:9f:bf: 05:75:33:fd -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEMx RkI1NTNGRjIzMzEyQ0Q5QzI1REUxREE3MjA0OEYwNjQ4M0M1QTAeFw0yNDAzMTMw MTIyMTZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDdERjM2MkEwM0RDRjdD ODVFNzkxMUIxMjFDNkFFOUQxRjZBOUQ0QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCsEXT78QnBeJwdWIsAB9OMYbtXOK4+rAeIo0zQoew0E30MVQop tvIM63K/d95dOzlmSG0rqwDf2rV/r7G3/E9t/MldYOl86AYpYx2Uzi/JT2f5ZjRF fQYczkOGYvkuuGQYWT03GEIGla/EFkPNY91WZ/YX9LQXHpVMOV/Vzw6p6ak9oVFQ fgVEYZLenIHaLZdbuyYvuNCHvqmcRfhYkaEC82xcW2+2f3QejPyrW8RxTUGMUhBU 1fAwrc+lDEkU+RJ8bdppN/hfalQdivR3+zGwRLSJJ6V7oJimB5fQjlja0pb9Vzha qanPD0AKtAZLNzn1OMl6CdCciaAwLom7iyklAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUffNioD3PfIXnkRsSHGrp0fap1MgwHwYDVR0jBBgwFoAUTB+1U/8jMSzZwl3h 2nIEjwZIPFowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTYz MC9UQi0xVV84ak1Telp3bDNoMm5JRWp3WklQRm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RCLTFVXzhqTVN6WndsM2gybklFandaSVBGby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2MzAvZmZOaW9EM1BmSVhu a1JzU0hHcnAwZmFwMU1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAhsAzDANBgkqhkiG9w0BAQsFAAOCAQEAPmiV0PSvz31zKq7UosGApRJPr7X3 hrlVnjyIvW7ZgFP9Bnxpx77A8dM+0srBXRPYuNMzPzBGWP0fc1ql2UmA5e/w+547 cRpvoHeTbaofZ3MaEcWXhvt+qHfxJkNlXrS9RCaHSZr7sxZfo8we0+O6lqzJu1uB 7Va7mSs9QFY+V9DeXhGF9dk3fnDgduvcMv6fS7a7DFAYa1BQ8wKlM1obZF8b7ef+ XmUBRrjElynIUiExB9oZ7AbU16U/FQzN2N97wXPjo6ArpJBVO4023NYlOUf/IDM5 tnMoZm2bMV0mC11VYIL0CCCX7lxCytRnst+wgkOVW+WNSXSS0J+/BXUz/Q== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org