$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1630/gTIv77oiRA1b7D-v6N0amyQYAHk.roa File: gTIv77oiRA1b7D-v6N0amyQYAHk.roa (raw, json) Hash identifier: eNfjuH/lr0OddynSfAtetbhgnYIr+BYLp5QDN0eyFr8= Subject key identifier: 81:32:2F:EF:BA:22:44:0D:5B:EC:3F:AF:E8:DD:1A:9B:24:18:00:79 Certificate issuer: /CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A Certificate serial: 15D3 Authority key identifier: 4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/gTIv77oiRA1b7D-v6N0amyQYAHk.roa Signing time: Wed 13 Mar 2024 01:22:17 +0000 ROA not before: Wed 13 Mar 2024 01:22:17 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 63678 IP address blocks: 27.0.204.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5587 (0x15d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4C1FB553FF23312CD9C25DE1DA72048F06483C5A Validity Not Before: Mar 13 01:22:17 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=81322FEFBA22440D5BEC3FAFE8DD1A9B24180079 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:41:3b:d2:82:74:fd:56:b3:26:79:c1:63:2f: 9d:37:88:7a:14:e9:cc:56:6d:1f:57:cd:5d:f5:c0: f7:fe:dd:6f:8b:4f:82:ae:ca:ad:4f:79:94:82:7b: 4b:85:a5:69:a8:9b:d6:bb:e2:1a:6a:8d:73:89:16: d6:e2:b4:d7:a8:40:ef:ee:34:b8:c2:e1:85:70:f4: 79:60:b6:f4:cc:d6:75:95:42:69:78:b9:31:bf:9e: 2f:2c:92:c6:c4:d9:84:95:dd:85:52:04:bf:b0:37: b7:43:fa:ea:0c:0a:ff:df:fe:a6:1b:bb:23:6f:e6: cc:ca:8e:d1:68:87:bb:80:e1:3e:3a:2d:8b:c5:9d: 71:4a:e8:c1:21:ef:05:8d:22:9e:49:9f:b6:f5:b0: 00:27:bc:76:dc:1c:e3:5b:6d:0a:68:fb:48:38:83: 70:76:e4:2e:bc:d6:5a:cd:90:ed:32:23:f4:fe:31: 53:93:e3:64:dd:60:ea:7a:04:5c:9b:1d:fd:f8:f7: 98:58:7d:94:7f:59:ae:35:63:79:13:ec:88:b6:62: da:7c:0c:e0:0e:b5:10:ef:82:e2:f7:c1:33:05:35: 38:b0:25:85:e1:ad:e9:eb:13:69:2f:49:fe:2f:e7: 7e:78:73:4f:b9:73:1f:b3:7a:29:e3:db:f0:36:ee: 07:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:32:2F:EF:BA:22:44:0D:5B:EC:3F:AF:E8:DD:1A:9B:24:18:00:79 X509v3 Authority Key Identifier: keyid:4C:1F:B5:53:FF:23:31:2C:D9:C2:5D:E1:DA:72:04:8F:06:48:3C:5A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/TB-1U_8jMSzZwl3h2nIEjwZIPFo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/TB-1U_8jMSzZwl3h2nIEjwZIPFo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1630/gTIv77oiRA1b7D-v6N0amyQYAHk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 27.0.204.0/24 Signature Algorithm: sha256WithRSAEncryption 15:85:b5:2d:44:56:05:11:de:29:83:31:34:bf:cf:fc:c3:4a: c1:7f:61:1d:70:5f:bb:58:3e:57:52:3f:ce:e7:51:7a:2d:03: c6:91:c5:44:f6:83:bd:15:b6:f0:f9:3a:a8:e2:82:12:17:08: 2a:92:2e:c7:b7:09:8a:4a:97:1f:bf:5d:7d:84:bc:ec:83:94: c7:46:79:97:1b:2a:d5:98:d1:7a:06:c1:e0:7a:e4:73:d9:10: ed:b8:b8:04:7a:e8:92:54:b8:c9:bc:da:ce:a3:b8:75:00:5a: 08:31:ff:34:b0:62:c0:63:47:66:c0:bc:28:e4:a6:80:99:ea: 86:27:e4:14:49:40:e2:f3:91:67:51:2d:11:f9:d4:b5:9b:ab: 6f:80:c4:ed:bf:f6:ea:a0:c5:00:9b:1a:3e:5d:f9:de:af:d6: 7b:f4:56:cf:6e:64:e7:82:84:50:96:8f:33:1d:38:68:02:81: 85:6b:05:7a:b2:2f:34:fd:49:a6:5b:d1:87:43:d4:12:b9:40: 3c:25:7f:e3:8e:4f:3a:21:ac:4b:56:2b:b2:7b:57:02:de:65: 3d:15:09:11:c7:cd:38:25:75:0d:31:ad:c3:fc:58:f7:51:22: 92:88:80:4e:45:8f:14:a0:fb:49:de:d3:49:9b:d3:70:2b:cf: 89:11:15:c6 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICFdMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEMx RkI1NTNGRjIzMzEyQ0Q5QzI1REUxREE3MjA0OEYwNjQ4M0M1QTAeFw0yNDAzMTMw MTIyMTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDgxMzIyRkVGQkEyMjQ0 MEQ1QkVDM0ZBRkU4REQxQTlCMjQxODAwNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7QTvSgnT9VrMmecFjL503iHoU6cxWbR9XzV31wPf+3W+LT4Ku yq1PeZSCe0uFpWmom9a74hpqjXOJFtbitNeoQO/uNLjC4YVw9HlgtvTM1nWVQml4 uTG/ni8sksbE2YSV3YVSBL+wN7dD+uoMCv/f/qYbuyNv5szKjtFoh7uA4T46LYvF nXFK6MEh7wWNIp5Jn7b1sAAnvHbcHONbbQpo+0g4g3B25C681lrNkO0yI/T+MVOT 42TdYOp6BFybHf3495hYfZR/Wa41Y3kT7Ii2Ytp8DOAOtRDvguL3wTMFNTiwJYXh renrE2kvSf4v5354c0+5cx+zeinj2/A27gezAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUgTIv77oiRA1b7D+v6N0amyQYAHkwHwYDVR0jBBgwFoAUTB+1U/8jMSzZwl3h 2nIEjwZIPFowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTYz MC9UQi0xVV84ak1Telp3bDNoMm5JRWp3WklQRm8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1RCLTFVXzhqTVN6WndsM2gybklFandaSVBGby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2MzAvZ1RJdjc3b2lSQTFi N0QtdjZOMGFteVFZQUhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEABsAzDANBgkqhkiG9w0BAQsFAAOCAQEAFYW1LURWBRHeKYMxNL/P/MNKwX9h HXBfu1g+V1I/zudRei0DxpHFRPaDvRW28Pk6qOKCEhcIKpIux7cJikqXH79dfYS8 7IOUx0Z5lxsq1ZjRegbB4Hrkc9kQ7bi4BHroklS4ybzazqO4dQBaCDH/NLBiwGNH ZsC8KOSmgJnqhifkFElA4vORZ1EtEfnUtZurb4DE7b/26qDFAJsaPl353q/We/RW z25k54KEUJaPMx04aAKBhWsFerIvNP1JplvRh0PUErlAPCV/445POiGsS1YrsntX At5lPRUJEcfNOCV1DTGtw/xY91EikoiATkWPFKD7Sd7TSZvTcCvPiREVxg== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org