$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/l7pq8USURZhbMz4dVzkliHTwzqc.roa File: l7pq8USURZhbMz4dVzkliHTwzqc.roa (raw, json) Hash identifier: FU4ykIIBjhclH3fHhZphmbq+W7cmGCCpYPTRAjwQDAc= Subject key identifier: 97:BA:6A:F1:44:94:45:98:5B:33:3E:1D:57:39:25:88:74:F0:CE:A7 Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Certificate serial: 1E74 Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/l7pq8USURZhbMz4dVzkliHTwzqc.roa Signing time: Wed 13 Mar 2024 01:21:35 +0000 ROA not before: Wed 13 Mar 2024 01:21:35 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 134762 IP address blocks: 43.226.64.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7796 (0x1e74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC Validity Not Before: Mar 13 01:21:35 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=97BA6AF1449445985B333E1D5739258874F0CEA7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:41:d2:87:ec:26:18:35:17:98:ec:58:7f:b9: 48:fc:15:8d:3b:b9:4f:7c:99:80:6b:f8:a5:7e:67: f4:f6:48:d9:69:36:61:3a:ef:31:48:54:f2:94:3b: 0b:21:9d:09:31:13:64:b5:04:55:26:70:a7:2a:f3: cb:dc:a8:9e:9f:3a:e5:62:c0:42:91:02:e7:50:ad: a2:9f:3c:68:e3:74:46:d4:4d:7f:fe:b8:24:2c:86: 30:a4:1b:11:51:2f:dc:63:a2:0c:d9:fe:f9:f5:2d: 2e:89:26:8f:e2:fa:44:4c:18:0b:b0:5e:b8:cf:e0: a7:8d:4b:97:d9:01:1e:b8:02:33:f2:ed:0c:4c:47: 92:ab:4e:30:78:a0:87:97:ff:84:cb:0e:25:c2:f2: de:ab:3f:c8:8d:8a:63:bd:91:20:9e:2d:46:15:4c: 06:07:46:1d:f6:b8:86:7a:0a:ec:2a:7b:e8:4e:66: f6:a4:a7:da:b1:92:28:d4:7f:b8:df:0b:c3:90:7c: 46:a2:7d:8e:24:86:09:87:3f:7f:e3:af:37:11:60: 82:33:4c:4b:6a:66:80:2d:0c:d2:87:9b:b7:b8:97: 25:17:72:d0:b1:b7:c4:01:4c:73:dd:16:47:e5:12: 0e:67:de:f1:cd:44:18:ae:14:b4:28:1a:3a:1e:70: cd:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:BA:6A:F1:44:94:45:98:5B:33:3E:1D:57:39:25:88:74:F0:CE:A7 X509v3 Authority Key Identifier: keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/l7pq8USURZhbMz4dVzkliHTwzqc.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 43.226.64.0/21 Signature Algorithm: sha256WithRSAEncryption 38:a8:db:33:96:bc:71:0b:66:1a:f6:b9:aa:b0:d6:66:04:9b: 20:16:1a:9f:12:7f:0a:55:bc:4e:c3:12:2a:2a:55:33:f1:e0: e6:53:3b:c4:42:b1:a0:eb:a4:75:be:1d:00:e6:5b:8c:ef:33: 44:e3:ae:e6:39:e5:9e:6d:d0:00:95:db:9c:eb:ba:7a:8d:27: b2:a7:64:fd:a0:67:8a:b4:7b:ee:58:b7:74:94:aa:41:1c:7c: e6:b8:f7:0b:05:c5:05:bc:1e:6d:9b:6f:76:d4:4f:f3:0b:a0: 19:4c:15:65:20:e7:ad:6e:55:8a:d4:94:2f:f4:f2:9d:6d:78: 02:dc:28:13:36:b0:40:3c:f8:6d:2d:31:78:5f:8c:be:c7:13: 00:7f:c7:33:cb:b6:3b:dc:f9:da:05:6c:95:dc:6d:5d:b0:bd: f5:b8:03:df:05:05:99:87:3a:4b:49:3f:70:1c:d4:d8:64:d1: 64:8a:57:de:f6:99:aa:f0:41:27:32:58:45:39:7e:f2:d5:1c: e6:20:21:7a:68:57:d9:35:74:9b:17:39:27:de:b1:b7:de:8b: 6a:88:f2:63:a5:56:c6:2c:b9:70:e3:82:b0:ab:39:3d:6f:8e: 98:fc:6a:8f:1f:eb:27:5d:f9:f3:30:e4:12:da:e7:7a:75:ae: f1:52:d9:90 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHnQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNDAzMTMw MTIxMzVaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDk3QkE2QUYxNDQ5NDQ1 OTg1QjMzM0UxRDU3MzkyNTg4NzRGMENFQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCtQdKH7CYYNReY7Fh/uUj8FY07uU98mYBr+KV+Z/T2SNlpNmE6 7zFIVPKUOwshnQkxE2S1BFUmcKcq88vcqJ6fOuViwEKRAudQraKfPGjjdEbUTX/+ uCQshjCkGxFRL9xjogzZ/vn1LS6JJo/i+kRMGAuwXrjP4KeNS5fZAR64AjPy7QxM R5KrTjB4oIeX/4TLDiXC8t6rP8iNimO9kSCeLUYVTAYHRh32uIZ6Cuwqe+hOZvak p9qxkijUf7jfC8OQfEaifY4khgmHP3/jrzcRYIIzTEtqZoAtDNKHm7e4lyUXctCx t8QBTHPdFkflEg5n3vHNRBiuFLQoGjoecM2bAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUl7pq8USURZhbMz4dVzkliHTwzqcwHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y 5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2 My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvbDdwcThVU1VSWmhi TXo0ZFZ6a2xpSFR3enFjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAyviQDANBgkqhkiG9w0BAQsFAAOCAQEAOKjbM5a8cQtmGva5qrDWZgSbIBYa nxJ/ClW8TsMSKipVM/Hg5lM7xEKxoOukdb4dAOZbjO8zROOu5jnlnm3QAJXbnOu6 eo0nsqdk/aBnirR77li3dJSqQRx85rj3CwXFBbwebZtvdtRP8wugGUwVZSDnrW5V itSUL/TynW14AtwoEzawQDz4bS0xeF+MvscTAH/HM8u2O9z52gVsldxtXbC99bgD 3wUFmYc6S0k/cBzU2GTRZIpX3vaZqvBBJzJYRTl+8tUc5iAhemhX2TV0mxc5J96x t96LaojyY6VWxiy5cOOCsKs5PW+OmPxqjx/rJ1358zDkEtrnenWu8VLZkA== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org