$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/SAvJ-gFhu3UyJ5MtDIM5qACwydI.roa File: SAvJ-gFhu3UyJ5MtDIM5qACwydI.roa (raw, json) Hash identifier: q7spMoXpAU6SyWSGf9C0rCMoSxtda275nV4np9NUs8s= Subject key identifier: 48:0B:C9:FA:01:61:BB:75:32:27:93:2D:0C:83:39:A8:00:B0:C9:D2 Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Certificate serial: 0D84 Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/SAvJ-gFhu3UyJ5MtDIM5qACwydI.roa Signing time: Wed 05 Jul 2023 01:25:06 +0000 ROA not before: Wed 05 Jul 2023 01:25:06 +0000 ROA not after: Fri 07 Jun 2024 02:16:11 +0000 asID: 398704 IP address blocks: 219.72.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 07:53:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3460 (0xd84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Validity Not Before: Jul 5 01:25:06 2023 GMT Not After : Jun 7 02:16:11 2024 GMT Subject: CN=480BC9FA0161BB753227932D0C8339A800B0C9D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:fe:ba:97:ba:38:aa:04:73:d9:5c:1d:61:4f: 26:87:81:c9:f5:da:ad:98:eb:cc:ed:9e:fb:84:62: 12:c6:c7:30:76:3b:96:91:43:c5:0b:3d:98:5a:6a: a4:53:c3:6d:d4:31:c8:84:35:9c:8d:7c:72:a0:65: 5d:8c:04:c6:7b:af:3a:3d:ab:cc:28:ad:20:bc:e2: 72:0b:28:64:a6:c4:32:78:3d:f6:99:f3:0f:57:a8: fa:02:9d:57:db:15:6f:5b:7f:3d:2a:51:7c:86:83: ae:b1:a5:8b:41:0e:9c:b4:a8:71:62:7f:0c:1b:30: 29:dd:5a:89:30:1e:83:1c:5e:ee:4e:d1:91:33:f2: 33:59:26:b3:f2:57:33:01:a9:f1:57:6b:e2:14:6f: 9b:d2:5a:0e:1e:f4:19:57:e2:64:14:d1:3f:18:22: 7f:9d:ee:64:44:d3:be:3c:e3:1d:33:26:3a:68:ef: 50:84:61:e9:cb:7f:e1:11:b3:7c:68:c5:6b:d6:54: d1:19:04:ac:81:b7:3d:22:c7:a8:1b:46:b3:b7:c3: 24:c6:55:86:58:21:51:ef:79:93:e2:db:76:36:75: f5:a4:17:a2:b5:4d:56:1a:d8:5a:33:f7:79:3d:e8: 4d:3e:fb:ee:58:7b:69:fd:33:0f:46:7c:3a:ca:45: c7:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:0B:C9:FA:01:61:BB:75:32:27:93:2D:0C:83:39:A8:00:B0:C9:D2 X509v3 Authority Key Identifier: keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/SAvJ-gFhu3UyJ5MtDIM5qACwydI.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.72.160.0/24 Signature Algorithm: sha256WithRSAEncryption 9a:b4:51:77:e1:76:7b:cf:09:8e:e4:0c:a5:bd:13:6c:7d:97: aa:c2:78:72:f9:09:ed:b0:d5:63:4a:8a:01:bf:ee:bf:0d:09: 39:81:cb:4f:fc:fa:bd:2b:13:0c:ee:70:42:6a:7a:87:c7:2f: 75:16:1e:72:f4:f9:39:a1:8a:fa:e6:e8:4c:9e:9a:3b:04:82: b0:f7:f9:8f:53:0a:ab:16:7b:f7:f6:43:97:16:ad:a3:dc:42: 99:49:63:40:4e:d4:eb:23:a1:5e:86:5a:3a:e6:33:82:1f:98: ce:22:18:8e:15:cf:2c:db:f1:84:b7:bf:ab:37:56:6d:19:3d: 97:14:76:d7:1d:0f:40:11:71:16:01:e8:05:43:dd:04:c1:30: d9:49:b9:26:7d:26:d9:b6:c6:f2:eb:d0:36:27:9a:39:0f:e4: 04:45:2b:c0:a0:6a:5c:32:f7:c4:af:43:6c:31:57:cb:ae:07: f7:6d:78:2b:94:c1:36:0c:9c:c5:89:7b:10:09:8a:60:8e:78: f6:56:04:e4:cc:78:de:66:b6:49:00:58:83:81:5d:c8:2b:c1: bc:22:29:55:f1:67:c1:74:af:f1:4a:f5:e8:5a:63:26:1a:82: dd:06:2d:34:ab:15:35:cd:fb:f9:92:69:93:a0:7e:5b:48:2e: cb:5f:3a:39 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yMzA3MDUw MTI1MDZaFw0yNDA2MDcwMjE2MTFaMDMxMTAvBgNVBAMTKDQ4MEJDOUZBMDE2MUJC NzUzMjI3OTMyRDBDODMzOUE4MDBCMEM5RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDc/rqXujiqBHPZXB1hTyaHgcn12q2Y68ztnvuEYhLGxzB2O5aR Q8ULPZhaaqRTw23UMciENZyNfHKgZV2MBMZ7rzo9q8worSC84nILKGSmxDJ4PfaZ 8w9XqPoCnVfbFW9bfz0qUXyGg66xpYtBDpy0qHFifwwbMCndWokwHoMcXu5O0ZEz 8jNZJrPyVzMBqfFXa+IUb5vSWg4e9BlX4mQU0T8YIn+d7mRE07484x0zJjpo71CE YenLf+ERs3xoxWvWVNEZBKyBtz0ix6gbRrO3wyTGVYZYIVHveZPi23Y2dfWkF6K1 TVYa2Foz93k96E0+++5Ye2n9Mw9GfDrKRcexAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUSAvJ+gFhu3UyJ5MtDIM5qACwydIwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3 L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L1NBdkotZ0ZodTNVeUo1 TXRESU01cUFDd3lkSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADbSKAwDQYJKoZIhvcNAQELBQADggEBAJq0UXfhdnvPCY7kDKW9E2x9l6rCeHL5 Ce2w1WNKigG/7r8NCTmBy0/8+r0rEwzucEJqeofHL3UWHnL0+Tmhivrm6EyemjsE grD3+Y9TCqsWe/f2Q5cWraPcQplJY0BO1OsjoV6GWjrmM4IfmM4iGI4Vzyzb8YS3 v6s3Vm0ZPZcUdtcdD0ARcRYB6AVD3QTBMNlJuSZ9Jtm2xvLr0DYnmjkP5ARFK8Cg alwy98SvQ2wxV8uuB/dteCuUwTYMnMWJexAJimCOePZWBOTMeN5mtkkAWIOBXcgr wbwiKVXxZ8F0r/FK9ehaYyYagt0GLTSrFTXN+/mSaZOgfltILstfOjk= -----END CERTIFICATE-----Generated at Sun May 5 04:35:24 2024 by rpki-client on console-fra.rpki-client.org