$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa File: q7QU6lU95ixq2YPLRtMk7F1dayQ.roa (raw, json) Hash identifier: N/yLBYFQ2d1CNqgsbqACcC8rdjiEfDBCgR7jvwcGnMg= Subject key identifier: AB:B4:14:EA:55:3D:E6:2C:6A:D9:83:CB:46:D3:24:EC:5D:5D:6B:24 Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Certificate serial: 13C0 Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa Signing time: Fri 24 May 2024 02:24:48 +0000 ROA not before: Fri 24 May 2024 02:24:48 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 18118 IP address blocks: 219.72.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 08:22:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5056 (0x13c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361 Validity Not Before: May 24 02:24:48 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=ABB414EA553DE62C6AD983CB46D324EC5D5D6B24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:26:dc:a5:18:bc:f6:7c:4c:bc:a0:82:27:67: a0:e7:67:ac:38:76:ab:ea:ab:8b:d3:36:4c:ce:41: 33:7c:e4:3c:ca:ab:3d:e6:eb:1f:93:dd:be:5b:ba: 9f:97:d6:3f:d1:08:2a:13:41:2c:cb:46:c0:0e:a5: c7:57:28:fa:7c:ac:4d:a6:f2:30:8c:20:fe:ff:d3: 33:54:97:31:f2:0e:26:c5:4c:cb:65:66:fd:33:fb: 1a:ee:c2:43:61:ec:5f:97:7e:f2:4c:38:32:f9:1b: 2e:6e:0f:27:6d:3d:8c:1f:79:63:11:80:02:9d:e1: db:bd:14:3a:94:6e:44:27:ea:38:a0:a2:86:44:e0: c4:4d:c8:dd:80:6f:d9:ed:81:38:01:a8:8b:fe:17: 5e:9b:b1:4d:77:47:39:07:52:3f:39:7d:2e:10:f1: 1e:b7:d7:af:20:6f:a0:27:b6:63:cf:35:7b:3e:19: 43:83:26:35:84:de:1a:fa:3b:93:a1:76:72:20:da: 38:8a:b7:ad:eb:a8:94:19:1c:a6:73:71:48:d1:66: a5:94:cd:d1:ab:6a:fc:3a:67:88:8c:02:3a:c0:9e: cc:ce:d4:3c:da:9f:86:f7:56:72:00:7a:ea:53:d0: 34:62:21:58:a3:ca:cc:77:f7:37:61:4c:01:9e:03: 4c:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:B4:14:EA:55:3D:E6:2C:6A:D9:83:CB:46:D3:24:EC:5D:5D:6B:24 X509v3 Authority Key Identifier: keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/q7QU6lU95ixq2YPLRtMk7F1dayQ.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 219.72.160.0/24 Signature Algorithm: sha256WithRSAEncryption 15:5a:2b:f4:e7:df:7f:78:c8:1f:4e:cb:68:80:9b:47:f0:c7: a8:24:74:dc:ba:12:45:6d:2d:6f:59:ae:9d:75:d6:16:f2:15: 69:12:9d:a6:28:5e:d0:90:e2:25:ee:08:01:6a:4a:59:57:f3: d5:2c:04:23:41:f8:eb:fb:bd:8c:81:eb:a9:83:64:4e:fd:c7: f2:68:a5:58:8e:3d:25:49:a3:a5:25:35:27:0f:11:32:63:38: b5:f9:85:53:8f:e3:ab:7f:bc:da:3d:81:c6:df:18:0a:33:94: 5a:68:de:3d:89:58:40:9a:42:60:a1:75:6f:37:c8:3e:88:60: c7:1f:dd:d5:76:0f:a0:55:82:15:d0:72:9b:d4:19:1f:56:19: c9:1b:d5:86:78:c5:d0:2c:27:fa:81:38:5d:ed:d6:46:d0:41: e7:41:b1:a3:1f:86:9f:05:90:8b:15:59:f0:aa:dc:97:06:36: 15:12:27:8d:fd:42:32:16:8a:f1:3a:d4:21:d9:a2:c2:1a:67: 59:64:96:00:1a:ca:0b:5f:5b:be:65:d8:b4:07:f7:34:9f:7f: 50:36:05:4a:ca:21:f6:50:57:e4:12:7a:b5:6a:c5:cf:d3:51: 17:72:25:10:58:3b:c7:5c:d8:d5:29:c1:dc:e7:b6:2c:89:db: da:d9:e6:16 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICE8AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4 QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNDA1MjQw MjI0NDhaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFCQjQxNEVBNTUzREU2 MkM2QUQ5ODNDQjQ2RDMyNEVDNUQ1RDZCMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDgJtylGLz2fEy8oIInZ6DnZ6w4dqvqq4vTNkzOQTN85DzKqz3m 6x+T3b5bup+X1j/RCCoTQSzLRsAOpcdXKPp8rE2m8jCMIP7/0zNUlzHyDibFTMtl Zv0z+xruwkNh7F+XfvJMODL5Gy5uDydtPYwfeWMRgAKd4du9FDqUbkQn6jigooZE 4MRNyN2Ab9ntgTgBqIv+F16bsU13RzkHUj85fS4Q8R63168gb6AntmPPNXs+GUOD JjWE3hr6O5OhdnIg2jiKt63rqJQZHKZzcUjRZqWUzdGravw6Z4iMAjrAnszO1Dza n4b3VnIAeupT0DRiIVijysx39zdhTAGeA0zVAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUq7QU6lU95ixq2YPLRtMk7F1dayQwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3 L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L3E3UVU2bFU5NWl4cTJZ UExSdE1rN0YxZGF5US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADbSKAwDQYJKoZIhvcNAQELBQADggEBABVaK/Tn3394yB9Oy2iAm0fwx6gkdNy6 EkVtLW9Zrp111hbyFWkSnaYoXtCQ4iXuCAFqSllX89UsBCNB+Ov7vYyB66mDZE79 x/JopViOPSVJo6UlNScPETJjOLX5hVOP46t/vNo9gcbfGAozlFpo3j2JWECaQmCh dW83yD6IYMcf3dV2D6BVghXQcpvUGR9WGckb1YZ4xdAsJ/qBOF3t1kbQQedBsaMf hp8FkIsVWfCq3JcGNhUSJ439QjIWivE61CHZosIaZ1lklgAaygtfW75l2LQH9zSf f1A2BUrKIfZQV+QSerVqxc/TURdyJRBYO8dc2NUpwdzntiyJ29rZ5hY= -----END CERTIFICATE-----Generated at Tue Nov 26 06:35:18 2024 by rpki-client on console-fra.rpki-client.org