$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/190/Lrfvx0y_kYxe8y39quY9z2dQXTo.roa File: Lrfvx0y_kYxe8y39quY9z2dQXTo.roa (raw, json) Hash identifier: 6GePkKp3xNRAAP8CY4RR4xcs6gPR/gJKKbFuyRq2kQM= Subject key identifier: 2E:B7:EF:C7:4C:BF:91:8C:5E:F3:2D:FD:AA:E6:3D:CF:67:50:5D:3A Certificate issuer: /CN=E48FED76038496AD2AB1972D13468F4D3D403164 Certificate serial: 0D97 Authority key identifier: E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/Lrfvx0y_kYxe8y39quY9z2dQXTo.roa Signing time: Fri 24 May 2024 02:24:57 +0000 ROA not before: Fri 24 May 2024 02:24:57 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 24427 IP address blocks: 202.170.216.0/24 maxlen: 32 202.170.217.0/24 maxlen: 32 202.170.218.0/24 maxlen: 32 202.170.219.0/24 maxlen: 32 202.170.220.0/24 maxlen: 32 202.170.221.0/24 maxlen: 32 202.170.222.0/24 maxlen: 32 202.170.223.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3479 (0xd97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E48FED76038496AD2AB1972D13468F4D3D403164 Validity Not Before: May 24 02:24:57 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=2EB7EFC74CBF918C5EF32DFDAAE63DCF67505D3A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:39:65:6e:cd:f8:fa:ab:94:65:d5:7f:b6:a1: fc:7e:cd:2b:67:ea:98:af:f3:18:6d:fa:eb:ab:bc: d2:bf:95:41:c3:cb:cb:18:46:60:e2:b6:32:2b:03: 1c:99:31:a1:57:c6:01:a1:1f:15:67:c7:7e:d2:29: 52:b8:1b:0d:b0:e3:b0:05:b9:90:27:9f:39:90:39: fc:86:20:4b:30:35:5b:d5:0c:42:b4:31:72:e8:39: 09:9f:6d:4c:ea:c7:95:a8:e0:a8:38:a3:5a:64:37: 8c:b3:ee:b9:ac:2d:47:2e:1e:8e:25:ab:f2:1e:44: 67:38:93:a1:1a:18:13:70:bc:91:92:6d:4d:18:04: 2c:9f:a7:a4:3e:9a:3a:da:06:c1:6d:7a:4f:54:b8: 4a:07:07:7a:a6:08:65:8d:5b:2f:f7:61:df:6e:0d: 68:b7:30:0a:dc:cb:7c:24:1d:8c:e2:74:8c:0c:b2: 3d:31:fc:92:ef:03:e3:30:67:17:88:d9:9b:5c:3c: 15:92:da:56:cd:ef:34:2b:c9:01:37:61:a3:57:69: 16:73:68:04:cf:c4:7b:8f:ef:aa:93:dd:7e:d9:9e: 74:27:52:8c:61:47:9e:6a:9a:a5:08:56:f1:38:16: 76:50:f6:b7:5d:be:3e:82:8a:57:8c:25:4d:7c:5e: 73:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:B7:EF:C7:4C:BF:91:8C:5E:F3:2D:FD:AA:E6:3D:CF:67:50:5D:3A X509v3 Authority Key Identifier: keyid:E4:8F:ED:76:03:84:96:AD:2A:B1:97:2D:13:46:8F:4D:3D:40:31:64 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/5I_tdgOElq0qsZctE0aPTT1AMWQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/5I_tdgOElq0qsZctE0aPTT1AMWQ.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/190/Lrfvx0y_kYxe8y39quY9z2dQXTo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 202.170.216.0/21 Signature Algorithm: sha256WithRSAEncryption 21:e5:cf:f7:f2:e2:e2:c7:bc:09:6a:cb:52:4c:3f:52:63:1f: 78:a3:34:7c:c0:b7:fd:7b:46:f8:2e:0e:8c:a6:c0:57:ba:6c: 55:83:c0:12:12:f1:22:5f:5c:ce:8a:89:9d:4a:f7:da:af:44: 78:5b:e1:d9:b6:ed:ce:39:d4:73:96:b5:e1:df:35:90:e2:ce: 9a:1e:80:21:f7:b2:55:05:2c:44:ec:16:77:04:62:4f:06:11: b1:99:e8:b2:99:94:b3:09:08:29:a5:b0:b7:6e:83:ff:93:27: e3:db:e4:56:87:91:40:60:d9:38:2f:f1:d6:f6:0a:2e:17:5e: 32:30:e4:d1:30:13:b9:48:ec:bd:4a:5c:54:0f:de:4e:47:78: eb:bf:14:37:15:9a:cc:6b:5e:2c:93:ab:e4:a6:77:6e:f4:cd: dc:b0:e8:6b:c8:60:de:b2:bb:aa:b7:73:3e:c3:f6:93:0d:7d: 0f:54:de:af:e3:fc:04:54:93:f9:6a:db:a6:8f:e9:dc:b2:d8: d6:4a:e8:bd:4e:f1:9f:10:03:56:0c:a3:05:8c:0b:00:84:09: 54:48:c5:57:77:5b:32:52:ef:66:0a:b4:2a:58:0c:6c:4c:43: e9:aa:d6:da:c2:ae:fb:cc:bc:3b:d9:38:7b:95:95:6a:9d:cc: 32:2a:bc:54 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICDZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTQ4 RkVENzYwMzg0OTZBRDJBQjE5NzJEMTM0NjhGNEQzRDQwMzE2NDAeFw0yNDA1MjQw MjI0NTdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJFQjdFRkM3NENCRjkx OEM1RUYzMkRGREFBRTYzRENGNjc1MDVEM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC0OWVuzfj6q5Rl1X+2ofx+zStn6piv8xht+uurvNK/lUHDy8sY RmDitjIrAxyZMaFXxgGhHxVnx37SKVK4Gw2w47AFuZAnnzmQOfyGIEswNVvVDEK0 MXLoOQmfbUzqx5Wo4Kg4o1pkN4yz7rmsLUcuHo4lq/IeRGc4k6EaGBNwvJGSbU0Y BCyfp6Q+mjraBsFtek9UuEoHB3qmCGWNWy/3Yd9uDWi3MArcy3wkHYzidIwMsj0x /JLvA+MwZxeI2ZtcPBWS2lbN7zQryQE3YaNXaRZzaATPxHuP76qT3X7ZnnQnUoxh R55qmqUIVvE4FnZQ9rddvj6CileMJU18XnN/AgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQULrfvx0y/kYxe8y39quY9z2dQXTowHwYDVR0jBBgwFoAU5I/tdgOElq0qsZct E0aPTT1AMWQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkw LzVJX3RkZ09FbHEwcXNaY3RFMGFQVFQxQU1XUS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvNUlfdGRnT0VscTBxc1pjdEUwYVBUVDFBTVdRLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkwL0xyZnZ4MHlfa1l4ZTh5 MzlxdVk5ejJkUVhUby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPKqtgwDQYJKoZIhvcNAQELBQADggEBACHlz/fy4uLHvAlqy1JMP1JjH3ijNHzA t/17RvguDoymwFe6bFWDwBIS8SJfXM6KiZ1K99qvRHhb4dm27c451HOWteHfNZDi zpoegCH3slUFLETsFncEYk8GEbGZ6LKZlLMJCCmlsLdug/+TJ+Pb5FaHkUBg2Tgv 8db2Ci4XXjIw5NEwE7lI7L1KXFQP3k5HeOu/FDcVmsxrXiyTq+Smd270zdyw6GvI YN6yu6q3cz7D9pMNfQ9U3q/j/ARUk/lq26aP6dyy2NZK6L1O8Z8QA1YMowWMCwCE CVRIxVd3WzJS72YKtCpYDGxMQ+mq1trCrvvMvDvZOHuVlWqdzDIqvFQ= -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org