$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/192/VH8awNGkt8Q8uZAvg8-izyTVHLM.roa File: VH8awNGkt8Q8uZAvg8-izyTVHLM.roa (raw, json) Hash identifier: sQc5umNmOnO0GLJxj1aR5vLHHvrzmr9tngeVXjSsjcc= Subject key identifier: 54:7F:1A:C0:D1:A4:B7:C4:3C:B9:90:2F:83:CF:A2:CF:24:D5:1C:B3 Certificate issuer: /CN=F6D5AF21959B7F9C1B230D725898F111AAA3F9AE Certificate serial: 15C9 Authority key identifier: F6:D5:AF:21:95:9B:7F:9C:1B:23:0D:72:58:98:F1:11:AA:A3:F9:AE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9tWvIZWbf5wbIw1yWJjxEaqj-a4.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/VH8awNGkt8Q8uZAvg8-izyTVHLM.roa Signing time: Wed 13 Mar 2024 01:23:40 +0000 ROA not before: Wed 13 Mar 2024 01:23:40 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 9808 IP address blocks: 121.255.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/9tWvIZWbf5wbIw1yWJjxEaqj-a4.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/9tWvIZWbf5wbIw1yWJjxEaqj-a4.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9tWvIZWbf5wbIw1yWJjxEaqj-a4.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Sep 2024 23:52:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5577 (0x15c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F6D5AF21959B7F9C1B230D725898F111AAA3F9AE Validity Not Before: Mar 13 01:23:40 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=547F1AC0D1A4B7C43CB9902F83CFA2CF24D51CB3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:c9:08:fd:a1:81:88:07:4f:de:f6:53:50:15: 86:ef:25:0b:a6:89:4e:7f:0b:3b:ed:c9:e1:05:37: 24:c1:23:1d:20:28:a5:24:49:56:c6:03:f1:32:e5: 9d:d9:12:9a:e0:0f:b3:97:4f:a5:a4:82:0f:6a:19: 92:dd:23:e3:33:9e:3a:4a:27:97:d2:bf:30:36:45: 66:40:b3:cc:73:6e:fb:20:8d:67:60:da:46:f4:6a: 1a:fc:f2:06:a4:80:b4:10:e8:98:d0:2e:8a:77:19: 3e:1a:02:d5:4f:83:79:fd:02:88:39:c7:58:dd:f6: 2c:f9:a3:b2:1b:1d:27:5c:2b:59:0f:3c:96:7b:95: b4:f4:fe:eb:03:ef:54:87:b9:5d:b0:ab:0e:4f:e2: 8a:9c:c3:bc:34:bb:be:22:46:eb:b8:b6:ec:07:e3: aa:3c:15:19:c1:48:3a:ab:f0:b9:ea:5e:51:b3:80: 64:73:12:2e:b5:98:96:0f:a9:11:af:98:eb:4e:24: 01:dd:3a:6f:b0:4a:72:bd:98:0e:d6:ce:f7:29:7d: 69:2a:c5:3f:e1:b3:fc:84:2c:17:fe:e7:11:69:6f: 9b:a9:71:f1:0f:7a:ec:c4:a8:77:86:53:df:34:d7: 3e:09:15:57:93:cb:06:32:5a:78:86:87:64:e4:71: d2:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:7F:1A:C0:D1:A4:B7:C4:3C:B9:90:2F:83:CF:A2:CF:24:D5:1C:B3 X509v3 Authority Key Identifier: keyid:F6:D5:AF:21:95:9B:7F:9C:1B:23:0D:72:58:98:F1:11:AA:A3:F9:AE X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/9tWvIZWbf5wbIw1yWJjxEaqj-a4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/9tWvIZWbf5wbIw1yWJjxEaqj-a4.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/192/VH8awNGkt8Q8uZAvg8-izyTVHLM.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 121.255.0.0/16 Signature Algorithm: sha256WithRSAEncryption 66:5e:35:b0:c7:d6:e6:de:d8:9b:85:3f:79:f0:55:2d:15:ba: cc:b5:f1:d1:0d:f7:c6:b9:6d:cc:41:08:48:38:98:57:81:45: e6:95:0b:6c:4a:41:29:58:fe:86:29:b3:aa:d0:1d:12:8f:6f: 93:fc:66:d3:4b:78:f6:7c:84:66:8c:29:74:91:d4:51:50:86: d9:6c:3d:cf:36:48:73:b5:54:0e:5d:77:41:44:c8:aa:c9:7d: 6d:cd:1b:b1:a2:80:d0:88:c1:63:2a:98:a0:4c:f8:a7:b5:41: db:c1:ec:2e:a8:27:cd:35:cd:ba:90:20:e7:6c:be:4b:f3:76: 8d:c6:a0:a6:da:24:44:77:e3:19:33:a3:28:29:59:ff:d0:9b: 40:2a:23:ca:98:26:e8:5e:41:65:b3:c4:b3:a5:8b:b2:5c:a6: 1f:4b:37:8b:e7:8a:73:32:a0:ff:79:fe:b7:44:d1:7a:dc:95: ed:9d:1d:f7:60:52:98:ba:6b:ec:11:ad:f2:7e:d8:31:8e:92: 78:cc:16:3b:86:62:1c:5d:aa:af:0e:3d:97:cf:55:2f:13:95: de:2e:58:5a:9c:e9:cc:d4:48:4d:c9:fa:87:65:3f:10:e4:bc: 99:98:4e:21:8b:64:cc:8b:a7:22:2c:04:86:24:ca:a1:74:2f: 3c:45:08:c2 -----BEGIN CERTIFICATE----- MIIE1DCCA7ygAwIBAgICFckwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjZE NUFGMjE5NTlCN0Y5QzFCMjMwRDcyNTg5OEYxMTFBQUEzRjlBRTAeFw0yNDAzMTMw MTIzNDBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDU0N0YxQUMwRDFBNEI3 QzQzQ0I5OTAyRjgzQ0ZBMkNGMjRENTFDQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCeyQj9oYGIB0/e9lNQFYbvJQumiU5/CzvtyeEFNyTBIx0gKKUk SVbGA/Ey5Z3ZEprgD7OXT6Wkgg9qGZLdI+MznjpKJ5fSvzA2RWZAs8xzbvsgjWdg 2kb0ahr88gakgLQQ6JjQLop3GT4aAtVPg3n9Aog5x1jd9iz5o7IbHSdcK1kPPJZ7 lbT0/usD71SHuV2wqw5P4oqcw7w0u74iRuu4tuwH46o8FRnBSDqr8LnqXlGzgGRz Ei61mJYPqRGvmOtOJAHdOm+wSnK9mA7WzvcpfWkqxT/hs/yELBf+5xFpb5upcfEP euzEqHeGU9801z4JFVeTywYyWniGh2TkcdLFAgMBAAGjggHwMIIB7DAdBgNVHQ4E FgQUVH8awNGkt8Q8uZAvg8+izyTVHLMwHwYDVR0jBBgwFoAU9tWvIZWbf5wbIw1y WJjxEaqj+a4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTky Lzl0V3ZJWldiZjV3Ykl3MXlXSmp4RWFxai1hNC5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvOXRXdklaV2JmNXdiSXcxeVdKanhFYXFqLWE0LmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTkyL1ZIOGF3TkdrdDhROHVa QXZnOC1penlUVkhMTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwB5/zANBgkqhkiG9w0BAQsFAAOCAQEAZl41sMfW5t7Ym4U/efBVLRW6zLXx0Q33 xrltzEEISDiYV4FF5pULbEpBKVj+himzqtAdEo9vk/xm00t49nyEZowpdJHUUVCG 2Ww9zzZIc7VUDl13QUTIqsl9bc0bsaKA0IjBYyqYoEz4p7VB28HsLqgnzTXNupAg 52y+S/N2jcagptokRHfjGTOjKClZ/9CbQCojypgm6F5BZbPEs6WLslymH0s3i+eK czKg/3n+t0TRetyV7Z0d92BSmLpr7BGt8n7YMY6SeMwWO4ZiHF2qrw49l89VLxOV 3i5YWpzpzNRITcn6h2U/EOS8mZhOIYtkzIunIiwEhiTKoXQvPEUIwg== -----END CERTIFICATE-----Generated at Fri Sep 27 19:09:27 2024 by rpki-client on console-ams.rpki-client.org