$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/37i_55DjqDdT8ucpunczo3TspMY.roa File: 37i_55DjqDdT8ucpunczo3TspMY.roa (raw, json) Hash identifier: gas8sG97GKePXfZ7/HdNdHxGHfrWOwqaOMEONqr7eUo= Subject key identifier: DF:B8:BF:E7:90:E3:A8:37:53:F2:E7:29:BA:77:33:A3:74:EC:A4:C6 Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 193F Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/37i_55DjqDdT8ucpunczo3TspMY.roa Signing time: Fri 30 Aug 2024 10:55:13 +0000 ROA not before: Fri 30 Aug 2024 10:55:13 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 38814 IP address blocks: 123.49.245.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6463 (0x193f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Aug 30 10:55:13 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=DFB8BFE790E3A83753F2E729BA7733A374ECA4C6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d2:49:3f:91:d6:c8:ef:3e:c1:b8:10:35:14: 06:0a:1a:12:5c:35:8c:0b:a7:a3:31:f9:ac:44:56: 96:a3:9c:df:ff:aa:5e:60:45:9f:f2:e7:7b:3c:71: 57:a2:52:78:f6:f8:5c:fd:0b:12:47:92:e5:d5:38: 5f:73:86:f0:2b:17:1c:90:f9:16:d8:4c:91:16:a4: c3:9a:32:2d:d7:6c:e0:3e:76:c8:77:10:4e:eb:c1: cb:c9:fe:57:2a:c3:60:41:02:1e:4d:5b:56:32:02: c6:e9:eb:3e:0e:a0:b7:ed:c1:c9:51:d0:7f:51:84: 8a:37:3c:76:aa:0f:cd:62:14:1e:26:cf:10:3a:eb: 08:30:12:ae:90:b1:74:80:0e:d1:03:c1:f0:fe:38: d3:9e:ba:db:a9:4a:c7:b8:b0:cb:39:13:d5:29:75: 6b:d3:65:cc:2d:d0:dc:37:39:1c:e3:de:72:23:38: dd:1e:c6:4c:6b:0b:b4:c2:b6:a0:a6:a6:dc:03:7a: 8e:d3:25:35:a7:fd:09:a8:cb:1d:d9:60:33:36:08: 7f:d8:e6:c7:33:83:59:ab:a3:7d:7c:7c:fc:78:78: e4:05:fa:fe:75:37:dc:f2:b9:53:8a:f8:08:21:4f: f1:89:7f:06:93:89:63:1a:f1:88:f4:55:c4:a1:2f: b8:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:B8:BF:E7:90:E3:A8:37:53:F2:E7:29:BA:77:33:A3:74:EC:A4:C6 X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/37i_55DjqDdT8ucpunczo3TspMY.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.245.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:8c:9f:55:12:1b:17:e8:74:97:43:e7:a8:ab:80:b9:12:46: 6c:2f:5f:a3:ee:a1:52:d0:0f:37:d4:43:51:23:13:60:d3:67: df:67:97:ac:02:ea:51:5c:47:86:88:d4:48:27:46:4c:c6:92: 15:d4:a6:8b:25:70:0b:df:64:3a:e4:6f:67:bf:73:17:16:cf: 6d:75:b3:e6:28:b0:11:67:e2:7b:2e:c7:53:1d:fd:2a:f9:f0: 8f:f2:3e:9d:68:fe:5d:82:09:51:52:d3:d3:33:cc:87:d2:35: 1f:6a:99:25:df:6d:f1:32:22:0e:b1:52:16:57:05:23:a9:44: d6:b2:d8:31:2a:54:ec:1a:2d:78:fd:41:c2:3f:3a:d0:72:5f: 9b:88:06:03:07:c8:38:ec:91:45:99:9b:63:f1:77:39:6b:f7: 7b:d5:e9:a8:86:e1:c3:0a:0a:aa:26:90:cd:5c:3d:c8:6a:63: 3f:79:21:87:c8:a0:0b:ad:24:c5:1d:13:43:df:fe:8b:32:85: 17:63:97:b7:cb:fb:3f:07:e7:77:8f:48:33:7b:12:df:ee:64: e0:e2:35:13:43:1c:e7:11:db:89:6c:5e:4e:87:be:47:7f:8d: 27:6e:a8:47:54:2d:09:83:a8:0c:7e:60:87:11:6c:55:70:ce: 3f:5e:60:1c -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICGT8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNDA4MzAx MDU1MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKERGQjhCRkU3OTBFM0E4 Mzc1M0YyRTcyOUJBNzczM0EzNzRFQ0E0QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC10kk/kdbI7z7BuBA1FAYKGhJcNYwLp6Mx+axEVpajnN//ql5g RZ/y53s8cVeiUnj2+Fz9CxJHkuXVOF9zhvArFxyQ+RbYTJEWpMOaMi3XbOA+dsh3 EE7rwcvJ/lcqw2BBAh5NW1YyAsbp6z4OoLftwclR0H9RhIo3PHaqD81iFB4mzxA6 6wgwEq6QsXSADtEDwfD+ONOeutupSse4sMs5E9UpdWvTZcwt0Nw3ORzj3nIjON0e xkxrC7TCtqCmptwDeo7TJTWn/Qmoyx3ZYDM2CH/Y5sczg1mro318fPx4eOQF+v51 N9zyuVOK+AghT/GJfwaTiWMa8Yj0VcShL7i1AgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQU37i/55DjqDdT8ucpunczo3TspMYwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvMzdpXzU1RGpxRGRU OHVjcHVuY3pvM1RzcE1ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHsx9TANBgkqhkiG9w0BAQsFAAOCAQEACoyfVRIbF+h0l0PnqKuAuRJGbC9f o+6hUtAPN9RDUSMTYNNn32eXrALqUVxHhojUSCdGTMaSFdSmiyVwC99kOuRvZ79z FxbPbXWz5iiwEWfiey7HUx39Kvnwj/I+nWj+XYIJUVLT0zPMh9I1H2qZJd9t8TIi DrFSFlcFI6lE1rLYMSpU7BoteP1Bwj860HJfm4gGAwfIOOyRRZmbY/F3OWv3e9Xp qIbhwwoKqiaQzVw9yGpjP3khh8igC60kxR0TQ9/+izKFF2OXt8v7Pwfnd49IM3sS 3+5k4OI1E0Mc5xHbiWxeToe+R3+NJ26oR1QtCYOoDH5ghxFsVXDOP15gHA== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:42 2024 by rpki-client on console-ams.rpki-client.org