$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/YagmWP9qZTxTshc0aAvZ1iXd50c.roa File: YagmWP9qZTxTshc0aAvZ1iXd50c.roa (raw, json) Hash identifier: AWSW6ObYz8OysEvpbv5f1zgE8nJtM23YWPzHYRKxck0= Subject key identifier: 61:A8:26:58:FF:6A:65:3C:53:B2:17:34:68:0B:D9:D6:25:DD:E7:47 Certificate issuer: /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Certificate serial: 1940 Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/YagmWP9qZTxTshc0aAvZ1iXd50c.roa Signing time: Fri 30 Aug 2024 10:55:13 +0000 ROA not before: Fri 30 Aug 2024 10:55:13 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 4515 IP address blocks: 123.49.237.0/24 maxlen: 24 123.49.242.0/24 maxlen: 24 123.49.246.0/24 maxlen: 24 123.49.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6464 (0x1940) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97 Validity Not Before: Aug 30 10:55:13 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=61A82658FF6A653C53B21734680BD9D625DDE747 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:ef:13:c0:89:7d:ab:0c:6c:6a:6d:a4:b1:6a: 1e:d5:c9:15:1a:ec:06:b6:a6:88:97:60:1d:7f:56: f4:ad:09:22:6c:a7:e9:71:c0:a9:74:10:42:03:a7: fd:98:47:c0:70:86:11:60:e0:57:39:e2:5e:04:21: 6b:74:11:62:25:e6:ed:67:82:1e:80:ad:b5:30:4f: 86:0c:52:90:26:37:b7:c3:19:6c:a3:54:88:af:c6: 02:b3:12:18:ce:88:0f:99:47:7c:34:50:ae:4c:c5: 3d:97:68:07:82:82:84:bf:ab:06:21:55:60:a5:eb: a8:5d:74:5f:85:c8:0c:44:53:72:3a:3b:2c:4f:7f: 30:e3:56:72:4d:6d:fc:31:94:43:99:84:ae:1d:01: 94:06:c9:6b:1e:cf:e9:20:cc:e5:41:9b:36:ae:2d: 82:de:5f:8d:9f:77:da:54:87:f7:c7:e1:24:09:62: 3d:68:10:f3:1b:44:24:19:56:43:cc:82:b1:a0:ba: 50:02:d0:14:8d:e6:7b:fb:18:15:1c:e6:73:1d:a3: ee:38:a4:98:44:08:0c:dc:f8:93:52:bd:e8:b6:ed: 44:9c:4b:5d:e5:c3:82:a6:5a:a5:6e:e5:19:52:1b: 13:7a:64:d7:4e:ec:c2:a3:97:f5:e3:28:18:58:0f: c2:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:A8:26:58:FF:6A:65:3C:53:B2:17:34:68:0B:D9:D6:25:DD:E7:47 X509v3 Authority Key Identifier: keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/YagmWP9qZTxTshc0aAvZ1iXd50c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 123.49.237.0/24 123.49.242.0/24 123.49.246.0/23 Signature Algorithm: sha256WithRSAEncryption 97:2c:e5:17:03:fe:04:2d:45:86:0f:62:ed:ba:50:b6:d9:f1: 4f:a6:e5:d2:cb:fa:ed:4b:73:db:c0:0a:eb:37:11:49:03:12: 5e:49:e3:95:2a:f6:cc:71:5e:61:38:76:6d:97:8f:fd:e2:1a: 6a:99:fc:ed:1b:48:70:a3:d0:fa:ef:2f:b0:13:fa:a6:9f:6f: 28:33:d5:b5:73:70:22:c2:b3:0b:e0:35:fa:df:21:39:0b:a4: 0b:87:c6:70:90:51:ef:41:25:b6:df:cc:de:15:fe:2f:a1:92: 8b:1d:c0:45:fe:93:3d:d1:73:a6:f6:91:d5:9c:09:36:6c:51: 51:8d:a8:d5:a1:77:5d:d6:2e:f7:13:03:72:a1:6b:70:fb:47: a4:f1:22:80:e8:1e:7d:44:5b:fa:98:1d:be:49:0f:dc:b9:a9: 7a:55:6f:21:34:df:83:72:82:ec:a6:1b:eb:b6:9c:ea:b3:3d: d5:9d:21:35:a4:bb:af:fa:f4:68:59:01:ec:23:57:e9:d5:d9: 3e:74:16:a5:a0:10:a4:be:52:43:25:81:bb:97:6c:b3:75:24: d2:a3:b3:d6:e8:45:bb:c6:84:fa:94:03:52:df:31:3e:d9:07: 5a:14:e8:d7:12:b4:ce:aa:ca:79:7a:3f:14:db:7c:42:e6:ed: 26:75:e9:a7 -----BEGIN CERTIFICATE----- MIIE4zCCA8ugAwIBAgICGUAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4 ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNDA4MzAx MDU1MTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDYxQTgyNjU4RkY2QTY1 M0M1M0IyMTczNDY4MEJEOUQ2MjVEREU3NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCj7xPAiX2rDGxqbaSxah7VyRUa7Aa2poiXYB1/VvStCSJsp+lx wKl0EEIDp/2YR8BwhhFg4Fc54l4EIWt0EWIl5u1ngh6ArbUwT4YMUpAmN7fDGWyj VIivxgKzEhjOiA+ZR3w0UK5MxT2XaAeCgoS/qwYhVWCl66hddF+FyAxEU3I6OyxP fzDjVnJNbfwxlEOZhK4dAZQGyWsez+kgzOVBmzauLYLeX42fd9pUh/fH4SQJYj1o EPMbRCQZVkPMgrGgulAC0BSN5nv7GBUc5nMdo+44pJhECAzc+JNSvei27UScS13l w4KmWqVu5RlSGxN6ZNdO7MKjl/XjKBhYD8JJAgMBAAGjggH/MIIB+zAdBgNVHQ4E FgQUYagmWP9qZTxTshc0aAvZ1iXd50cwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvWWFnbVdQOXFaVHhU c2hjMGFBdloxaVhkNTBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEw EgMEAHsx7QMEAHsx8gMEAXsx9jANBgkqhkiG9w0BAQsFAAOCAQEAlyzlFwP+BC1F hg9i7bpQttnxT6bl0sv67Utz28AK6zcRSQMSXknjlSr2zHFeYTh2bZeP/eIaapn8 7RtIcKPQ+u8vsBP6pp9vKDPVtXNwIsKzC+A1+t8hOQukC4fGcJBR70Eltt/M3hX+ L6GSix3ARf6TPdFzpvaR1ZwJNmxRUY2o1aF3XdYu9xMDcqFrcPtHpPEigOgefURb +pgdvkkP3LmpelVvITTfg3KC7KYb67ac6rM91Z0hNaS7r/r0aFkB7CNX6dXZPnQW paAQpL5SQyWBu5dss3Uk0qOz1uhFu8aE+pQDUt8xPtkHWhTo1xK0zqrKeXo/FNt8 QubtJnXppw== -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:09 2024 by rpki-client on console-fra.rpki-client.org