$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2291/hbtBkv7Ldz4-Uzd8orATr6lvH5c.roa File: hbtBkv7Ldz4-Uzd8orATr6lvH5c.roa (raw, json) Hash identifier: Xu3JhRoRGaYJa17fR0G8cWnAkny2NsbMcw9/I5GDiWA= Subject key identifier: 85:BB:41:92:FE:CB:77:3E:3E:53:37:7C:A2:B0:13:AF:A9:6F:1F:97 Certificate issuer: /CN=E82287BB56FAC8E6753ABDE36B3B6A939CB59A53 Certificate serial: 1779 Authority key identifier: E8:22:87:BB:56:FA:C8:E6:75:3A:BD:E3:6B:3B:6A:93:9C:B5:9A:53 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6CKHu1b6yOZ1Or3jaztqk5y1mlM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/hbtBkv7Ldz4-Uzd8orATr6lvH5c.roa Signing time: Wed 13 Mar 2024 01:23:20 +0000 ROA not before: Wed 13 Mar 2024 01:23:20 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 133111 IP address blocks: 42.201.32.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6CKHu1b6yOZ1Or3jaztqk5y1mlM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 00:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6009 (0x1779) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=E82287BB56FAC8E6753ABDE36B3B6A939CB59A53 Validity Not Before: Mar 13 01:23:20 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=85BB4192FECB773E3E53377CA2B013AFA96F1F97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:08:3b:97:0f:73:ea:41:26:4c:7a:f1:14:dc: b4:09:ae:5b:99:68:43:62:62:db:31:79:81:57:80: 69:3a:7e:0a:68:cf:38:bd:17:68:4d:d4:77:36:2b: 91:49:15:0e:46:33:42:de:62:83:35:c2:d0:03:10: ef:89:cc:02:2f:69:ca:d6:89:75:6e:7d:4c:2c:7b: 95:e0:19:69:81:12:3c:e0:e3:21:0b:eb:cf:ec:8c: 7e:3a:31:6e:22:12:82:9e:c8:44:27:13:41:69:0d: 24:7b:19:4b:44:85:dc:4e:97:f0:fd:71:67:99:52: b2:cf:f6:e5:12:13:5f:20:86:3a:09:ef:5d:37:a1: 07:41:45:7d:4a:7f:6a:88:5f:96:c0:c1:fc:87:9f: a3:94:e6:c9:aa:3a:33:89:a1:22:26:88:8c:c8:89: 53:73:8c:e8:78:d9:d1:ce:c7:85:16:06:48:a1:6d: b0:98:83:1b:c0:4a:89:2f:5a:c6:38:f0:61:bc:f4: 06:c2:13:0b:8d:15:b1:50:90:5a:4c:39:ec:e9:3b: 09:22:c3:73:ae:fc:03:7b:47:1c:3d:0c:44:b4:98: 9f:1e:5f:75:77:ab:c7:4b:ac:e5:ee:cf:03:ee:47: c7:cb:3d:28:0d:67:62:55:18:52:86:74:67:dc:a3: 6e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:BB:41:92:FE:CB:77:3E:3E:53:37:7C:A2:B0:13:AF:A9:6F:1F:97 X509v3 Authority Key Identifier: keyid:E8:22:87:BB:56:FA:C8:E6:75:3A:BD:E3:6B:3B:6A:93:9C:B5:9A:53 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/6CKHu1b6yOZ1Or3jaztqk5y1mlM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/6CKHu1b6yOZ1Or3jaztqk5y1mlM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2291/hbtBkv7Ldz4-Uzd8orATr6lvH5c.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 42.201.32.0/19 Signature Algorithm: sha256WithRSAEncryption b9:38:c8:f7:04:f5:ad:35:df:40:b4:4e:03:36:ec:2c:a4:17: 11:34:5c:0e:1e:af:b7:c2:b8:54:d8:c1:d8:32:c3:23:8f:f2: 2f:46:cd:47:45:9f:92:f1:bd:da:11:2f:7e:24:78:58:7e:01: 8d:61:a5:ff:fd:b6:1f:9e:74:9e:fa:ed:f2:ff:9d:20:96:4b: 63:d8:c0:e4:52:fc:d2:39:85:92:48:86:b2:9f:c3:ad:93:25: 25:56:4f:42:cb:ae:c8:b4:05:0b:01:ef:ed:f8:58:69:15:4b: df:ff:d6:48:7e:5d:91:45:6a:12:21:5e:33:05:04:0a:41:e8: 23:ea:49:ff:de:27:98:5b:54:dd:03:cf:7d:85:3f:91:81:92: 0c:ee:1f:62:a3:f5:f3:5c:e1:8b:20:fa:e0:3c:52:f4:ed:3a: 9f:b6:8f:01:0e:3c:d0:c2:00:11:c9:68:18:c4:06:4d:28:7a: 5a:1c:3a:3f:9f:73:92:d8:f1:0c:77:91:be:d5:bd:98:5a:49: 86:27:ad:1a:e7:c9:a7:ce:b1:2d:05:07:25:2e:14:1d:ce:46: 55:a8:03:dc:ff:af:7b:9f:93:f8:97:53:48:6a:32:16:fa:80: a4:2a:48:f9:0e:43:39:74:e5:2b:02:65:cd:54:b2:8f:43:6a: 1a:dd:96:c4 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICF3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTgy Mjg3QkI1NkZBQzhFNjc1M0FCREUzNkIzQjZBOTM5Q0I1OUE1MzAeFw0yNDAzMTMw MTIzMjBaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDg1QkI0MTkyRkVDQjc3 M0UzRTUzMzc3Q0EyQjAxM0FGQTk2RjFGOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQD5CDuXD3PqQSZMevEU3LQJrluZaENiYtsxeYFXgGk6fgpozzi9 F2hN1Hc2K5FJFQ5GM0LeYoM1wtADEO+JzAIvacrWiXVufUwse5XgGWmBEjzg4yEL 68/sjH46MW4iEoKeyEQnE0FpDSR7GUtEhdxOl/D9cWeZUrLP9uUSE18ghjoJ7103 oQdBRX1Kf2qIX5bAwfyHn6OU5smqOjOJoSImiIzIiVNzjOh42dHOx4UWBkihbbCY gxvASokvWsY48GG89AbCEwuNFbFQkFpMOezpOwkiw3Ou/AN7Rxw9DES0mJ8eX3V3 q8dLrOXuzwPuR8fLPSgNZ2JVGFKGdGfco26NAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUhbtBkv7Ldz4+Uzd8orATr6lvH5cwHwYDVR0jBBgwFoAU6CKHu1b6yOZ1Or3j aztqk5y1mlMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjI5 MS82Q0tIdTFiNnlPWjFPcjNqYXp0cWs1eTFtbE0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzZDS0h1MWI2eU9aMU9yM2phenRxazV5MW1sTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIyOTEvaGJ0Qmt2N0xkejQt VXpkOG9yQVRyNmx2SDVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEBSrJIDANBgkqhkiG9w0BAQsFAAOCAQEAuTjI9wT1rTXfQLROAzbsLKQXETRc Dh6vt8K4VNjB2DLDI4/yL0bNR0WfkvG92hEvfiR4WH4BjWGl//22H550nvrt8v+d IJZLY9jA5FL80jmFkkiGsp/DrZMlJVZPQsuuyLQFCwHv7fhYaRVL3//WSH5dkUVq EiFeMwUECkHoI+pJ/94nmFtU3QPPfYU/kYGSDO4fYqP181zhiyD64DxS9O06n7aP AQ480MIAEcloGMQGTSh6Whw6P59zktjxDHeRvtW9mFpJhietGufJp86xLQUHJS4U Hc5GVagD3P+ve5+T+JdTSGoyFvqApCpI+Q5DOXTlKwJlzVSyj0NqGt2WxA== -----END CERTIFICATE-----Generated at Fri Nov 22 22:28:44 2024 by rpki-client on console-ams.rpki-client.org