$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/Mn3aulxcz9cRwvVy-OdzDLLEjN8.roa File: Mn3aulxcz9cRwvVy-OdzDLLEjN8.roa (raw, json) Hash identifier: RyZ7UDCzQP8lEOcOe2YqzsH2R43s9P1o0X7uFc309d0= Subject key identifier: 32:7D:DA:BA:5C:5C:CF:D7:11:C2:F5:72:F8:E7:73:0C:B2:C4:8C:DF Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43 Certificate serial: 11EB Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/Mn3aulxcz9cRwvVy-OdzDLLEjN8.roa Signing time: Thu 14 Nov 2024 08:20:02 +0000 ROA not before: Thu 14 Nov 2024 08:20:02 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 34549 IP address blocks: 114.66.181.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:51:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4587 (0x11eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43 Validity Not Before: Nov 14 08:20:02 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=327DDABA5C5CCFD711C2F572F8E7730CB2C48CDF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:a0:3f:4c:51:b1:f1:8c:07:d3:4e:84:ce:22: e7:ec:9a:2a:46:f4:3a:13:90:0d:28:7e:60:01:de: 81:54:d0:ad:d1:4c:48:ea:d1:ee:90:1f:ca:8b:97: ee:a7:14:b8:ed:77:d8:42:19:0a:b4:b4:ea:92:e2: 6e:2f:03:7f:05:73:bb:68:dc:fc:88:41:0f:bb:32: 95:00:aa:9b:c2:b3:cf:08:19:3d:0c:06:1c:51:69: 32:29:d3:01:6a:23:33:56:bf:84:d8:ee:fc:b8:03: 59:ad:08:79:87:3e:aa:97:48:7f:9b:f7:8d:f5:12: 2b:3a:da:45:09:7e:f6:95:83:ac:ac:c8:f2:7b:27: e1:da:f2:1f:d3:9d:36:c4:e8:03:95:8d:bd:be:5c: 38:17:34:c0:13:8c:05:50:50:7e:6a:3d:4c:7f:02: 00:d8:be:f9:d6:fa:c6:78:0f:67:06:98:e2:e1:7d: 16:22:89:46:27:6d:40:c3:5f:c6:28:24:b3:f9:9a: 0b:21:05:0f:07:42:23:72:46:56:db:ac:71:19:32: 65:62:5a:df:9a:33:7a:e8:cd:c4:d7:72:f8:db:47: 63:e6:b1:d6:c5:3d:70:5f:20:f9:01:56:ca:13:90: bf:91:d1:ec:f7:6d:3c:1d:a3:be:b9:07:05:89:b8: 24:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:7D:DA:BA:5C:5C:CF:D7:11:C2:F5:72:F8:E7:73:0C:B2:C4:8C:DF X509v3 Authority Key Identifier: keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/Mn3aulxcz9cRwvVy-OdzDLLEjN8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.66.181.0/24 Signature Algorithm: sha256WithRSAEncryption b6:64:aa:09:13:b4:ac:8c:2b:b3:52:a6:71:65:e7:e5:21:ff: a4:7d:9a:a6:6f:07:49:8d:41:80:47:8a:45:c1:8a:9e:5f:4d: 21:72:53:b0:35:92:11:5f:f7:54:ed:59:02:63:ef:6f:5f:1d: 80:83:cb:85:19:da:1e:a3:f5:04:26:c3:c3:30:92:67:dd:21: 56:05:74:ae:55:eb:c1:c6:42:a6:f4:f3:7e:fe:51:94:a4:09: f1:97:59:3e:78:68:e5:f8:eb:64:27:ce:99:2e:b9:7a:40:a6: 66:40:8b:54:df:61:a9:11:8f:6f:bc:8c:a8:2a:d5:14:54:ae: 27:c9:d8:ad:7b:bd:5b:4a:f2:0c:85:73:29:0d:9b:cd:83:6f: ed:59:32:51:73:53:4d:79:b2:39:ef:5b:07:3a:f9:63:c8:33: 82:f8:f3:4e:82:f5:ba:0c:64:e9:99:4e:a6:96:20:1f:6e:d9: ec:c4:8e:55:5f:ed:e5:4b:c3:39:32:13:05:5c:77:35:ff:93: f4:fd:a3:d7:9b:10:f3:5b:e1:cd:18:9f:12:25:d8:23:4d:4d: 7f:21:8b:97:fb:82:bf:ff:1c:73:aa:f0:7c:19:f6:9a:c3:e9: 14:af:e8:cf:f0:d3:8f:33:28:a5:77:a4:4b:27:a5:0d:50:dd: be:fe:4c:cf -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDExMTQw ODIwMDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDMyN0REQUJBNUM1Q0NG RDcxMUMyRjU3MkY4RTc3MzBDQjJDNDhDREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDHoD9MUbHxjAfTToTOIufsmipG9DoTkA0ofmAB3oFU0K3RTEjq 0e6QH8qLl+6nFLjtd9hCGQq0tOqS4m4vA38Fc7to3PyIQQ+7MpUAqpvCs88IGT0M BhxRaTIp0wFqIzNWv4TY7vy4A1mtCHmHPqqXSH+b9431Eis62kUJfvaVg6ysyPJ7 J+Ha8h/TnTbE6AOVjb2+XDgXNMATjAVQUH5qPUx/AgDYvvnW+sZ4D2cGmOLhfRYi iUYnbUDDX8YoJLP5mgshBQ8HQiNyRlbbrHEZMmViWt+aM3rozcTXcvjbR2PmsdbF PXBfIPkBVsoTkL+R0ez3bTwdo765BwWJuCTbAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUMn3aulxcz9cRwvVy+OdzDLLEjN8wHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvTW4zYXVseGN6OWNS d3ZWeS1PZHpETExFak44LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJCtTANBgkqhkiG9w0BAQsFAAOCAQEAtmSqCRO0rIwrs1KmcWXn5SH/pH2a pm8HSY1BgEeKRcGKnl9NIXJTsDWSEV/3VO1ZAmPvb18dgIPLhRnaHqP1BCbDwzCS Z90hVgV0rlXrwcZCpvTzfv5RlKQJ8ZdZPnho5fjrZCfOmS65ekCmZkCLVN9hqRGP b7yMqCrVFFSuJ8nYrXu9W0ryDIVzKQ2bzYNv7VkyUXNTTXmyOe9bBzr5Y8gzgvjz ToL1ugxk6ZlOppYgH27Z7MSOVV/t5UvDOTITBVx3Nf+T9P2j15sQ81vhzRifEiXY I01NfyGLl/uCv/8cc6rwfBn2msPpFK/oz/DTjzMopXekSyelDVDdvv5Mzw== -----END CERTIFICATE-----Generated at Fri Nov 22 09:42:20 2024 by rpki-client on console-ams.rpki-client.org