$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/iC0FcQxssnSZ09gKew8DzrA3Evk.roa File: iC0FcQxssnSZ09gKew8DzrA3Evk.roa (raw, json) Hash identifier: 4OXiUYOXWQeabT7QovNoO6YeSOSP7kzo0U8JTKNO9Lw= Subject key identifier: 88:2D:05:71:0C:6C:B2:74:99:D3:D8:0A:7B:0F:03:CE:B0:37:12:F9 Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43 Certificate serial: 11EC Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/iC0FcQxssnSZ09gKew8DzrA3Evk.roa Signing time: Thu 14 Nov 2024 08:20:02 +0000 ROA not before: Thu 14 Nov 2024 08:20:02 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 34549 IP address blocks: 114.66.183.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:51:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4588 (0x11ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43 Validity Not Before: Nov 14 08:20:02 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=882D05710C6CB27499D3D80A7B0F03CEB03712F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c1:25:7e:84:e3:72:a2:5f:ab:b5:62:51:20: 60:d3:5b:e9:86:d0:04:7f:d5:b6:5a:c2:0d:5a:e8: 24:f9:77:26:32:a9:30:ba:f8:06:d4:5d:ac:18:16: 15:a5:98:15:2e:e9:86:c7:7e:e8:2e:de:db:e9:5b: 9a:8e:90:5b:ff:30:4c:20:22:32:7b:f8:09:16:03: d9:fb:fd:44:b7:43:82:3d:26:aa:c8:e5:d0:52:49: a4:f1:38:16:9d:a0:4f:21:11:56:86:d5:3e:e7:ce: a4:8a:e1:b9:f4:67:d7:79:5f:48:e4:a9:a1:7c:88: 52:28:33:00:65:a7:80:2f:40:86:f3:2d:3a:52:c4: 19:6b:a8:08:42:bf:1e:1c:5e:43:d7:a8:7e:18:52: 16:eb:fe:e0:86:57:93:ea:ef:59:96:c2:ec:f0:3c: b3:a1:cf:cb:62:4f:e2:4e:8e:de:51:4f:52:ae:48: bf:ca:80:98:50:63:21:98:7e:8e:fc:4e:1e:5b:43: e6:b2:ca:6a:1c:59:fe:24:6c:c2:34:39:e3:1f:d0: d3:d6:88:3d:16:53:9c:8d:72:13:49:d0:7c:d2:4d: 7d:f9:cc:ff:b7:c2:24:88:91:bc:31:d8:ec:58:73: fd:7e:49:39:26:1d:2e:18:56:a0:d2:81:50:12:f7: dd:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:2D:05:71:0C:6C:B2:74:99:D3:D8:0A:7B:0F:03:CE:B0:37:12:F9 X509v3 Authority Key Identifier: keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/iC0FcQxssnSZ09gKew8DzrA3Evk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.66.183.0/24 Signature Algorithm: sha256WithRSAEncryption 87:f4:14:ff:a6:20:bf:0e:00:e6:ec:8f:e5:f4:58:64:df:e9: 26:cd:dd:b6:e7:34:15:c3:cd:39:d2:73:5c:f8:32:5a:45:19: 57:f0:33:5e:55:30:12:2b:ea:20:2b:30:49:b3:bb:10:76:15: 2f:a2:68:f2:47:1c:9d:77:b3:ab:13:16:93:50:18:ca:9e:84: d9:d8:3a:71:2c:61:aa:6a:c7:73:5b:d4:68:d6:17:77:c4:d9: 3d:75:0e:fb:26:f0:58:05:95:fa:34:e9:61:94:1a:6c:46:6d: 8a:04:5a:b8:70:d0:c5:23:51:1d:91:29:bf:62:48:32:ca:96: e5:c4:66:f2:69:cf:24:e7:96:e4:4c:6b:f9:e5:73:dd:38:88: ec:ab:a1:1a:8e:3b:f2:5b:a7:4a:c0:eb:41:b8:38:7d:9b:a9: 03:23:cc:05:08:3b:ea:7c:07:58:e4:88:e8:34:e9:cf:a1:5f: 43:d2:c7:10:55:2a:0e:cf:30:77:98:6f:86:a6:9b:b9:51:1c: 80:d3:2b:77:e7:62:27:70:02:f3:7d:79:ce:5e:16:44:0e:1e: b7:8d:6e:6b:a1:bd:60:ff:1a:ab:21:f7:e9:35:fb:d7:66:9b: cb:e7:08:be:f8:4d:00:b4:11:2d:26:36:ac:f8:57:4a:ec:04: dc:7a:46:d8 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDExMTQw ODIwMDJaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDg4MkQwNTcxMEM2Q0Iy NzQ5OUQzRDgwQTdCMEYwM0NFQjAzNzEyRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDEwSV+hONyol+rtWJRIGDTW+mG0AR/1bZawg1a6CT5dyYyqTC6 +AbUXawYFhWlmBUu6YbHfugu3tvpW5qOkFv/MEwgIjJ7+AkWA9n7/US3Q4I9JqrI 5dBSSaTxOBadoE8hEVaG1T7nzqSK4bn0Z9d5X0jkqaF8iFIoMwBlp4AvQIbzLTpS xBlrqAhCvx4cXkPXqH4YUhbr/uCGV5Pq71mWwuzwPLOhz8tiT+JOjt5RT1KuSL/K gJhQYyGYfo78Th5bQ+ayymocWf4kbMI0OeMf0NPWiD0WU5yNchNJ0HzSTX35zP+3 wiSIkbwx2OxYc/1+STkmHS4YVqDSgVAS993ZAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUiC0FcQxssnSZ09gKew8DzrA3EvkwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvaUMwRmNReHNzblNa MDlnS2V3OER6ckEzRXZrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJCtzANBgkqhkiG9w0BAQsFAAOCAQEAh/QU/6Ygvw4A5uyP5fRYZN/pJs3d tuc0FcPNOdJzXPgyWkUZV/AzXlUwEivqICswSbO7EHYVL6Jo8kccnXezqxMWk1AY yp6E2dg6cSxhqmrHc1vUaNYXd8TZPXUO+ybwWAWV+jTpYZQabEZtigRauHDQxSNR HZEpv2JIMsqW5cRm8mnPJOeW5Exr+eVz3TiI7KuhGo478lunSsDrQbg4fZupAyPM BQg76nwHWOSI6DTpz6FfQ9LHEFUqDs8wd5hvhqabuVEcgNMrd+diJ3AC8315zl4W RA4et41ua6G9YP8aqyH36TX712aby+cIvvhNALQRLSY2rPhXSuwE3HpG2A== -----END CERTIFICATE-----Generated at Fri Nov 22 09:32:43 2024 by rpki-client on console-fra.rpki-client.org