$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/sNqux4mN7rIskkyyueIIJWD8CCo.roa File: sNqux4mN7rIskkyyueIIJWD8CCo.roa (raw, json) Hash identifier: X34hX4uRqiuSQ58UT5nRUZsFh25H9gSvUfa0fvcp1ZA= Subject key identifier: B0:DA:AE:C7:89:8D:EE:B2:2C:92:4C:B2:B9:E2:08:25:60:FC:08:2A Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43 Certificate serial: 1216 Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/sNqux4mN7rIskkyyueIIJWD8CCo.roa Signing time: Thu 21 Nov 2024 14:00:17 +0000 ROA not before: Thu 21 Nov 2024 14:00:17 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 57844 IP address blocks: 218.98.86.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 19:51:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4630 (0x1216) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43 Validity Not Before: Nov 21 14:00:17 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B0DAAEC7898DEEB22C924CB2B9E2082560FC082A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c4:38:06:58:68:f2:25:ac:8f:b9:a6:0e:a1: 2f:cc:71:11:0e:47:2d:a0:16:2f:40:40:bd:1b:1e: 25:a2:de:33:cd:95:5c:83:2d:64:ee:a9:ed:e2:c9: 6d:99:cf:9e:44:07:5e:87:61:4a:a8:f6:27:45:4d: 1a:03:04:a7:18:64:85:98:f0:f6:1f:80:17:0c:c4: 4a:47:b3:7a:b7:51:9e:f6:28:63:fb:fc:e1:c1:1d: d1:bd:1b:78:ba:fe:53:ca:46:df:bb:b8:db:4d:15: ea:91:e2:44:7e:f0:d1:5a:5d:01:88:46:74:76:25: 22:39:ea:14:b9:36:b5:1b:05:be:b2:c5:51:ec:b5: f8:fc:0e:12:fb:c4:07:e3:f9:e8:1b:92:bb:0a:39: db:3b:f4:28:09:44:76:3c:71:04:53:f5:38:86:81: 21:af:05:92:da:0c:a7:6c:eb:88:a6:dd:ae:ff:5d: ff:c6:b9:73:c4:86:7e:75:c2:ee:ae:2b:74:29:38: 0d:4a:33:cf:6a:04:ab:5d:14:c4:94:7c:76:a7:20: bf:60:01:32:4a:ea:58:8c:8e:ba:d5:ec:6f:07:88: c9:7b:0c:64:57:cc:68:c4:9f:4c:77:ad:75:5d:71: e6:d7:bd:02:90:c3:95:a3:3f:8e:ef:0e:2f:4b:ac: 0a:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:DA:AE:C7:89:8D:EE:B2:2C:92:4C:B2:B9:E2:08:25:60:FC:08:2A X509v3 Authority Key Identifier: keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/sNqux4mN7rIskkyyueIIJWD8CCo.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 218.98.86.0/24 Signature Algorithm: sha256WithRSAEncryption 27:0b:dd:8e:72:a8:14:ab:65:c7:c3:b6:c0:db:1f:03:0b:4b: a3:9f:b3:97:c4:0a:ee:b3:9a:6e:8e:c8:0e:6d:5e:0b:70:dd: 68:43:72:7d:94:64:04:b4:05:97:f5:05:19:68:ad:13:ed:eb: 0a:ac:a3:92:56:02:04:1d:46:30:54:73:a6:30:38:d2:c6:e8: 5d:cf:22:06:42:e3:cf:b1:60:f2:29:85:50:5b:25:95:6b:f6: 99:08:a2:28:09:f4:15:8f:89:29:48:bc:a3:6c:bb:dd:f8:c0: ca:81:da:4c:fa:22:62:e3:c5:e3:29:38:8c:85:22:ce:ea:ff: cf:39:2f:c0:1f:33:cc:b9:b4:f3:32:82:d4:a6:ae:2c:81:eb: 7c:9a:9e:61:24:85:9a:a2:d1:f6:68:94:ba:b6:32:98:51:45: 02:56:58:7d:4e:2f:fe:e7:cd:0c:4f:85:60:9d:6a:96:96:fa: 2f:35:94:61:17:04:a8:a1:e0:76:eb:d3:3b:1c:8c:ad:50:4e: b2:e0:05:b2:ba:8a:45:da:40:c1:ea:cc:0f:7f:06:6e:18:70: b9:19:63:da:c1:cd:e0:90:55:48:a2:04:04:5c:29:fb:b1:1b: c8:30:60:32:1b:dd:81:54:e1:cb:62:89:74:cd:05:9d:88:a3: 48:cb:27:87 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDExMjEx NDAwMTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEIwREFBRUM3ODk4REVF QjIyQzkyNENCMkI5RTIwODI1NjBGQzA4MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCyxDgGWGjyJayPuaYOoS/McREORy2gFi9AQL0bHiWi3jPNlVyD LWTuqe3iyW2Zz55EB16HYUqo9idFTRoDBKcYZIWY8PYfgBcMxEpHs3q3UZ72KGP7 /OHBHdG9G3i6/lPKRt+7uNtNFeqR4kR+8NFaXQGIRnR2JSI56hS5NrUbBb6yxVHs tfj8DhL7xAfj+egbkrsKOds79CgJRHY8cQRT9TiGgSGvBZLaDKds64im3a7/Xf/G uXPEhn51wu6uK3QpOA1KM89qBKtdFMSUfHanIL9gATJK6liMjrrV7G8HiMl7DGRX zGjEn0x3rXVdcebXvQKQw5WjP47vDi9LrAqzAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUsNqux4mN7rIskkyyueIIJWD8CCowHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvc05xdXg0bU43cklz a2t5eXVlSUlKV0Q4Q0NvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEANpiVjANBgkqhkiG9w0BAQsFAAOCAQEAJwvdjnKoFKtlx8O2wNsfAwtLo5+z l8QK7rOabo7IDm1eC3DdaENyfZRkBLQFl/UFGWitE+3rCqyjklYCBB1GMFRzpjA4 0sboXc8iBkLjz7Fg8imFUFsllWv2mQiiKAn0FY+JKUi8o2y73fjAyoHaTPoiYuPF 4yk4jIUizur/zzkvwB8zzLm08zKC1KauLIHrfJqeYSSFmqLR9miUurYymFFFAlZY fU4v/ufNDE+FYJ1qlpb6LzWUYRcEqKHgduvTOxyMrVBOsuAFsrqKRdpAwerMD38G bhhwuRlj2sHN4JBVSKIEBFwp+7EbyDBgMhvdgVThy2KJdM0FnYijSMsnhw== -----END CERTIFICATE-----Generated at Fri Nov 22 16:05:37 2024 by rpki-client on console-fra.rpki-client.org