$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2309/ttEgkm_ITLlVN8H4AjZQBFs40Fk.roa File: ttEgkm_ITLlVN8H4AjZQBFs40Fk.roa (raw, json) Hash identifier: r0aNuhJ74ZVzwaQQ3EFPIXADTU60WmW/tYCNTKuFZTg= Subject key identifier: B6:D1:20:92:6F:C8:4C:B9:55:37:C1:F8:02:36:50:04:5B:38:D0:59 Certificate issuer: /CN=060C00BF17A55FDB85CAF4578BE833056E028B43 Certificate serial: 11E9 Authority key identifier: 06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/ttEgkm_ITLlVN8H4AjZQBFs40Fk.roa Signing time: Thu 14 Nov 2024 08:20:01 +0000 ROA not before: Thu 14 Nov 2024 08:20:01 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 34549 IP address blocks: 114.66.169.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 14:51:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4585 (0x11e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=060C00BF17A55FDB85CAF4578BE833056E028B43 Validity Not Before: Nov 14 08:20:01 2024 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=B6D120926FC84CB95537C1F8023650045B38D059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1f:bb:87:8c:fa:d6:ff:49:62:5e:d3:56:b1: 5c:b9:c0:d1:d6:b0:88:c6:6c:b0:c9:84:49:e6:ef: 21:c1:88:31:68:ca:d1:8c:b1:1b:66:16:c8:7b:f8: 69:c4:e9:8a:f0:f1:73:4a:1f:52:8a:88:c0:b7:e4: d6:1c:2b:78:16:87:81:f3:7b:51:3a:8a:e4:88:64: e0:92:ca:fe:39:75:fe:60:d1:4c:85:1e:10:d2:8e: 65:79:87:8d:d0:95:50:0b:47:a7:4d:ba:d4:89:36: 58:3f:31:63:be:05:92:75:2c:08:ef:d2:67:e6:0a: f8:99:d4:9a:36:51:a4:9d:d9:a3:23:8a:36:de:6e: ca:b3:b6:5e:13:0c:7d:ce:f2:cd:d0:f4:4d:78:44: f0:95:3d:2a:6b:d0:3f:ee:f8:13:e1:64:aa:35:16: 4f:d6:c2:3a:3a:cc:05:af:d8:82:c8:f3:1d:84:da: 15:b4:7c:52:38:ae:50:b6:ca:cb:1e:fa:bb:53:11: e6:86:5d:b5:8b:48:7d:fe:7d:55:63:22:90:fa:34: 77:83:dd:86:b9:a3:38:d2:d0:79:87:46:2f:84:ae: 7e:55:9b:0b:c4:4e:71:0f:00:2c:6d:dd:f2:5c:7c: 0a:cb:ad:bc:49:8a:ff:92:67:62:e5:bd:65:f5:fd: 85:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:D1:20:92:6F:C8:4C:B9:55:37:C1:F8:02:36:50:04:5B:38:D0:59 X509v3 Authority Key Identifier: keyid:06:0C:00:BF:17:A5:5F:DB:85:CA:F4:57:8B:E8:33:05:6E:02:8B:43 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/BgwAvxelX9uFyvRXi-gzBW4Ci0M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BgwAvxelX9uFyvRXi-gzBW4Ci0M.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2309/ttEgkm_ITLlVN8H4AjZQBFs40Fk.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 114.66.169.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:92:98:ef:77:da:cd:52:55:19:f1:b7:2b:3e:17:87:bf:57: cf:11:9c:80:dd:cf:9d:f3:09:b5:e3:e5:a3:a5:2b:67:f8:ea: 20:96:dc:64:f8:22:23:c3:69:7a:7b:5b:98:bc:65:52:ae:d4: e4:65:dd:bd:5f:09:e3:a2:ad:0d:be:c2:d8:42:ea:c1:a0:d5: c1:a9:70:b7:84:4d:7d:e3:8c:a2:66:46:bd:7b:a8:64:5b:f3: 86:ec:02:dc:3a:09:93:da:6e:df:08:e0:e1:47:0c:ed:21:6e: 60:02:9d:eb:ec:7e:69:29:2a:78:22:ca:aa:e9:3b:00:e5:31: f0:05:64:de:3c:68:a0:c7:f8:ee:24:dc:bf:1d:3e:54:75:c1: 7d:59:4d:30:53:2d:7d:6b:c9:80:cf:87:1f:38:ac:54:d3:28: 21:62:62:a0:ac:83:9b:bb:12:b9:6e:3d:f7:70:5d:3c:72:1d: 2d:00:72:d0:05:e2:45:64:56:ff:80:d7:f1:20:8e:83:ad:b5: fc:4e:be:24:fd:1a:41:2e:73:27:8e:83:bf:e6:c3:5b:fe:4c: 73:9d:d1:6f:5b:ba:03:02:3d:22:fc:6a:cf:29:8d:b3:9a:9d: 72:90:90:da:8b:e2:ec:58:fe:3e:e0:36:e6:c3:33:31:7c:f1: 7a:6a:71:04 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICEekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYw QzAwQkYxN0E1NUZEQjg1Q0FGNDU3OEJFODMzMDU2RTAyOEI0MzAeFw0yNDExMTQw ODIwMDFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKEI2RDEyMDkyNkZDODRD Qjk1NTM3QzFGODAyMzY1MDA0NUIzOEQwNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC9H7uHjPrW/0liXtNWsVy5wNHWsIjGbLDJhEnm7yHBiDFoytGM sRtmFsh7+GnE6Yrw8XNKH1KKiMC35NYcK3gWh4Hze1E6iuSIZOCSyv45df5g0UyF HhDSjmV5h43QlVALR6dNutSJNlg/MWO+BZJ1LAjv0mfmCviZ1Jo2UaSd2aMjijbe bsqztl4TDH3O8s3Q9E14RPCVPSpr0D/u+BPhZKo1Fk/Wwjo6zAWv2ILI8x2E2hW0 fFI4rlC2ysse+rtTEeaGXbWLSH3+fVVjIpD6NHeD3Ya5ozjS0HmHRi+Ern5VmwvE TnEPACxt3fJcfArLrbxJiv+SZ2LlvWX1/YXFAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUttEgkm/ITLlVN8H4AjZQBFs40FkwHwYDVR0jBBgwFoAUBgwAvxelX9uFyvRX i+gzBW4Ci0MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMw OS9CZ3dBdnhlbFg5dUZ5dlJYaS1nekJXNENpME0uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL0Jnd0F2eGVsWDl1Rnl2UlhpLWd6Qlc0Q2kwTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMDkvdHRFZ2ttX0lUTGxW TjhINEFqWlFCRnM0MEZrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAHJCqTANBgkqhkiG9w0BAQsFAAOCAQEAP5KY73fazVJVGfG3Kz4Xh79XzxGc gN3PnfMJtePlo6UrZ/jqIJbcZPgiI8NpentbmLxlUq7U5GXdvV8J46KtDb7C2ELq waDVwalwt4RNfeOMomZGvXuoZFvzhuwC3DoJk9pu3wjg4UcM7SFuYAKd6+x+aSkq eCLKquk7AOUx8AVk3jxooMf47iTcvx0+VHXBfVlNMFMtfWvJgM+HHzisVNMoIWJi oKyDm7sSuW4993BdPHIdLQBy0AXiRWRW/4DX8SCOg621/E6+JP0aQS5zJ46Dv+bD W/5Mc53Rb1u6AwI9IvxqzymNs5qdcpCQ2ovi7Fj+PuA25sMzMXzxempxBA== -----END CERTIFICATE-----Generated at Fri Nov 22 09:42:20 2024 by rpki-client on console-ams.rpki-client.org